Presentation is loading. Please wait.

Presentation is loading. Please wait.

Simranjeet Kaur1 Fundamentals of Software Risk Management.

Published byCathleen Banks Modified over 9 years ago

Similar presentations

Presentation on theme: "Simranjeet Kaur1 Fundamentals of Software Risk Management."— Presentation transcript:

1 Simranjeet Kaur1 Fundamentals of Software Risk Management

2 Simranjeet Kaur2 Why do software projects go wrong? Inadequate understanding of customer needs Poor requirements documents Poor requirements management Poor or no architecture/design Code first and ask questions later Poorly understood legacy design/code No peer reviews to catch problems early Inexperienced or incapable personnel Ineffective testing – misses serious defects …

3 Simranjeet Kaur3 Software Risk Management Risk Management is a practice with processes, methods, and tools for managing risks in a project.

4 Simranjeet Kaur4 What is risk? A risk is a possibility of loss. Undesirable outcome. Missed opportunity.

5 Simranjeet Kaur5 Anatomy of a risk Risk Probability of occurrence Consequence: size of loss

6 Simranjeet Kaur6 Classification of software risks Software Project Risks –Resource constraints, external interfaces, supplier relationships, nonperforming vendors, internal politics, interteam/intergroup coordination problems, inadequate funding. Software Process Risks –Undocumented software process, lack of effective peer reviews, no defect prevention, poor design process, poor requirements management, ineffective planning. Software Product Risks –Lack of domain expertise, complex design, poorly defined interfaces, poorly understood legacy system(s), vague or incomplete requirements.

7 Simranjeet Kaur7 The Risk Management Process Identify risks Resolve risks Analyze risks Plan for risks Track risks Learn about risks Risk Knowledge Base

8 Simranjeet Kaur8 Identification: Discovery Team Brainstorming Risk Knowledge Base Walkthroughs Spurious

9 Simranjeet Kaur9 Identification: Quantification Risk Exposure = Probability x Consequence

10 Simranjeet Kaur10 Calculating Risk Exposure FactorPCRE Late delivery from COTS vendor ACME0.2528 days7 days ACME API integration delay0.615 days9 days Additional unit testing needed; 3% more classes than first estimated 0.920 days18 days Beta test group reports that they may not be able to fit us into their pipeline until May 1 instead of April 1 0.530 days15 days TOTAL RISK EXPOSURE49 days Note: For simplicity, all risk consequences are calendar time delays.

11 Simranjeet Kaur11 Perceived Probability Almost certainly Highly likely Very good chance Probable Likely Probably We believe Better than even We doubt Improbable Unlikely Probably not Little chance Almost no chance Highly unlikely Chances are slight 0.1.2.3.4.5.6.7.8.9 1.0 Adapted from Managing Risk: Methods for Software Systems Development by Elaine M. Hall, Addison-Wesley 1998

12 Simranjeet Kaur12 Why quantify risk –Allows solution ideas to be evaluated more critically –Encourages design awareness of risk –Allows feedback on risks we missed –Allows feedback on impact of risks we anticipated –Allows us to allocate resources to deal with risks –Allows us to determine whether a risk is acceptable

13 Simranjeet Kaur13 Identification: Documentation Header Assessment Action Plan Tracking Resolution ProjectName of project DateDate of entry Risk nameName of risk Risk categoryType of risk ProbabilityLikelihood of occurrence ConsequenceSeverity of impact OriginatorWho reported this risk Phase/activityWhere in software process WBS ElementWBS relationship Adapted from Managing Risk: Methods for Software Systems Development by Elaine M. Hall, Addison-Wesley 1998

14 Simranjeet Kaur14 Identification: Communication Notify all affected stakeholders: Customers Project/Program Manager Fellow Team Members Management Marketing Sales Customer Support Finance Quality Assurance SEPG …

15 Simranjeet Kaur15 Analysis of risks: Questions –How severe is the consequence? –How likely is the occurrence? –Is the risk exposure acceptable? –How soon must the risk be dealt with? –What is causing the risk? –Are there similarities between risks? –Are there dependency relationships? –What are the risk drivers?

