Presentation is loading. Please wait.

Presentation is loading. Please wait.

CSE 7315 - SW Project Management / Module 25 - Risk Management Overview Copyright © 1995-2001, Dennis J. Frailey, All Rights Reserved CSE7315M25 Slide.

Published byVincent Lang Modified over 8 years ago

Similar presentations

Presentation on theme: "CSE 7315 - SW Project Management / Module 25 - Risk Management Overview Copyright © 1995-2001, Dennis J. Frailey, All Rights Reserved CSE7315M25 Slide."— Presentation transcript:

1 CSE 7315 - SW Project Management / Module 25 - Risk Management Overview Copyright © 1995-2001, Dennis J. Frailey, All Rights Reserved CSE7315M25 Slide 1 January 10, 2001 SMU CSE 7315 / NTU SE 584-N Planning and Managing a Software Project Module 25 Risk Management Overview

2 CSE7315M25 Slide # 2 January 10, 2001 CSE 7315 - SW Project Management / Module 25 - Risk Management Overview Copyright © 1995-2001, Dennis J. Frailey, All Rights Reserved Objectives of This Module To discuss risk management principles, outline the risk management process, and discuss two methods of risk management To review some examples of software risks and risk management

3 CSE7315M25 Slide # 3 January 10, 2001 CSE 7315 - SW Project Management / Module 25 - Risk Management Overview Copyright © 1995-2001, Dennis J. Frailey, All Rights Reserved Outline of This Module 1) Overview - The Risk Management Process 2) Risk Examples text, chapters 5, 6 Boehm, Barry, Software Risk Management, IEEE Computer Society Press, 1989, ISBN 0-8186-8906-4

4 CSE7315M25 Slide # 4 January 10, 2001 CSE 7315 - SW Project Management / Module 25 - Risk Management Overview Copyright © 1995-2001, Dennis J. Frailey, All Rights Reserved Risk Management is Continuous Manage Risks Define the Approach Generate Detailed Plans Understand the Need Execute and Monitor

5 CSE7315M25 Slide # 5 January 10, 2001 CSE 7315 - SW Project Management / Module 25 - Risk Management Overview Copyright © 1995-2001, Dennis J. Frailey, All Rights Reserved Software Management: A Framework for Risk Management Software Development Risk Management Project Management

6 CSE7315M25 Slide # 6 January 10, 2001 CSE 7315 - SW Project Management / Module 25 - Risk Management Overview Copyright © 1995-2001, Dennis J. Frailey, All Rights Reserved Another Model of the Risk Management Process Understand Needs Generate Detailed Plans Define Approach Evaluate & Re-plan Risk Management

7 CSE 7315 - SW Project Management / Module 25 - Risk Management Overview Copyright © 1995-2001, Dennis J. Frailey, All Rights Reserved CSE7315M25 Slide 7 January 10, 2001 The Risk Management Process 1) Risk Assessment (4 activities) 2) Risk Control (2 activities)

8 CSE7315M25 Slide # 8 January 10, 2001 CSE 7315 - SW Project Management / Module 25 - Risk Management Overview Copyright © 1995-2001, Dennis J. Frailey, All Rights Reserved Risk Assessment (This is done as part of planning) A) Risk Identification - What are the risks? B) Risk Analysis - What is the likelihood & impact? C) Risk Prioritization - Which risks are most serious? D) Risk Planning & Mitigation - Minimizing impact - Planning contingency actions

9 CSE7315M25 Slide # 9 January 10, 2001 CSE 7315 - SW Project Management / Module 25 - Risk Management Overview Copyright © 1995-2001, Dennis J. Frailey, All Rights Reserved Risk Control (This is done as part of project execution) A) Risk Monitoring - Watching to see if risks happen B) Risk Abatement - Counteracting risks - Taking contingency actions

