Download presentation
1
Software Project Risk Management
2
Risk Management The future can never be predicted with 100% accuracy.
Failure to plan for risks leads to crisis management or firefighting Cultivates as dangerous “hero” culture A very poor management practice (why?) The lure of crisis management Attention and visibility Access to resources Rewards
3
Objective of Risk Management
The objective is to plan and manage the project in such a way that whatever happens, whatever outcomes are achieved, the stakeholders still “win” That is, value is still obtained Example: Failed system development can provide value in learning early on that a system as designed is not worth pursuing which helps avoid costly commitment to a system that eventually will not be adopted/accepted/used
4
What is a Risk? Risk is the potential of loss
Always has two components Likelihood of loss Size of loss Must account for both! Risk Exposure = Prob(Loss)* Size(Loss) A probability of occurrence of that event. Impact of the event occurring a quantitative measure of risk
5
What is a Risk? - 2 Project risk
Risk of not achieving a defined project goal (schedule, quality, cost, …) The challenge is to manage project risk, not eliminate it (impossible!) Note: Risks change throughout the life of a project
6
Opportunity The flip-side of risk is opportunity
The potential for gain Often where there is risk there is opportunity Without risk there is usually no value Need to accept risk as a inherent part of the development process because we seek value Need to consider opportunity when considering risk
7
Risk Management Risk management is the act or practice of dealing with risk. Risk management is proactive rather than reactive. Risk management is not a separate activity an aspect of sound project management. this implies that, when you make any decision, you account for its risk considerations
8
Successful Risk Management
Depends upon: Commitment by stakeholders Stakeholder responsibility Planning for risk management Creation of a risk management plan Committing resources to risk management Top 10 risk list Determine a manageable number of risks
9
Resources for Risk Management
When looking at the resources to commit to risk management, one needs to consider the project size and the impacts of the risks. Recommendation: about 5% of total project resources on risk management activities.
10
Risk Management Planning
Risk management planning is a continuous and ongoing process. Develop a plan for risk identification. Determine the resources available for risks. What is available beyond the ordinary? This is a good time for out of the box thinking Establish a methodology for accounting for risk in every decision with significant impact
11
A Simplified Risk Management Process
Risk identification Risk analysis/evaluation Risk planning strategies Risk monitoring and control Risk response
12
Risk Identification Proactively identify risks!
Tools for identifying risks Brainstorming Nominal Group Technique Each member identifies their ideas Each member writes their idea on the board The group discusses each idea Each individual ranks each of the ideas The group then ranks all the ideas Each individual ranks all the ideas again Rankings are summarized
13
Risk Identification Strength, Weakness, Opportunities, Threats (SWOT analysis) Cause and effect diagrams Past Projects experiences (lessons learned)
14
Possible Risks Creeping user requirements Excessive schedule pressure
Low quality Cost overruns Poor estimates Low customer satisfaction Long schedules Inadequate planning or managing to plan Project member shortfalls
15
Qualitative Risk Analysis
Probability and Impact Impacts a software Project Manager is most likely to face: Costs Schedule Quality Probability is most often determined by expert opinion and historical data Simple “red-yellow-green” or 1-5 scale assessment
16
Quantitative Risk Analysis
Discrete probability distributions Coin toss Continuous probability distributions Normal distribution or bell shaped curve Running simulations Using PERT/GANTT charts to study the impact. does not identify risks; helps understand the impact Betting analogies “How much would you be willing to bet on a successful outcome?”
17
Risk Response Planning
Who is going to detect when the risk occurs? Who has the responsibility to respond and communicate? What is the response?
18
Risk Strategies Factors impacting the strategy Strategy
Impact of the risk Project constraints Tolerances Strategy Accept or Ignore Provide reserves Contingency plans Natural disaster/backup plans/plan-B’s
19
Risk Strategies Avoidance, eliminate the risk
Mitigate, lessen the impact of the risk Performance impact, provide extra hardware, de-scope Transfer the risk Offsite backup planning Server farms Outside management
20
Risk Monitoring and Control
Determine who is responsible for monitoring How are risks monitored? Project tracking, resources, quality, etc Communicating the status of identified risks Reviews and Audits Once a risk is identified as occurring Communicate Take action
21
Risk Response and Evaluation
Trigger the defined risk response plan Identify the risk owner Assign resources Understand the impacts PERTs, Dependencies Communicate Evaluate once action is taken Is more action needed? What additional risks are triggered?
22
Common Software Project Risks
Requirements: Feature creep Developer gold plating Quality Low quality Squeeze on testing time Over optimism Schedules Tools Capability Re-use or acquisition
23
Common Software Project Risks
Resources Not enough Weak personnel Contractor issues Customer Customer developer friction Customer acceptance
24
Group Exercise Create a formal, documented risk management plan for your project. Do the following: Risk identification Discuss at least three serious risks Risk analysis/evaluation Assess the risks identified (qualitatively or quantitatively) Risk planning strategies What can you do to manage these risks? Risk monitoring and control How will you manage these risks during the remainder of the project? Risk response What will you do if a risk becomes actual (i.e. exposed)? both for the development and the eventual operation of your system.
Similar presentations
© 2024 SlidePlayer.com Inc.
All rights reserved.