About Risk Analysis. Chapter 25. Software Engineering CSCI Dr. Thomas Hicks Computer Science Department Trinity University

Similar documents
Project Risks. Risk Management. Characteristics of Risks. Why Software Development has Risks? Uncertainty Loss

Lecture Notes #27: Software Risk Management

Risk Mitigation, Monitoring and Management Plan

CSSE 372 Software Project Management: Software Risk Management

Scheduling 1. You selected an Appropriate Process Model

Project planning and scheduling

Appendix 3: Project Management Substation Guidelines (General Process Flow Template)

Darshan Institute of Engineering & Technology Unit : 10

Project Management Concepts

Risk. Risk Categories. Project Risk (aka Development Risk) Technical Risk Business Risk. Lecture 5, Part 1: Risk

Fundamentals of Measurements

Essential Elements for Any Successful Project

Risk Management Primer

ISO, CMMI and PMBOK Risk Management: a Comparative Analysis

Project Management Challenges in Software Development

Project management. Ian Sommerville 2004 Software Engineering, 7th edition. Chapter 5 Slide 1

Project Management. Software Projects vs. Engineering Projects

Continuous Risk Management at NASA

SOFTWARE ENGINEERING IT 0301 Semester V B.Nithya,G.Lakshmi Priya Asst Professor SRM University, Kattankulathur

Risk Management Framework

EFFECTIVE STRATEGIC PLANNING IN MODERN INFORMATION AGE ORGANIZATIONS

15 Principles of Project Management Success

AfDB New Procurement Policy: Training Program for the Bank s Procurement Staff. Risk-based design of Procurement Arrangements - Introduction

Management activities. Risk management

Project Planning. COSC345 Lecture 3 Slides: Andrew Trotman Dramatic presentation: Richard O Keefe. Software Engineering 2013

Project management. Organising, planning and scheduling software projects. Ian Sommerville 2000 Software Engineering, 6th edition.

Test Plan Template (IEEE Format)

1.20 Appendix A Generic Risk Management Process and Tasks

Project Plan RESIDENTIAL PARKS ACT Review Project

PROJECT RISK MANAGEMENT

RISK MANAGEMENT OVERVIEW - APM Project Pathway (Draft) RISK MANAGEMENT JUST A PART OF PROJECT MANAGEMENT

Project Management. Lecture 3. Software Engineering CUGS. Spring 2012 (slides made by David Broman) Kristian Sandahl

Executive Summary of Mastering Business Growth & Change Made Easy

What do you think? Definitions of Quality

Enterprise Security Tactical Plan

DESCRIBING OUR COMPETENCIES. new thinking at work

SEBA Solutions Inc Bellwind Circle Rockledge, Florida voice, fax

Change Management Practitioner Competencies

Welcome to the Data Analytic Toolkit PowerPoint presentation an introduction to project management. In this presentation, we will take a brief look

Organization. Project Name. Project Overview Plan Version # Date

Space project management

Introduction to Software Engineering. 9. Project Management

A Model to Develop and Use Risk Contingency Reserve

Business Continuity Trends, Requirements and Expectations in Brian Zawada (MBCP) Director of Consulting Services Avalution Consulting

What does this mean for the Effective Practitioner?

Master Level Competency Model

PART ONE THE STRATEGIC PLANNING PROCESS

Software Engineering. Project Management. Based on Software Engineering, 7 th Edition by Ian Sommerville

Noorul Islam College of Engineering M. Sc. Software Engineering (5 yrs) IX Semester XCS592- Software Project Management

Behavioral Interview Questions

Maturity Model. March Version 1.0. P2MM Version 1.0 The OGC logo is a Registered Trade Mark of the Office of Government Commerce

Mgmt 301 Managers as Decision Makers. Exploring Management. [Nathan Neale]

BIM Pilot Getting Started Guide. For Construction Professionals. next

How to achieve excellent enterprise risk management Why risk assessments fail

Objectives. Project Management Overview. Successful Project Fundamentals. Additional Training Resources

What to look for when recruiting a good project manager

Project Management Step Wise. Sunday, 4 November 12

Supporting Workflow Overview. CSC532 Fall06

Some of the prime advantages of having a good project management team for a company are as follows:

COMMITTEE OF EUROPEAN SECURITIES REGULATORS. Date: December 2009 Ref.: CESR/

Aligning Correct and Realistic Performance Testing with the Agile Development Process