10 CSE7315M25 Slide # 10 January 10, 2001 CSE 7315 - SW Project Management / Module 25 - Risk Management Overview Copyright © 1995-2001, Dennis J. Frailey, All Rights Reserved Risk Management Methods There are several recommended methods in the literature Here we will discuss two: -- Barry Boehm’s Method -- widely known -- very pragmatic approach -- combines assessment with control -- Dennis Frailey’s Method -- somewhat more comprehensive -- derived from DoD Standards for defense system software development

11 CSE7315M25 Slide # 11 January 10, 2001 CSE 7315 - SW Project Management / Module 25 - Risk Management Overview Copyright © 1995-2001, Dennis J. Frailey, All Rights Reserved Top 10 Risks on Project Alpha 1. Staffing 2. Late Hardware 3. Requirements Definition 4. Real-time perf- Boehm’s Method of Risk Management (5 steps) Risk Assessment (steps 1-2): 1) Identify the top 10 risk items (identification, analysis and prioritization) 2) Present a plan to resolve each of the top 10 items (mitigation; planning for control)

12 CSE7315M25 Slide # 12 January 10, 2001 CSE 7315 - SW Project Management / Module 25 - Risk Management Overview Copyright © 1995-2001, Dennis J. Frailey, All Rights Reserved Boehm’s Method (continued) Risk Control (steps 3-5): 3) Update the list and the plan monthly (monitoring) 4) Highlight the risk items at monthly project reviews (monitoring) 5) Initiate corrective action for risks that occur ( abatement) [6) Follow-up until the issue is resolved]

13 CSE7315M25 Slide # 13 January 10, 2001 CSE 7315 - SW Project Management / Module 25 - Risk Management Overview Copyright © 1995-2001, Dennis J. Frailey, All Rights Reserved Frailey’s Method of Risk Management (11 steps) Risk Assessment (steps 1-7) – Identification (Step 1) – Analysis (Step 2- 4) – Prioritization (Step 5) – Planning (Step 6,7) Risk Control (steps 8-11) – Monitor (Step 8, 10) – Abatement (Step 9) – Planning (Step 11)

14 CSE 7315 - SW Project Management / Module 25 - Risk Management Overview Copyright © 1995-2001, Dennis J. Frailey, All Rights Reserved CSE7315M25 Slide 14 January 10, 2001 Risk Assessment Frailey Method (steps 1-7)

15 CSE7315M25 Slide # 15 January 10, 2001 CSE 7315 - SW Project Management / Module 25 - Risk Management Overview Copyright © 1995-2001, Dennis J. Frailey, All Rights Reserved 1) Identify all Risk Elements (risk identification) Risk Elements consist of: – things that can go wrong – patterns of risk change over the lifecycle for example, cost estimating risks occur early, whereas risks of staff burnout occur later If it has already happened, or is certain to happen, it is a problem, not a risk!

16 CSE7315M25 Slide # 16 January 10, 2001 CSE 7315 - SW Project Management / Module 25 - Risk Management Overview Copyright © 1995-2001, Dennis J. Frailey, All Rights Reserved Notes Most risk identification is performed as a part of other planning processes (see the previous chapters in these notes) But it is also good to have a pro-active attempt to identify all risks in case something “fell through the cracks”

17 CSE7315M25 Slide # 17 January 10, 2001 CSE 7315 - SW Project Management / Module 25 - Risk Management Overview Copyright © 1995-2001, Dennis J. Frailey, All Rights Reserved Risk Identification Meeting A supplementary meeting to identify risks – Some may have been overlooked – The meeting also helps to focus attention on risk issues Identify the patterns of risk – Risk patterns change over the lifecycle – For example, cost estimating risks occur early, whereas risks of staff burnout occur later

18 CSE7315M25 Slide # 18 January 10, 2001 CSE 7315 - SW Project Management / Module 25 - Risk Management Overview Copyright © 1995-2001, Dennis J. Frailey, All Rights Reserved Recall How All Planning Activities Identify Risks Manage Risks Define the Approach Generate Detailed Plans Understand the Need Execute and Monitor

