risk management in software engineering - csmates.com

risk management in software engineering

Software risk management


Software risk management is the process of identifying software risk and planning to avoid these risk or to minimize their effects if they cannot be avoided

Using Risk management techniques, we can alleviate the harm or loss in a software project. All risks should not be avoided, but by performing risk management we can to ensure that the right risks are taken at the right time. Risk taking is essential to progress and, Failure is often a key of learning.

Risk management is a concept that can be implemented in a number of ways. All good risk management approaches have following characteristics.


  • There is a planned and documented risk management process for the project or program.
  • The process is based on a prospective assessment. The project management team looks I had to find and manage possible problems.
  • The initial assessment is periodically redone to validate initial findings and to uncover new problem areas.
  • The program has a defined set of valuation criteria that covers all facets of the program.
  • The ongoing result of the risk management process are formally documented.

Objectives of software risk management

The objectives of software risk management are to identify, address, and eliminate software risk items before they become Threats to success or major sources of rework

In general, good project managers are also good managers of risk. It makes good business sense phone software development projects to incorporate risk management as part of project management. There are a number of definitions and uses for the term risk, but there is no universally accepted definition. What all definitions have in common is agreement that risk has two characteristics.(Pressman 1997. Kitchenham 1997).
  • Uncertainty: an event may or may not happen 
  • Loss: any event has unwanted consequences or losses.
Therefore, this involves the likelihood that an undesirable event will occur, and the severity of the consequences of the event, should it occur(Boehm 1989). Risk management can:

  • Identify potential problems and deal with them when it is easier and cheaper to do so - before they are problems and for crisis exists.
  • Focus on the project's objective and consciously look for things that may affect quality throughout the production process.
  • Allowed the early identification of potential problems(the proactive approach) and provide input decisions regarding resource allocation.
  • Involve personal at all levels of the project, focus their attention on shared product vision and provide a mechanism for achieving it.
  • Increase the chances of project success.

Top 10 software risk

Boehm has performed a survey of a project managers to rank top 10 primary sources of software risks.

1. Personnel shortfalls. Stuffing with top talent, job matching, team building key personal agreements, cross training.

2. Unrealistic schedules and budgets. Multi-source cost and schedule estimation, design to cost, incremental development, software reuse, requirement scrubbing.

3. Developing the wrong functions and properties. Organisation analysis, mission analysis, operations- concept formulation user surveys and user participation, prototyping, early users manuals, off-normal performance analysis, quality factor analysis.

4. Developing the wrong user interface. Prototyping, scenarios, task analysis, user participation.

5. Gold plating. Requirements scrubbing, prototyping, cost benefit analysis, designing to cost.

6. Continue stream of requirement changes. High chance thresholds, information hiding, incremental development.

7. Shortfalls in externally furnished components. Bench-marking, inspections, reference checking and compatibility analysis.

8. Shortfalls in externally performed tasks. Reference checking, Pre-award audits, award free contracts, competitive design and prototyping, team building.

9. Real time performance shortfalls. Simulation, bench-marking, modelling, prototyping, instrumentation, tuning.

10. Staining computer science capabilities. Technical analysis, cost benefit analysis, prototyping, reference checking

Post a comment

0 Comments