A METRIC FOR THE ACTIVENESS OF AN OBJECT-ORIENTED COMPONENT LIBRARY

An Introduction to Risk Management. For Event Holders in Western Australia. May 2014

System Development Life Cycle Guide

Managing construction procurement risks

Software Risk Management and Avoidance Strategy

Recognizing and Mitigating Risk in Acquisition Programs

Placing a Value on Enterprise Risk Management ADVISORY

Project success depends on

Appendix V Risk Management Plan Template

Project Risk Management

CHAPTER 24 SOFTWARE PROJECT SCHEDULING. Overview

Table of contents. Providing continuity for your key business processes. A white paper on HP s Business Continuity and Availability Solutions

Project Management for Business Process Improvement

Risk Management (3C05/D22) Unit 3: Risk Management. What is risk?

Project Management. Project Analysis and Definition. Project Management. Project Management People

Succession Planning and Leader Development

Strategic HR Partner Assessment (SHRPA) Feedback Results

DATA QUALITY MATURITY

Features. Emerson Solutions for Abnormal Situations

An Unbalanced Scorecard

LECTURE # 2. 4 P s in Project Management

NHS ISLE OF WIGHT CLINICAL COMMISSIONING GROUP BUSINESS CONTINUITY POLICY

Project Charter and Scope Statement

Guide to Successful Program Management

A Case Study in Global Supply Chain Risk Management: How AGCO Implemented an SCRM Solution to Save Millions

Software Engineering: Analysis and Design - CSE3308

10 Must-Track Metrics in Talent Acquisition

Project Management for Process Improvement Efforts. Jeanette M Lynch CLSSBB Missouri Quality Award Examiner Certified Facilitator

Software Engineering. Software Engineering. Software Costs

Reaching CMM Levels 2 and 3 with the Rational Unified Process

Transcription:

Software Engineering CSCI 3321 Chapter 25 Software Engineering : A Practitioner s Approach Software Risk Management Dr. Thomas Hicks Computer Science Department Trinity University 1 Dr. Thomas E. Hicks Computer Science Department Trinity University Thanks To Ian Sommerville & Roger Pressman For Much Of The Slide Content About Risk Analysis Risk Analysis & Management Risk Analysis & Management are a series of steps that help a software team to Understand and Manage Uncertainty. A Risk is a potential problem that might happen and might not. Regardless of the outcome, it is a really good idea to 1. Identify the risk 2. Asses the probability of it s occurrence 3. Estimate its impact, & 4. Establish a contingency plan should it occur Who Does Risk Analysis & Management Risk Analysis & Management should be done by everyone in the software process. The participant list for Risk Analysis & Management should include 1. Project Managers, 2. Software Engineers, and 3. Stakeholders Why Is Risk Analysis & Management Important? 1. Software is a difficult undertaking. 2. Lots Of Things Can Go Wrong and Many Often Do! Being Prepared: Understanding the Risk, Taking Proactive Measures To Avoid Them, Taking Proactive Measures To Manage Them, & is a key element of a Good Software Manager! 1

4 Step Process Of Risk Management Risk Mitigation, Monitoring, and Management (RMMM) Plan 1. Risk Identification What Are Project Risks? 2. Each Risk is analyzed to determine the likelihood (probability) that it will occur and estimate the damage if it does occur 3. Risks are ranked by probability and impact 4. A plan is developed to handle the risks with high probability The risks with high damage. This plan is often called Risk Mitigation, Monitoring, and Management (RMMM) Plan. What Are Project Risks? Review In A Nutshell Two Basic Strategies For Risk Management Software Risk Management is still in its infancy. What can go wrong? There are two basic strategies for Risk Management What is the likelihood? What is the likelihood? What can we do about it? 1. Reactive Risk Management 2. Proactive Risk Management Reactive Risk Management Don t Worry, I ll Think Of Something! Reactive Risk Management In Reactive Risk Management, the project team reacts to risks when they occur [Indiana Jones school of Risk Management] In Reactive Risk Management, the project team uses a mitigation plan; mitigation means to reduce or alleviate the intensity by adding additional resources in anticipation of fire fighting Reactive Risk Management is a fix on Indiana Jones school of Risk Management failure approach; resource are found and applied when the risk strikes 2