19 CSE7315M25 Slide # 19 January 10, 2001 CSE 7315 - SW Project Management / Module 25 - Risk Management Overview Copyright © 1995-2001, Dennis J. Frailey, All Rights Reserved 2) Partition Into Categories (Analysis) Sample Categories: -- cost risks -- schedule risks -- other management risks -- technical risks -- other risks specific to the situation, such as safety or security risks One Risk may have multiple categories – Estimating inaccuracies can lead to cost and schedule risks

20 CSE7315M25 Slide # 20 January 10, 2001 CSE 7315 - SW Project Management / Module 25 - Risk Management Overview Copyright © 1995-2001, Dennis J. Frailey, All Rights Reserved Why Partition Into Categories? Risks may need to be prioritized as demanded by the situation – “continue at any cost” vs. “only do if low cost” Different categories of risks may require different mitigation approaches – Technical risks may require performance analysis – Schedule risks may require process changes

21 CSE7315M25 Slide # 21 January 10, 2001 CSE 7315 - SW Project Management / Module 25 - Risk Management Overview Copyright © 1995-2001, Dennis J. Frailey, All Rights Reserved Other Reasons to Partition Risks into Categories Different people may be concerned about different risks – Technical lead vs. – Finance manager vs. – End user waiting for delivery Different people may be responsible for different risks

22 CSE7315M25 Slide # 22 January 10, 2001 CSE 7315 - SW Project Management / Module 25 - Risk Management Overview Copyright © 1995-2001, Dennis J. Frailey, All Rights Reserved 3) Identify Contributing Factors (Analysis) Many risks can occur in several ways If you aren’t careful, you will only be looking for one of the ways

23 CSE7315M25 Slide # 23 January 10, 2001 CSE 7315 - SW Project Management / Module 25 - Risk Management Overview Copyright © 1995-2001, Dennis J. Frailey, All Rights Reserved Example of Multiple Contributing Factors Risk: Not enough memory to hold the software Contributing Factors: Size of computer memory Expertise of programming staff Efficiency of compiler Choice of algorithms Operating system

24 CSE7315M25 Slide # 24 January 10, 2001 CSE 7315 - SW Project Management / Module 25 - Risk Management Overview Copyright © 1995-2001, Dennis J. Frailey, All Rights Reserved Using a Hierarchy of Contributing Factors Each risk can be seen as a contributing factor to a larger risk The top level risk is that the project will fail Sometimes it helps to use a hierarchy to organize risks and contributing factors (See next slide)

25 CSE7315M25 Slide # 25 January 10, 2001 CSE 7315 - SW Project Management / Module 25 - Risk Management Overview Copyright © 1995-2001, Dennis J. Frailey, All Rights Reserved A Sample Risk Hierarchy StaffingFunding... Processor Too Slow... Size of Memory Programming Experience Compiler Efficiency Choice of Algorithms Memory Too Small Performance Failure Project Failure

26 CSE7315M25 Slide # 26 January 10, 2001 CSE 7315 - SW Project Management / Module 25 - Risk Management Overview Copyright © 1995-2001, Dennis J. Frailey, All Rights Reserved 4) Identify Potential Risk Monitoring & Mitigation Plans (Analysis) This must be done for each contributing factor See next slides for examples

27 CSE7315M25 Slide # 27 January 10, 2001 CSE 7315 - SW Project Management / Module 25 - Risk Management Overview Copyright © 1995-2001, Dennis J. Frailey, All Rights Reserved Potential Risk Mitigation Plan Risk: memory size inadequate Factor: Compiler produces bloated code Potential mitigation: Choose a more efficient compiler Negotiate improvements with vendor Factor: Inexperienced programmers Potential mitigation: Training program Use more experienced programming staff

28 CSE7315M25 Slide # 28 January 10, 2001 CSE 7315 - SW Project Management / Module 25 - Risk Management Overview Copyright © 1995-2001, Dennis J. Frailey, All Rights Reserved Multiple Risks with One Approach Risk: memory size inadequate Factor: Compiler produces bloated code Factor: Inexperienced programmers Potential mitigation that applies to both: Select a larger memory size Potential monitoring that applies to both: Track size estimates monthly Update at each major milestone

