Download presentation
Presentation is loading. Please wait.
1
Creator: ACSession No: 9 Slide No: 1Reviewer: SS CSE300Advanced Software EngineeringNovember 2005 Risk Management CSE300 Advanced Software Engineering University of Sunderland © 2005 Anne Comer anne.comer@sunderland.ac.uk
2
CSE300Advanced Software EngineeringNovember 2005 Creator/Editor: ACSession No:9 Slide No: 2Reviewer: SS Objectives for this Lecture 1.To define risk and risk management 2.To review the SEI’s risk management paradigm 3.Identify Boehm’s top ten risk items 4.Look at risk identification 5.Identify further sources
3
CSE300Advanced Software EngineeringNovember 2005 Creator/Editor: ACSession No:9 Slide No: 3Reviewer: SS What is Risk? Risks are different from other events in a project, in that there is; –a loss associated with the event, –a probability associated with the event, –a chance to change the outcome. RISK = (Probability x Consequential loss) R = (p x £)
4
CSE300Advanced Software EngineeringNovember 2005 Creator/Editor: ACSession No:9 Slide No: 4Reviewer: SS Risk Management Risk Assessment –Identification –Analysis –Prioritisation Risk Control –Reduction –Management Planning –Resolution
5
CSE300Advanced Software EngineeringNovember 2005 Creator/Editor: ACSession No:9 Slide No: 5Reviewer: SS
6
CSE300Advanced Software EngineeringNovember 2005 Creator/Editor: ACSession No:9 Slide No: 6Reviewer: SS The SEI Risk Management Paradigm ControlIdentify Analyze Plan Track Communicate
7
CSE300Advanced Software EngineeringNovember 2005 Creator/Editor: ACSession No:9 Slide No: 7Reviewer: SS step 1 - Identify Locate risks before they become problems and adversely affect the project. “It’s harder to ignore if it’s written down”
8
CSE300Advanced Software EngineeringNovember 2005 Creator/Editor: ACSession No:9 Slide No: 8Reviewer: SS step 2 - Analyze Turn the raw risk data into decision making information –i.e. understanding the risk Allows managers to work on the right risks
9
CSE300Advanced Software EngineeringNovember 2005 Creator/Editor: ACSession No:9 Slide No: 9Reviewer: SS step 3 - Plan Turn risk information into decisions and actions (both present and future) to : –develop a contingency plan –avoid risk by changing design –accept risk and take consequences –study risk further
10
CSE300Advanced Software EngineeringNovember 2005 Creator/Editor: ACSession No:9 Slide No: 10Reviewer: SS step 4 - Track Monitor the status of risks and action taken against risks Develop risk metrics and triggering events
11
CSE300Advanced Software EngineeringNovember 2005 Creator/Editor: ACSession No:9 Slide No: 11Reviewer: SS step 5 - Control Correct for deviations from the planned risk actions
12
CSE300Advanced Software EngineeringNovember 2005 Creator/Editor: ACSession No:9 Slide No: 12Reviewer: SS Communication Provide feedback on the active risk activities among the paradigm elements and within the project i.e. TELL both developers and customers about the risks you've found, and what your doing to manage them.
13
CSE300Advanced Software EngineeringNovember 2005 Creator/Editor: ACSession No:9 Slide No: 13Reviewer: SS Boehm’s Top Ten Risk Items Personnel Shortfalls Unrealistic Schedules and Budgets Developing the wrong software functions Developing the wrong user interface Gold-plating Continuing stream of requirements changes Shortfalls in externally-performed tasks Shortfalls in externally-furnished components Real-time performance shortfalls Straining comp. sci., or s/w eng. capabilities
14
CSE300Advanced Software EngineeringNovember 2005 Creator/Editor: ACSession No:9 Slide No: 14Reviewer: SS Risk Identification Three major classes of risk: –Product Engineering Technical aspects of the work to be accomplished –Development Environment Methods, procedures & tools used –Program Constraints Contractual, organisational and operational factors (see ‘ Taxonomy Based Risk Identification’, slide 20 )
15
CSE300Advanced Software EngineeringNovember 2005 Creator/Editor: ACSession No:9 Slide No: 15Reviewer: SS Software Development Risk Development EnvironmentProgram ConstraintsProduct Engineering Requirements…. …… Development Process.. Resources... Schedule….Facilities...
16
CSE300Advanced Software EngineeringNovember 2005 Creator/Editor: ACSession No:9 Slide No: 16Reviewer: SS Product Engineering Class Requirements Design Code and Unit Test Integration and Test Engineering Specialities (e.g. Safety) (see slide 15)
17
CSE300Advanced Software EngineeringNovember 2005 Creator/Editor: ACSession No:9 Slide No: 17Reviewer: SS Development Environment Class Development Process –e.g. Planning the product development Development System –e.g. CASE tools Management Process –e.g. Budgets & Schedules Management Methods –e.g. Personnel Management Work Environment –e.g. Morale! (see slide 15)
18
CSE300Advanced Software EngineeringNovember 2005 Creator/Editor: ACSession No:9 Slide No: 18Reviewer: SS Program Constraint Class Resources –e.g. staff, budget etc. Contract –terms and conditions Program Interfaces –customers, contractors, etc. (see slide 15)
19
CSE300Advanced Software EngineeringNovember 2005 Creator/Editor: ACSession No:9 Slide No: 19Reviewer: SS The SEI Risk Management Paradigm The SEI risk management paradigm can be referred to at the following URLs: http://www.sei.cmu.edu/risk/overview.html http://www.sei.cmu.edu/risk/paradigm.html http://www.sei.cmu.edu/risk/principles.html Risk management reports can be found at the following URL: http://www.sei.cmu.edu/risk/documents.html
20
CSE300Advanced Software EngineeringNovember 2005 Creator/Editor: ACSession No:9 Slide No: 20Reviewer: SS Taxonomy Based Risk Identification Technical Report CMU/SEI-93-TR-006 “This report describes a method for facilitating the systematic and repeatable identification of risks associated with the development of a software-dependent project.” http://www.sei.cmu.edu/pub/documents/93.reports/pdf/tr06.93.pdf (see slide 15)
Similar presentations