Proactive Risk Management Proactive Risk Management In Proactive Risk Management, a formal risk analysis is performed In Proactive Risk Management, the organization corrects the root causes of risk 1. The team examines the risk sources that lie beyond the bounds of the software 2. The team develops the skills to manage change 7 Fundamental Risk Management Principles Seven Fundamental Risk Management Principles From Pressman Text 1. Maintain a Global Perspective 2. Take a Forward-Looking View 3. Encourage Open Communication 4. Integrate Risk Management 5. Emphasize a Continuous Process 6. Develop a Shared Product Vision 7. Encourage Teamwork We shall further clarify these! Carnegie Mellon Software Engineering Institute Carnegie Mellon Software Engineering Institute 3

Seven Fundamental Risk Management Principles From Pressman Text 1-4 1. Maintain a Global Perspective - view software risks within the context of system and the business problem 2. Take a Forward- Looking View - think about the risks that may arise in the future; establish contingency plans 3. Encourage Open Communication - if someone states a potential risk, don t discount it. 4. Integrate - a consideration of Seven Fundamental Risk Management Principles From Pressman Text 1-4 5. Emphasize a Continuous Process - the team must be vigilant throughout the software process, modifying identified risks as more information is known and adding new ones as better insight is achieved. 6. Develop a Shared Product Vision - if all stakeholders share the same vision of the software, it likely that better risk identification and assessment will occur. 7. Encourage Teamwork - the risk must be integrated into the software process talents, skills and knowledge of all stakeholder should be pooled Risk Management Is Cyclical Common Risk Identification Product Size - risks associated with the overall size of the software to be built or modified. Business Impact - risks associated with constraints imposed by management or the marketplace. control Customer Characteristics - risks associated with the sophistication of the customer and the developer's ability to communicate with the customer in a timely manner. track RISK identify plan analyze Common Risk Identification Development Environment - risks associated with the availability and quality of the tools to be used to build the product. Process Definition - risks associated with the degree to which the software process has been defined and is followed by the development organization. Thoughts To Ponder Technology To Be Built - risks associated with the complexity of the system to be built and the "newness" of the technology that is packaged by the system. Staff Size and Experience - risks associated with the overall technical and project experience of the software engineers who will do the work. 4

Assessing Project Risk- Thoughts To Ponder! 1. Have top software and customer managers formally committed to support the project? 2. Are end-users enthusiastically committed to the project and the system/product to be built? 3. Are requirements fully understood by the software engineering team and their customers? 4. Have customers been involved fully in the definition of requirements? 5. Do end-users have realistic expectations? 4 Risk Components Assessing Project Risk- Thoughts To Ponder! 6. Is project scope stable? 7. Does the software engineering team have the right mix of skills? 8. Are project requirements stable? 9. Does the project team have experience with the technology to be implemented? 10. Is the number of people on the project team adequate to do the job? 11. Do all customer/user constituencies agree on the importance of the project and on the requirements for the system/product to be built? 4 Major Risk Components Performance Risk - the degree of uncertainty that the product will meet its requirements and be fit for its intended use. Cost Risk - the degree of uncertainty that the project budget will be maintained. Support Risk - the degree of uncertainty that the resultant software will be easy to correct, adapt, and enhance. Schedule Risk - the degree of uncertainty that the project schedule will be maintained and that the product will be delivered on time. A Risk Table The Risk Table Risk Probability Impact RMMM Risk Mitigation Monitoring & Management 5

Building the Risk Table Estimate the probability of occurrence Estimate the impact on the project on a scale of 1 to 5, Risk Exposure RE = P x C where 1 = low impact on project success 5 = catastrophic impact on project success Sort the table by probability and impact Risk Exposure (Impact) The overall Risk Exposure, RE, is determined using the following relationship [HAL98]: RE = P x C where P is the probability of occurrence for a risk, and C is the cost to the project should the risk occur. Risk Mitigation, Monitoring, and Management Risk Mitigation - how can we avoid the risk? How To Employ Risk Exposure Risk identification. Only 70 percent of the software components scheduled for reuse will, in fact, be integrated into the application. The remaining functionality will have to be custom developed. Risk probability. 80% (likely). Risk impact. 60 reusable software components were planned. If only 70 percent can be used, 18 components would have to be developed from scratch (in addition to other custom software that has been scheduled for development). Since the average component is 100 LOC and local data indicate that the software engineering cost for each LOC is $14.00, the overall cost (impact) to develop the components would be 18 x 100 x 14 = $25,200. Risk exposure. RE = 0.80 x 25,200 ~ $20,200. Risk Identification Revisited Risk Monitoring - what factors can we track that will enable us to determine if the risk is becoming more or less likely? Risk Management - what contingency plans do we have if the risk becomes a reality? 6