29 CSE7315M25 Slide # 29 January 10, 2001 CSE 7315 - SW Project Management / Module 25 - Risk Management Overview Copyright © 1995-2001, Dennis J. Frailey, All Rights Reserved 5) Rank and Prioritize Each Risk (Prioritization) Prioritize on the basis of probability (how likely) and impact You cannot prevent all risks - focus on the big ones

30 CSE7315M25 Slide # 30 January 10, 2001 CSE 7315 - SW Project Management / Module 25 - Risk Management Overview Copyright © 1995-2001, Dennis J. Frailey, All Rights Reserved 6) Identify Monitoring Procedures for Each Risk (Planning for control) Determine how to tell if it is a problem; how frequently to monitor; etc. Example: monitor projected size vs. memory limits on a monthly basis

31 CSE7315M25 Slide # 31 January 10, 2001 CSE 7315 - SW Project Management / Module 25 - Risk Management Overview Copyright © 1995-2001, Dennis J. Frailey, All Rights Reserved 7) Develop a Contingency Plan (Planning) Identify what to do if the risk occurs despite your mitigation efforts Risk: memory size exceeded Contingency Plan: Switch to a slower but smaller algorithm Use a more efficient compiler Use a smaller operating system Use larger memory size

32 CSE 7315 - SW Project Management / Module 25 - Risk Management Overview Copyright © 1995-2001, Dennis J. Frailey, All Rights Reserved CSE7315M25 Slide 32 January 10, 2001 Risk Control Frailey Method (steps 8-11)

33 CSE7315M25 Slide # 33 January 10, 2001 CSE 7315 - SW Project Management / Module 25 - Risk Management Overview Copyright © 1995-2001, Dennis J. Frailey, All Rights Reserved Review Status and Take Action (Steps 8, 9) 8) Review status of risks at periodic reviews (Monitor) – Metrics – Changes in impact analysis 9) Take appropriate action when called for (Abatement) – Closer monitoring – Contingency activities

34 CSE7315M25 Slide # 34 January 10, 2001 CSE 7315 - SW Project Management / Module 25 - Risk Management Overview Copyright © 1995-2001, Dennis J. Frailey, All Rights Reserved “Do Your Homework” (Steps 10, 11) 10) Track all actions to closure (Monitoring) – Don’t forget about them 11) Update the plan (Planning) – Keep it consistent with current knowledge and status

35 CSE7315M25 Slide # 35 January 10, 2001 CSE 7315 - SW Project Management / Module 25 - Risk Management Overview Copyright © 1995-2001, Dennis J. Frailey, All Rights Reserved Beware of Subcontractors and Co-contractors Risk management applies to these as well Include risk management elements in contracts We want to monitor your risks Just trust us

36 CSE7315M25 Slide # 36 January 10, 2001 CSE 7315 - SW Project Management / Module 25 - Risk Management Overview Copyright © 1995-2001, Dennis J. Frailey, All Rights Reserved The Risk Management Process In Detail (next module) Risk Assessment – Risk Identification – Risk Analysis – Risk Prioritization – Risk Planning & Mitigation (contingency planning) Risk Control – Risk Monitoring – Risk Abatement

37 CSE 7315 - SW Project Management / Module 25 - Risk Management Overview Copyright © 1995-2001, Dennis J. Frailey, All Rights Reserved CSE7315M25 Slide 37 January 10, 2001 Risk Examples

38 CSE7315M25 Slide # 38 January 10, 2001 CSE 7315 - SW Project Management / Module 25 - Risk Management Overview Copyright © 1995-2001, Dennis J. Frailey, All Rights Reserved Risk Example #1 “Getting Started on the PC” To be subcontracted Need: something that will make our PC stand out to new users -- must have pizzazz Risk Identification: Vendor A: best product, positive attitude, but in financial jeopardy Vendor B: mediocre product, sound finances, blasé attitude

39 CSE7315M25 Slide # 39 January 10, 2001 CSE 7315 - SW Project Management / Module 25 - Risk Management Overview Copyright © 1995-2001, Dennis J. Frailey, All Rights Reserved Analysis and Prioritization Only vendor A can do the job – Mediocre product will not fill the bill But the whole project could fail if they go out of business prematurely

