Risk Management in Software ProjectRiskit Method and SEI Method

Introduction

*The Definition of risk in software project?

Webster defines “risk” as “ the possibility

or injury”.

Risk in software project is defined as

exposure to harm and loss

*Why do we need risk management? Risk management can help us to avoid software disaster, rework and overkill.

*Why do we need a formally risk management?

Risks in different projects are individual

differences.

Rely on project managers’ intuition and luck

are a poor substitute and consistent approach.

Provides a number of benefits to the project

team.

*When does the risk management apply?

Start the risk management as soon as the

project starts.

*What are features of risk management?

Risk is uncertain

Risks in project can never be removed

Risks can be control and reduced

Riskit Method

DefinitionRiskit method is a comprehensive risk

management method.

GoalRiskit method focuses on stakeholder

goals by maintaining links between risks and stakeholders explicitly.

Riskit Method

Definition of Risk

Risk

Probability Loss

Expectations

Stakeholder

is characterized by

is defined by

is valued by

Is characterized by

Riskit Method Processes

Risk Management Mandate Output -> why, what, when and whomGoal Review

Output -> explicit goal definitionsRisk IdentificationOutput ->A list of “raw” risksRisk AnalysisOutput ->Completed Riskit analysis graphs

and ranked risk scenarios

Riskit Method Processes

Risk Control Planning

Output->Selected risk controlling actions

Risk Control

Output ->Reduced risks

Risk Monitoring

Output->Risk status information

Riskit Risk Management Cycle

Risk MagMandate Goal review

Identification

Analysis

Controlplanning

RiskControl

Monitoring

mandate

prioritized risk

goal

list of risks

revisions to goals

riskmonitormatrices

selected action

results

changeschanges

changes

SEI Risk Management Method

DefinitionSoftware risk management address the entire lift cycle of software acquisition, development, and maintenance.GoalTo enable engineers, managers, and other decision makers to identify risks and to manage them on a time basis.

SEI Risk Management Paradigm

Identify

The taxonomy method consists taxonomy-base questionnaire and a process for its application.

Analyze

Analysis is the conversion of risk data into risk decision-making information.

Plan

Turns risk information into decisions and actions.

Track

Monitor the status if risks and the actions taken.

Control

Corrects deviations from planned risk actions.

Communicate

Communication lies at the center of paradigm.

SEI RISK PARADIGM

SEI RISK MANAGEMENT PRINCIPLES

Global Perspective

Forward-looking View

Open Communication

Integrated Management

Continuous Process

Share Product Vision

Team Work

Differences of Two Methods

Riskit Method define a specific step – risk management mandate.Riskit Method define goals and stakeholders for project.Riskit method uses brainstorming, checklist or benchmarking to identify risks. SEI uses taxonomy questionnaire method.

Riskit Method provides more graphical analysis, SEI provide textual analysis is based on taxonomy method

Riskfactor

Riskevent

Risk Outcome

Reaction

Risk Effect set

Utility loss

Differences of Two Methods

SEI focus on team member’s participation

SEI focus on the participation of suppliers and customers

SEI method shares product vision

SEI method has open communication

SEI provides a continues risk management

Simulations

Both of them provide precise definition of risks.

The basic concepts for risk management are the same

Both of them suggest a common risk management framework

Both of them are systematical processes

Documentations are required

Simulation

They all address project manager is not the only person to participate risk management.

Conclusion

Risk management framework is necessary.

Some basic steps are necessary—identification, analysis, prioritization, planning, control and monitoring.

Everybody who is related to this project need to involve in risk management.

Conclusion

Establish open communication for employees to discuss risks.

Risk management should start before the project starts.