2. OutlineOutline
1.1. What is a riskWhat is a risk
2.2. Definitions of RisksDefinitions of Risks
3.3. Risk CategorizationRisk Categorization
4.4. Other Risk CategoriesOther Risk Categories
5.5. Negative Impact of RiskNegative Impact of Risk
6.6. Risk managementRisk management
7.7. The Principles of Risk ManagementThe Principles of Risk Management
8.8. Risk management paradigmRisk management paradigm
9.9. Risk Management in Project managementRisk Management in Project management
10.10. How To Manage the RisksHow To Manage the Risks
11.11. THE RMMM PLANTHE RMMM PLAN
12.12. ConclusionConclusion
13.13. ReferencesReferences
2
3. 1. What is Risk1. What is Risk
A risk is a potential problem – it might happen and it might not, this isA risk is a potential problem – it might happen and it might not, this is
uncertainty.uncertainty.
We don’t know whether a particular event will occur or no but if itWe don’t know whether a particular event will occur or no but if it
does has a negative impact on a project.does has a negative impact on a project.
An example would be that team is working on a project and theAn example would be that team is working on a project and the
developer walks out of project and other person is recruited in hisdeveloper walks out of project and other person is recruited in his
place and he doesn’t work on the same platform and converts it intoplace and he doesn’t work on the same platform and converts it into
the platform he is comfortable with. Now the project has to yield thethe platform he is comfortable with. Now the project has to yield the
same result in the same time span. Whether they will be able tosame result in the same time span. Whether they will be able to
complete the project on time. That is the risk of schedule .complete the project on time. That is the risk of schedule .
3
4. 2. Definitions of Risks2. Definitions of Risks
Risk is the probability of suffering loss.Risk is the probability of suffering loss.
Risk provides an opportunity to develop the project better.Risk provides an opportunity to develop the project better.
Risk exposure= Size (loss)* probability of (loss)Risk exposure= Size (loss)* probability of (loss)
There is a difference between a Problem and RiskThere is a difference between a Problem and Risk
Problem is some event which has already occurred but risk isProblem is some event which has already occurred but risk is
something that is unpredictable.something that is unpredictable.
4
5. 3. Risk Categorization3. Risk Categorization
Project risksProject risks
They threaten theThey threaten the project planproject plan
If they become real, it is likely that theIf they become real, it is likely that the project scheduleproject schedule will slipwill slip
and that costs will increaseand that costs will increase
Technical risksTechnical risks
They threaten theThey threaten the qualityquality andand timelinesstimeliness of the software to beof the software to be
producedproduced
If they become real,If they become real, implementationimplementation may become difficult ormay become difficult or
impossibleimpossible
Business risksBusiness risks
If they become real, they Problem occuring in the project or theIf they become real, they Problem occuring in the project or the
productproduct
5
6. 4. Other Risk Categories4. Other Risk Categories
Known risksKnown risks
Those risks that can beThose risks that can be uncovereduncovered after careful evaluation of theafter careful evaluation of the
project plan, the business and technical environment in whichproject plan, the business and technical environment in which
the project is being developed, and other reliable informationthe project is being developed, and other reliable information
sources (e.g., unrealistic delivery date)sources (e.g., unrealistic delivery date)
Predictable risksPredictable risks
Those risks that areThose risks that are extrapolatedextrapolated from past project experiencefrom past project experience
(e.g., past turnover)(e.g., past turnover)
Unpredictable risksUnpredictable risks
Those risks that can and do occur, but are extremelyThose risks that can and do occur, but are extremely difficult todifficult to
identifyidentify in advancein advance
6
7. 5. Negative Impact of Risk5. Negative Impact of Risk
Diminished quality of productDiminished quality of product
Increased costIncreased cost
Delayed completionDelayed completion
Project failureProject failure
7
8. 6. Risk management6. Risk management
The project should be managed in such a way that the risks don’tThe project should be managed in such a way that the risks don’t
affect the project in a big way.affect the project in a big way.
Risk Management is a methodology that helps managers make bestRisk Management is a methodology that helps managers make best
use of their available resourcesuse of their available resources
By using various paradigms, principles we can manage the risks.By using various paradigms, principles we can manage the risks.
8
9. 7. The Principles of Risk Management7. The Principles of Risk Management
Global Perspective: In this we look at the larger system definitions, design andGlobal Perspective: In this we look at the larger system definitions, design and
implementation. We look at the opportunity and the impact the risk is going toimplementation. We look at the opportunity and the impact the risk is going to
have .have .
Forward Looking View: Looking at the possible uncertainties that might creep up.Forward Looking View: Looking at the possible uncertainties that might creep up.
We also think for the possible solutions for those risks that might occur in theWe also think for the possible solutions for those risks that might occur in the
future.future.
Open Communication: This is to enable the free flow of communication betweenOpen Communication: This is to enable the free flow of communication between
in the customers and the team members so that they have clarity about the risks.in the customers and the team members so that they have clarity about the risks.
Integrated management: In this phase risk management is made an integral partIntegrated management: In this phase risk management is made an integral part
of project management.of project management.
Continous process :In this phase the risks are tracked continuously throughout theContinous process :In this phase the risks are tracked continuously throughout the
risk management paradigm.risk management paradigm.
