CSC 376: Software Project IS 394: Information Systems Project

1
CSC 376 Software ProjectIS 394 Information
Systems Project

• Lecture 2a Risk Management
• Instructor Jane Huang

2
Requirements Deliverable

• Identify the stakeholders of your application.
• Specify requirements for your project.
• Use a hierarchy to structure the requirements.
• Follow all the guidelines for writing good
  requirements discussed in class last week.
• Atomicity
• Completeness
• Correctness
• Wording
• Handling exceptions
• Identify a small set of non-functional
  requirements.
• Performance
• Security
• Reuse
• Extensibility

3
Risk Management

• What is it?
• Risk analysis and management is a series of steps
  that help a software team to understand and
  manage uncertainty.
• A risk is a potential problem
• The steps
• Risk identification
• Analyze each risk
• Rank each risk (probability and impact)
• Work product
• RMMM (Risk mitigation, monitoring, and management
  plan)

4
Risk Management
Aaaghh!

• If you dont actively attack the risks, they
  will attack you! Tom Gilb
• Today no one has the luxury of getting to know a
  task so well that it holds no surprises, and
  surprises mean risk. Stephen Grey.

5
Software Risks

• Uncertainty The risk may or may not happen.
• LossWhat is the impact of the risk if it does
  occur?

Risk Categories
Project risks budgetary, schedule, personnel
staffing and organization, resource, customer,
and requirements problems. Technical risks -
risks that threaten the quality and timeliness of
the software to be built. (design,
implementation, interfacing, verification,
maintenance) Business risks - risks that
threaten the viability of the software to be
built.
6
Calculating Risk Exposure

• Risk of not delivering on time
• RE Probability of Risk X Impact of Risk
• Example
• Probability that only 70 of the software
  components scheduled for reuse will in fact be
  integrated into the application.
• Risk that this will mean that the software cannot
  be delivered on time 30
• RE 70 X 30 21

Dont hide from project risk. Face it head on!
7
Sample Risk TableRMMM Risk Mitigation,
Management, and Monitoring plan
1-Catastrophic, 2-Critical, 3-Marginal,
4-Negligible
8
Risk Mitigation Plan

• What are you going to do about the risk?
• Three strategies
• Entirely remove the risk by early intervention.
• Reduce the probability of the risk occurring.
• Reduce the impact if it does occur.
• Deliverable
• A risk analysis
• Risk mitigation plan.

9
Risk Deliverable

• Identify risks for your project.
• Rank each risk according to probability.
• Rank each risk according to impact.1-Catastrophic
  , 2-Critical, 3-Marginal, 4-Negligible
• Order risks according to Risk Exposure.
• Decide which risks you need to mitigate.
• Create risk mitigation action items for each of
  those risks.
• Track all identified risks on your website.

10
Group Time
Project highlights

• Scope your project carefully!
• Websites
• Track individual hours

• Start working on requirements.
• Start working on risk identification and
  mitigation.
• Continue work on concept demo.