16 Simranjeet Kaur16 Analysis of risks: Activities Grouping –Eliminate redundant risks; Combine related risks; Link dependent risks Determining risk drivers –Underlying factors that affect severity of consequence –May affect estimation of probability, consequence, risk exposure –Increases understanding of how risks can be mitigated Ranking –Order of likelihood, consequence, exposure, time frame Determining root causes (sources of risk) –Old-fashion root cause analysis, –Identify common root causes

17 Simranjeet Kaur17 Analysis: Documentation Header Assessment Action Plan Tracking Resolution Adapted from Managing Risk: Methods for Software Systems Development by Elaine M. Hall, Addison-Wesley 1998 StatementBrief description of risk ContextWhen, where, how, why AnalysisImpact on project

18 Simranjeet Kaur18 Planning: Resolution Strategies Risk Avoidance –Prevent the risk from occurring, reduce probability to zero Risk Protection –Reduce the probability and/or consequence of the risk before it happens Risk Reduction –Reduce the probability and/or consequence of the risk after it happens Risk Research –Obtain more information to eliminate or reduce uncertainty Risk Reserves –Use previously allocated schedule or budget slack Risk Transfer –Rearrange things to shift risk elsewhere (to another group, for example)

19 Simranjeet Kaur19 Planning: Activities Specify scenarios –How would we be able to tell it is really happening? Define quantified threshold for early warning –What to monitor, when we consider the risk to be happening Develop resolution alternatives –Ways to eliminate, mitigate or handle the risk Select resolution approach –What has the best ROI? Specify risk action plan –Document decisions

20 Simranjeet Kaur20 Planning/Tracking: Documentation Header Assessment Action Plan Tracking Resolution ScenarioWhat would happen? IndicatorMetric to be monitored Trigger conditionValue indicating risk scenario CheckpointWhen/where to check metric Resolution strategyHow we will handle the risk Action planConcrete action plan

21 Simranjeet Kaur21 Tracking Monitor risk scenarios –Watch for signs of a risk scenario occurring Compare indicators to trigger conditions –Watch indicator metrics – do they satisfy trigger conditions? Notify stakeholders –Let stakeholders know the risk is happening; execute action plan Collect statistics –Update risk database

22 Simranjeet Kaur22 Resolution Acknowledge receipt of notification –Let stakeholders know you are “on the ball” –Indicate response time –Determine accountability/ownership Execute action plan –Improvise, adapt, overcome –Wanted: common sense Provide continuous updates –Let stakeholders know your progress in resolving the risk Collect statistics –Update risk database

23 Simranjeet Kaur23 Resolution: Documentation Header Assessment Action Plan Tracking Resolution Software EngineerSignature Quality EngineerSignature Project ManagerSignature Marketing ManagerSignature

24 Simranjeet Kaur24 Risk Management Capability 1: Risks ignored or only tracked in an ad-hoc fashion 2: Risks are usually recorded, tracked and handled as they are discovered 3: Risks systematically quantified, analyzed, planned, tracked and resolved 5: Risk statistics used to make organizational/process improvements 4: Quantified analysis used to determine resolution cost/benefit for project

25 Simranjeet Kaur25 Requirements Capture Design/Select Architecture High-level evolutionary plan Select and plan next step Execute planned step Deliver to real users Evaluate feedback “micro-projects” Evolutionary Delivery Identify Analyze Plan Track Resolve Learn

26 Simranjeet Kaur26 Learning from risks Post mortem: –What were the unanticipated risks? –What was the actual severity of consequence? –What resolution strategies worked well/not so well? –What types of risks could we prevent or transfer? protect ourselves from or reduce? handle only by allocating reserves? Action: –What are the preventative measures we can take in the future? –What can the SEPG do? –Are there significant vendor/partner performance problems? –What can we share with other project teams?