40 CSE7315M25 Slide # 40 January 10, 2001 CSE 7315 - SW Project Management / Module 25 - Risk Management Overview Copyright © 1995-2001, Dennis J. Frailey, All Rights Reserved Risks and Mitigation Product must appeal (“flash and dash”) – End user tests, focus groups Deadline is very short – Incentive clause – Incremental deliveries Vendor financial instability – Ownership of key resources if they fail – Weekly deliveries of in-progress work – Monthly visits to site

41 CSE7315M25 Slide # 41 January 10, 2001 CSE 7315 - SW Project Management / Module 25 - Risk Management Overview Copyright © 1995-2001, Dennis J. Frailey, All Rights Reserved The Risk We Overlooked! The biggest problem turned out to be our own technical staff – They distrusted the results of focus groups with real end-users – They did not provide enough “ease of use” features, even though the subcontractor and the focus groups recommended this

42 CSE7315M25 Slide # 42 January 10, 2001 CSE 7315 - SW Project Management / Module 25 - Risk Management Overview Copyright © 1995-2001, Dennis J. Frailey, All Rights Reserved Risk Example #2 Embedded Flight Control Software Need: high performance, embedded, real- time software for flight control Risk Identification: Memory size very limited - might not be enough – Compiler is new – Requirements are unstable Processor may be too slow Shortage of programmers for this processor Schedule very tight

43 CSE7315M25 Slide # 43 January 10, 2001 CSE 7315 - SW Project Management / Module 25 - Risk Management Overview Copyright © 1995-2001, Dennis J. Frailey, All Rights Reserved Risk Mitigation - Memory Size Compiler Performance – Evaluation of alternatives before selecting – Backup vendor (different host system) – Assembly language option Requirements Stability – Evolutionary lifecycle with prototype – Strong requirements control Other – Design hardware to allow larger memory – Use a smaller operating system

44 CSE7315M25 Slide # 44 January 10, 2001 CSE 7315 - SW Project Management / Module 25 - Risk Management Overview Copyright © 1995-2001, Dennis J. Frailey, All Rights Reserved Risk Mitigation - Processor Speed Prototype of key algorithms Design to allow faster clock Plan to monitor performance regularly, starting with simulation of design model Consider alternative processor design Consider use of multiple processors

45 CSE7315M25 Slide # 45 January 10, 2001 CSE 7315 - SW Project Management / Module 25 - Risk Management Overview Copyright © 1995-2001, Dennis J. Frailey, All Rights Reserved Risk Mitigation - Staff Experience List of programs we can borrow people from Training plan Prototype on target hardware, for experience

46 CSE7315M25 Slide # 46 January 10, 2001 CSE 7315 - SW Project Management / Module 25 - Risk Management Overview Copyright © 1995-2001, Dennis J. Frailey, All Rights Reserved Risk Mitigation - Schedule Incremental delivery negotiated with customer Do operating system first – Relatively stable – Can start before requirements for application are complete – Development work provides target processor experience for staff

47 CSE7315M25 Slide # 47 January 10, 2001 CSE 7315 - SW Project Management / Module 25 - Risk Management Overview Copyright © 1995-2001, Dennis J. Frailey, All Rights Reserved Summary of Module 1) Risk Assessment – Done as part of project planning – Continues throughout the project – Includes planning for risk control 2) Risk Control – Done as part of project execution – You must respond promptly when monitoring indicates a problem A risk management plan is an important part of planning

48 CSE7315M25 Slide # 48 January 10, 2001 CSE 7315 - SW Project Management / Module 25 - Risk Management Overview Copyright © 1995-2001, Dennis J. Frailey, All Rights Reserved Possible Exam Questions  Explain the difference between risk mitigation and risk abatement  Explain why a risk management plan should be documented  Explain why a risk management plan should be periodically revisited  Explain why one would go to all the trouble to write a risk management plan when it tells your manager and your customer that you have a risky project

49 CSE7315M25 Slide # 49 January 10, 2001 CSE 7315 - SW Project Management / Module 25 - Risk Management Overview Copyright © 1995-2001, Dennis J. Frailey, All Rights Reserved END OF MODULE 25

Download ppt "CSE 7315 - SW Project Management / Module 25 - Risk Management Overview Copyright © 1995-2001, Dennis J. Frailey, All Rights Reserved CSE7315M25 Slide."