9
10. 8. Risk management paradigm8. Risk management paradigm
1.Identify: Search for the risks before they1.Identify: Search for the risks before they
create a major problemcreate a major problem
2.Analyze: understand the nature , kind of2.Analyze: understand the nature , kind of
risk and gather information about the risk.risk and gather information about the risk.
3.Plan: convert them into actions and3.Plan: convert them into actions and
implement them.implement them.
4.Track: we need to monitor the4.Track: we need to monitor the
necessary actions.necessary actions.
5.Control: Correct the deviation and make5.Control: Correct the deviation and make
any necessary amendments.any necessary amendments.
6.Communicate: Discuss about the6.Communicate: Discuss about the
emerging risks and the current risks andemerging risks and the current risks and
the plans to be undertaken.the plans to be undertaken.
10
11. 9. Risk Management in Project9. Risk Management in Project
management:management:
Basically project management deals with following :Basically project management deals with following :
1. Planning: Looking for the desired results, the strategies to be1. Planning: Looking for the desired results, the strategies to be
applied.applied.
2. Organizing: Getting all the things together so that the desired2. Organizing: Getting all the things together so that the desired
results are obtained. By organizing the efficiency is increased and lotresults are obtained. By organizing the efficiency is increased and lot
of time is saved.of time is saved.
3. Directing: Communication takes place and exchange of ideas is3. Directing: Communication takes place and exchange of ideas is
formatted in this phase.formatted in this phase.
4. Controlling: In the last phase feedback and evaluation is done.4. Controlling: In the last phase feedback and evaluation is done.
11
12. 10. How To Manage the Risks10. How To Manage the Risks
1.Determine risk sources and1.Determine risk sources and
Categories.Categories.
2.Determine Risk Parameters2.Determine Risk Parameters
3.Establish a Risk Management3.Establish a Risk Management
StrategyStrategy
4.Identify Risks4.Identify Risks
5.Evaluate and prioritize the risks.5.Evaluate and prioritize the risks.
6.Develop and Implement Risk6.Develop and Implement Risk
mitigation plansmitigation plans
12
13. 11. THE RMMM PLAN11. THE RMMM PLAN
A risk management strategy can be included in the software projectA risk management strategy can be included in the software project
plan or the risk management steps can be organized into a separateplan or the risk management steps can be organized into a separate
Risk Mitigation, Monitoring and Management Plan.Risk Mitigation, Monitoring and Management Plan.
The RMMM plan documents all work performed as part of riskThe RMMM plan documents all work performed as part of risk
analysis and is used by the project manager as part of the overallanalysis and is used by the project manager as part of the overall
project plan.project plan.
Some software teams do not develop a formal RMMM document.Some software teams do not develop a formal RMMM document.
Rather, each risk is documented individually using aRather, each risk is documented individually using a risk informationrisk information
sheetsheet
13
14. To manage the risks we need to establish a strong bond between theTo manage the risks we need to establish a strong bond between the
customers and the team members.customers and the team members.
A strong base about risk management would help a great deal inA strong base about risk management would help a great deal in
tackling the risks.tackling the risks.
Software metrics and tools can be developed to manage the risks.Software metrics and tools can be developed to manage the risks.
Risk necessarily need not be negative and it can be viewed as anRisk necessarily need not be negative and it can be viewed as an
opportunity to develop our projects in a better way.opportunity to develop our projects in a better way.
12. Conclusion12. Conclusion
14
15. 13. References13. References
[1] [Boehm-89] Barry W. Boehm, Tutorial: Software Risk[1] [Boehm-89] Barry W. Boehm, Tutorial: Software Risk
Management, Les Alamitos, CA, IEEE ComputerManagement, Les Alamitos, CA, IEEE Computer
Society,1989.Society,1989.
[2] [Down-94] Alex Down, Michael Coleman, Peter[2] [Down-94] Alex Down, Michael Coleman, Peter
Absolon, Risk Management for Software Projects,Absolon, Risk Management for Software Projects,
London,McGraw-Hill Book Company, 1994.London,McGraw-Hill Book Company, 1994.
[3] [Gilb-88] Tom Gilb, Principles of Software Engineering[3] [Gilb-88] Tom Gilb, Principles of Software Engineering
Management, Wokingham, England: Addison-Wesley,Management, Wokingham, England: Addison-Wesley,
1988.1988.
[4] [Ould-90] Martyn Ould, Strategies For Software[4] [Ould-90] Martyn Ould, Strategies For Software
Engineering: The Management of Risk andEngineering: The Management of Risk and
Quality,Chichester, England, John Wiley & Sons, 1990.Quality,Chichester, England, John Wiley & Sons, 1990.
[5] [SEI-93] Marvin J. Carr, Suresh L. Konda, Ira Monarch,[5] [SEI-93] Marvin J. Carr, Suresh L. Konda, Ira Monarch,
F. Carol Ulrich, Clay F. Walker, Taxonomy -BasedRiskF. Carol Ulrich, Clay F. Walker, Taxonomy -BasedRisk
Identification, CMU/SEI-93-TR-006, Pittsburgh, PA,Identification, CMU/SEI-93-TR-006, Pittsburgh, PA,
Software Engineering Institute, 1993Software Engineering Institute, 1993
15