School of Computing and Information Systems
The University of Melbourne
Copyright University of Melbourne 2021-2022
Copyright By Assignmentchef assignmentchef
2022 Semester 1 Week 3, Module 3
Software Processes & Project Management
Risk Management
Learning Outcomes
Understand the fundamentals of risk management
Understand the Risk Management Process
Understand how to:
plan risk management activities identify risks
analyze and assess risks respond to risks (risk strategies) monitor and control risks
SWEN90016 Software Processes and Project Management -2- Risk Management
Respond to Risks
Purpose of risk analysis and assessment is to identify what opportunities and threats should be addressed
It is not feasible (or advisable) to respond to every threat or opportunity because this requires resources, which are usually diverted from the project, which could have more negative impacts on the project
Therefore, it is important to select appropriate response strategies
SWEN90016 Software Processes and Project Management -3- Risk Management
Risk Response Strategies
Four common strategies to handle threats: 1. Accept or Ignore
This means that we believe that the risk is of an acceptable exposure, that we hope that the event does not occur, or that the risk exposure is less than the cost of any techniques to avoid, mitigate, or transfer it.
This means that we completely prevent the risky event from occurring, by either ensuring its probability is 0, or ensuring its impact 0.
SWEN90016 Software Processes and Project Management -4- Risk Management
Risk Response Strategies
Four common strategies cont..
3. Mitigate
This involves employing techniques to reduce the probability of the risk, or reduce the impact of the risk. This results in a residual risk that is, a risk consisting of the same event, but with a lower probability/impact, and therefore low exposure. We then must analyse the residual risk as we would our primary risk.
4. Transfer
This involves transferring the burden of the risk to another party. Insurance is one example of risk transfer, in which the impact of the risk is offset by payments from the insurer. Another example is outsourcing a portion of the work to somebody with more knowledge and expertise, which comes at a cost.
SWEN90016 Software Processes and Project Management -5- Risk Management
Risk Response Example
Example: Risk of a third-party software application
Consider the example of using a third-party software application to provide some functionality of a system that is being developed.
Do nothing because the vendor is reliable and have delivered quality software in the past.
Developing the required functionality in house, rather than buying it or change the requirements so that the functionality is not required at all.
Make the request date well before the required date.
We can also reduce the impact of the risk by designing the system such that the third-party application is accessed via a standard interface, and by producing a dummy implementation of that interface that allows development to continue if the third- party application is delivered late.
Specifying in the contract that any costs resulting from late delivery of the system will be paid for by the vendor of the third- party application.
SWEN90016 Software Processes and Project Management -6- Risk Management
Risk Response Strategies
Four common strategies to handle opportunities: 1. Exploit:
Add work or change the project to make sure the opportunity occurs
2. Enhance:
Increase the probability and positive impact of risk events
Allocate ownership of opportunity to a third-party
This means that we believe that the cost to exploit or enhance is not justifiable so do nothing about it.
SWEN90016 Software Processes and Project Management -7- Risk Management
Risk Response Plan
Once risks and strategies are identified, they can be documented as a part of a risk response plan, also called a Risk Register.
Template of a simple risk register
Risk ID: a unique identification for the risk
Trigger:thetriggerthatflagsthattheriskhasoccurred
Owner:thepersonorgroupresponsibleformonitoringandresponding Response:thestrategyforresponding
Resources:requiredresources
Resources Required
Risk Register
SWEN90016 Software Processes and Project Management -8- Risk Management
Learning Outcomes
Understand the fundamentals of risk management
Understand the Risk Management Process
Understand how to:
plan risk management activities identify risks
analyze and assess risks respond to risks (risk strategies) monitor and control risks
SWEN90016 Software Processes and Project Management -9- Risk Management
Monitor and control risks
Once the risk response plan has been created, triggers must be monitored to keep track of various project risks
New threats and opportunities may arise in the course of the project they must be identified, analysed and responded to
Risk monitoring must be part of the overall monitoring and control of the project
SWEN90016 Software Processes and Project Management -10- Risk Management
Monitor and control risks
Tools for monitoring and controlling:
RiskAudits:
external team looks at comprehensiveness of the identification process and ensuring other procedures and processes are in place
Risk Reviews:
internal reviews of risks periodically that result in status reports generated for PM and those who need-to-know
Risk status meetings:
risks must be reviewed and discussed in project status meetings, which are periodically held in projects (e.g. weekly meetings)
SWEN90016 Software Processes and Project Management -11- Risk Management
December 2008 Manage By Walking Around | Risk management, Manager humor, Risk analysis (pinterest.com.au)
Risk Management Process
SWEN90016 Software Processes and Project Management -13- Risk Management
Learning Outcomes
Understand the fundamentals of risk management
Understand the Risk Management Process
Understand how to:
plan risk management activities
identify risks
analyze and assess risks
respond to risks (risk strategies) monitor and control risks
SWEN90016 Software Processes and Project Management -14- Risk Management
References
Shari L. Pfleeger and Joanne M. Atlee. Software Engineering: Theory and Practice. PrenticeHall International,
3rd edition, 2006.
R. S. Pressman. Software Engineering: A Practitioners Approach. McGraw Hill, seventh edition, 2009.
J.T. Marchewka. Information Technology Project Management. & Sons, fourth edition, 2012.
SWEN90016 Software Processes and Project Management -15- Risk Management
CS: assignmentchef QQ: 1823890830 Email: [email protected]
Reviews
There are no reviews yet.