2. Introduction
An uncertain event or condition that, if it
occurs, has a positive or negative effect on a
project’s objectives.
PRINCE2:
The Chance of exposure to the adverse
consequences of future events
2
Prof. Kanchana Devi
PRINCE PRojects IN Controlled Environment
3. The key elements of risk
Prof. Kanchana Devi
3
It relates to future
Cost underestimation, New Technology difficult to
work.
It involves cause and effect
Cost Over-run, Use of untrained staff, Poor
Specification
4. Socio-technical Model of Risk
Prof. Kanchana Devi
4
Kalle Lyytinen and his Colleagues proposed a
diagrammatic representation
Actors
TechnologyStructure
Tasks
5. Risk Framework
Prof. Kanchana Devi
5
Actors : refers to all the people involved in the
development of the application in the question
Risk: High staff turn-over
Technology: encompasses both the
technology used to implement the application
and that embedded in the delivered products
Risk: Appropriateness of the technologies and
possible faults within them
6. ……
Prof. Kanchana Devi
6
Structure: Describes the management
structures and systems including those
affecting planning and control.
Risk: Some implementation might need user
participation in some tasks(not allotted)
Tasks: relates to the work planned
Risk: Complexity of work might lead to delay
7. A framework for dealing with Risk
Prof. Kanchana Devi
7
Planning for risk includes
Risk Identification
Risk Analysis and Prioritization
Risk Planning
Risk Monitoring
9. Checklists
Prof. Kanchana Devi
9
Checklists are simply lists of the risks that
have been found to occur regularly in software
development projects.
Risk Risk Reduction Techniques
Personnel shortfalls Staffing with top talent, job matching,
team building, training and career
development…
Unrealistic time and Cost Estimates Multiple Estimation techniques, Design to
cost, Incremental development…
Developing the wrong software
functions
Improved software evaluation, Formal
Specification Methods…
Developing the wrong user interface Prototyping, Task Analysis, User
Involvement.
Gold Plating Requirements Scrubbing, Prototyping,
Cost-benefit analysis…
10. Brainstorming
Prof. Kanchana Devi
10
Stakeholders are brought together, preliminary
and plans are drafted
Identifying the solution using the individual
knowledge.
11. Risk Assessment
Prof. Kanchana Devi
11
A common problem in risk identification is that
a list of risks is potentially endless.
Estimating the risk exposure for each risk
using the formula:
Risk Exposure = (Potential Damage)* (Probability of Occurrence)
12. Example: Problem
Prof. Kanchana Devi
12
A project depended on a data centre
vulnerable to fire. It might be estimated that if a
fire occurred a new computer configuration
could be established for $500,000. It might
also be estimated that a computer is located
there is a 1 in 1000 chance of a fire actually
happening, that is a probability of 0.001.
13. Solution:
Prof. Kanchana Devi
13
By using the formula:
Risk Exposure= $500,000*0.001
= $500
Risk Exposure = (Potential Damage)* (Probability of Occurrence)
14. Risk Exposure Assessment
Prof. Kanchana Devi
14
Ref Hazard Likelihood Impact Risk
R1 Changes to Requirement Specification
during coding
8 8 64
R2 Specification Task longer than expected 3 7 21
R3 Significant staff sickness affecting
critical path activities
5 7 35
R4 Significant staff sickness affecting non-
critical path activities
10 3 30
R5 Module coding takes longer than
expected
4 5 20
R6 Module testing demonstrates errors or
deficiencies in design
4 8 32
H
S
M
S
H
S
15. Risk Probability and Associated
range values
Prof. Kanchana Devi
15
Probability Level Range
High Greater than 50% Chance of happening
Significant 30-50% Chance of happening
Moderate 10-29% Chance of happening
Low Less than 10% Chance of happening
Impact on Cost and Associated range
values
Probability Level Range
High More than 30% above Budgeted Expenditure
Significant 20 to 29% above Budgeted Expenditure
Moderate 10 to 19% above Budgeted Expenditure
Low Within 10% of Budgeted Expenditure
16. Impact Matrix
Prof. Kanchana Devi
16
R6 R1
R2,R3,R5
R4
High
Significant
Moderate
Low
Low Moderate Significant High
Probability
Tolerance Line
17. Risk Planning
Prof. Kanchana Devi
17
After identifying the risks and priorities
Task is to deal with them
Risk Acceptance
Risk Avoidance
Risk Reduction & Mitigation
Risk Transfer
19. Risk Reduction Actions
Prof. Kanchana Devi
19
The risk reduction action can be assessed by
calculating the “Risk Reduction Leverage”(RRL)
RE Risk Exposure
If RRL = 1.00 indicates the reduction in the
exposure is greater than its cost
RRL= (RE before-RE after)/(Cost of risk reduction)
20. Example:
Prof. Kanchana Devi
20
An unrealistic example, it might cost $200,000
to replace a hardware configuration used to
develop a software application. There is a 1%
chance of fire. The risk exposure would be 1%
of $200000, that is $2000. Installing fire alarms
at a cost of $500 would reduce the chance of
fire to 0.5%. The new risk exposure would be
$1000, a reduction of $1000 on previous
exposure. Calculate the RRL.
22. Risk Register
Prof. Kanchana Devi
22
Risk Record
Risk Description
Impact Description
Recommended Risk Mitigation
Probability/ Impact Values
Incident/Action History
Risk Id Risk Title
Owner Date Raised Status
Probability Impact
Cost Duration Quality
Pre-mitigation
Post-mitigation
Date Incident/Action Actor Outcome/Comment