Common Risk Identification Review 1. 2. 3. 4. 5. 6. 7. Product Size Business Impact Customer Characteristics Process Definition Development Environment Risk #1 Product Size Risks associated with the overall size of the software to be built or modified Technology To Be Built Staff Size and Experience Attributes That Affect The Risk Due to Product Size 1. Estimated Size of the product in LOC or FP? 2. Estimated Size of product in number of programs, files, transactions? 3. Percentage Deviation in size of product from average for previous products? Risk #2 Business Impact Risks associated with constraints imposed by management or the marketplace 4. Size of Database created or used by the product? 5. Number of Users of the product? 6. Number of Projected Changes to the requirements for the product? before delivery? after delivery? 7. Amount of Reused Software? Attributes That Affect The Risk Due to Business Impact 1. Affect of this Product on company revenue? Risk #3 Customer Characteristics 2. Visibility of this Product by senior management? 3. Feasonableness of delivery deadline? 4. Number of Customers who will Use this Product Risks associated with the sophistication of the customer and the developer's ability to communicate with the customer in a timely manner 5. Sophistication of End Users? 6. Amount and Quality of product documentation that must be produced and delivered to the customer? 7. Costs associated with Late Delivery? 8. Governmental Constraints 9. Costs associated with a Defective Product? 7

7 Questions That Help To Identify The Risks Due to the Customer 1. Have you Worked with the Customer in the past? Risk #4 Process Definition 2. Has the Customer Agreed to spend time with you? 3. Does the Customer have a solid idea for requirements? Risks associated with the degree to which the software process has been defined and is followed by the development organization 4. Is the Customer willing to participate in reviews? 5. Is the Customer willing to let your people do their job that is, will the customer resist looking over your shoulder during technically detailed work? 6. Is the Customer technically sophisticated? 7. Does the Customer understand the software engineering process? 5 Questions That Help To Identify Risks Due to Process Definition & Maturity 1. Have you Established a common process framework? Risk #5 Development Environment 2. Is that Framework followed by project teams? 3. Do you have Management Support for software engineering Risks associated with the availability and quality of the tools to be used to build the product 4. Do you Conduct formal technical reviews? 5. Have Document Formats been established? 2 Questions That Help To Identify Risks Due to Development Environment 1. Are CASE Tools used for analysis, design and testing? 2. Are the CASE Tools integrated with one another? Risk #6 Technology To Be Built Risks associated with the complexity of the system to be built and the "newness" of the technology that is packaged by the system 8

9 Questions That Help To Identify Risks Due to Technology Risks 1. Is the Technology new to your organization? 2. Are New Algorithms, I/O Technology required? 3. Is New or Unproven Hardware involved? 4. Is a Specialized User Interface required? Risk #7 Staff Size & Experience Risks associated with the overall technical and project experience of the software engineers who will do the work 5. Is the application Radically Different? 6. Are you using New Software Engineering Methods? 7. Are you using Unconventional Software Development Methods, such as formal methods, AI-based approaches, artificial neural networks? 8. Are there Significant Performance Constraints? 9. Is there Doubt the Functionality requested is "do-able?" 8 Questions That Help To Identify Risks Due to Staff/People Risks Recording Risk Information Lots of Tools/Forms Available To Assist Project Managers 1. Are the Best People available? 2. Does Staff have the right skills? 3. Are Enough People available? 4. Are Staff Committed for entire duration? 5. Will Some People work part time? 6. Do Staff have the right expectations? 7. Have Staff received necessary training? 8. Will Turnover among Staff be low? Project : Embedded software for XYZ system Risk Type : schedule risk Priority (1 low... 5 critical): 4 Risk Factor: Project completion will depend on tests which require hardware component under development. Hardware component delivery may be delayed Probability: 60 % Impact: Project completion will be delayed for each day that hardware is unavailable for use in software testing Monitoring Approach: Scheduled milestone reviews with hardware group Contingency Plan: Modification of testing strategy to accommodate delay using software simulation Estimated Resources: 6 additional person months beginning 7-1-96 Software Engineering CSCI 3342 Dr. Thomas E. Hicks Computer Science Department Trinity University Textbook: Software Engineering By Roger Pressman Textbook: Software Engineering By Ian Sommerville Special Thanks To WCB/McGraw-Hill & Addison Wesley For Providing Graphics Of Some Of Text Book Figures For Use In This Presentation. 9

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information