Similar presentations

Software Quality Assurance Plan

Software Quality Assurance Plan
Software Process Models

Software Process Models
Supporting people with a learning disability Introduction to Project Management Presenter: Steve Raw FInstLM, FCMI.

Supporting people with a learning disability Introduction to Project Management Presenter: Steve Raw FInstLM, FCMI.
W5HH Principle As applied to Software Projects

W5HH Principle As applied to Software Projects
Lab/Sessional -CSE-374. SYSTEM DEVELOPMENT LIFE CYCLE.

Lab/Sessional -CSE-374. SYSTEM DEVELOPMENT LIFE CYCLE.
Projmgmt-1/33 DePaul University Project Management I - Risk Management Instructor: David A. Lash.

Projmgmt-1/33 DePaul University Project Management I - Risk Management Instructor: David A. Lash.
R R R CSE870: Advanced Software Engineering (Cheng): Intro to Software Engineering1 Advanced Software Engineering Dr. Cheng Overview of Software Engineering.

R R R CSE870: Advanced Software Engineering (Cheng): Intro to Software Engineering1 Advanced Software Engineering Dr. Cheng Overview of Software Engineering.
Chapter 8 Risk Analysis Management of Computer System Performance.

Chapter 8 Risk Analysis Management of Computer System Performance.
1 SOFTWARE PRODUCTION. 2 DEVELOPMENT Product Creation Means: Methods & Heuristics Measure of Success: Quality f(Fitness of Use) MANAGEMENT Efficient &

1 SOFTWARE PRODUCTION. 2 DEVELOPMENT Product Creation Means: Methods & Heuristics Measure of Success: Quality f(Fitness of Use) MANAGEMENT Efficient &
Software Process and Product Metrics

Software Process and Product Metrics
Project Risk Management Risk Mitigation. Risk Management  The prime objective of risk management is to minimize the impact and probability of the occurrence.

Project Risk Management Risk Mitigation. Risk Management  The prime objective of risk management is to minimize the impact and probability of the occurrence.
Don Cole Risk Assessment and Mitigation Project Management for ARA Engineers and Scientists.

Don Cole Risk Assessment and Mitigation Project Management for ARA Engineers and Scientists.
Chapter 3 Project Management

Chapter 3 Project Management
Project Risk Management. The Importance of Project Risk Management Project risk management is the art and science of identifying, analyzing, and responding.

Project Risk Management. The Importance of Project Risk Management Project risk management is the art and science of identifying, analyzing, and responding.
Project Risk Management Supplement. The Importance of Project Risk Management  Project risk management is the art and science of identifying, assigning,

Project Risk Management Supplement. The Importance of Project Risk Management  Project risk management is the art and science of identifying, assigning,
Chapter 10 Contemporary Project Management Kloppenborg

Chapter 10 Contemporary Project Management Kloppenborg
Risk Management Project Management Digital Media Department Unit Credit Value : 4 Essential Learning time : 120 hours.

Risk Management Project Management Digital Media Department Unit Credit Value : 4 Essential Learning time : 120 hours.
1 Project Risk Management Project Risk Management Dr. Said Abu Jalala.

1 Project Risk Management Project Risk Management Dr. Said Abu Jalala.
Chapter 11: Project Risk Management

Chapter 11: Project Risk Management
1 TenStep Project Management Process ™ PM00.7 PM00.7 Project Management Preparation for Success * Manage Risk *

1 TenStep Project Management Process ™ PM00.7 PM00.7 Project Management Preparation for Success * Manage Risk *

Similar presentations

Ads by Google