27 Simranjeet Kaur27 Risk Management Infrastructure Common Risks Checklists Risk Database With Statistics Standard Risk Template Risk Ranking Template Risk Mgt. Plan Template

28 Simranjeet Kaur28 Opportunity Management Identify opportunity Take advantage of opportunity Analyze opportunity Plan for opportunity Track opportunity Learn about opportunities Opportunity Knowledge Base

29 Simranjeet Kaur29 Questions?

Download ppt "Simranjeet Kaur1 Fundamentals of Software Risk Management."

Similar presentations

Chapter 7 Managing Risk.

Chapter 7 Managing Risk.
Managing Risk CHAPTER SEVEN Student Version Copyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin.

Managing Risk CHAPTER SEVEN Student Version Copyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin.
PROJECT RISK MANAGEMENT

PROJECT RISK MANAGEMENT
Project What is a project A temporary endeavor undertaken to create a unique product, service or result.

Project What is a project A temporary endeavor undertaken to create a unique product, service or result.
OPSM 639, C. Akkan1 Defining Risk Risk is –the undesirable events, their chances of occurring and their consequences. Some risk can be identified before.

OPSM 639, C. Akkan1 Defining Risk Risk is –the undesirable events, their chances of occurring and their consequences. Some risk can be identified before.
Project Management Gaafar 2007 / 1 This Presentation is uses information from PMBOK Guide 2000 Project Management Risk Management* Dr. Lotfi Gaafar.

Project Management Gaafar 2007 / 1 This Presentation is uses information from PMBOK Guide 2000 Project Management Risk Management* Dr. Lotfi Gaafar.
Project Management.

Project Management.
Risk Analysis & Management. Phases Initial Risk Assessment Risk Analysis Risk Management and Mitigation.

Risk Analysis & Management. Phases Initial Risk Assessment Risk Analysis Risk Management and Mitigation.
Chapter 7: Managing Risk

Chapter 7: Managing Risk
Projmgmt-1/33 DePaul University Project Management I - Risk Management Instructor: David A. Lash.

Projmgmt-1/33 DePaul University Project Management I - Risk Management Instructor: David A. Lash.
Session 33 Guest Speaker: Gini Van Siclen. Risk Management for Project Managers Gini Van Siclen.

Session 33 Guest Speaker: Gini Van Siclen. Risk Management for Project Managers Gini Van Siclen.
Project Based Risk Management Defusing a potential ticking time bomb

Project Based Risk Management Defusing a potential ticking time bomb
Software Project Risk Management

Software Project Risk Management
Managing Risk to Reduce Construction Claims (And Improve Project Success) Presented by Laurie Dennis, PE, CVS-Life, FSAVE.

Managing Risk to Reduce Construction Claims (And Improve Project Success) Presented by Laurie Dennis, PE, CVS-Life, FSAVE.
LSU 10/09/2007Risk Management1 Risk & Risk Management Project Management Unit #5.

LSU 10/09/2007Risk Management1 Risk & Risk Management Project Management Unit #5.
Project Risk Management Risk Mitigation. Risk Management  The prime objective of risk management is to minimize the impact and probability of the occurrence.

Project Risk Management Risk Mitigation. Risk Management  The prime objective of risk management is to minimize the impact and probability of the occurrence.
© 2008 Prentice Hall11-1 Introduction to Project Management Chapter 11 Managing Project Execution Information Systems Project Management: A Process and.

© 2008 Prentice Hall11-1 Introduction to Project Management Chapter 11 Managing Project Execution Information Systems Project Management: A Process and.
Chapter 9. Intro  What is Project Management?  Project Manager  Project Failures & Successes Managing Projects  PMBOK  SDLC Core Process 1 – Project.

Chapter 9. Intro  What is Project Management?  Project Manager  Project Failures & Successes Managing Projects  PMBOK  SDLC Core Process 1 – Project.
What is Business Analysis Planning & Monitoring?

What is Business Analysis Planning & Monitoring?
S/W Project Management

S/W Project Management

Similar presentations

Ads by Google