School of Computing and Information Systems
The University of Melbourne
Copyright University of Melbourne 2021-2022
Copyright By PowCoder代写 加微信 powcoder
2022 – Semester 1 Week 3, Module 3
Software Processes & Project Management
Risk Management
Learning Outcomes
Understand the fundamentals of risk management
Understand the Risk Management Process
Understand how to:
plan risk management activities identify risks
analyze and assess risks respond to risks (risk strategies) monitor and control risks
SWEN90016 Software Processes and Project Management -2- Risk Management
Respond to Risks
• Purpose of risk analysis and assessment is to identify what opportunities and threats should be addressed
• It is not feasible (or advisable) to respond to every threat or opportunity because this requires resources, which are usually diverted from the project, which could have more negative impacts on the project
• Therefore, it is important to select appropriate response strategies
SWEN90016 Software Processes and Project Management -3- Risk Management
Risk Response Strategies
• Four common strategies to handle threats: 1. Accept or Ignore
This means that we believe that the risk is of an acceptable exposure, that we hope that the event does not occur, or that the risk exposure is less than the cost of any techniques to avoid, mitigate, or transfer it.
This means that we completely prevent the risky event from occurring, by either ensuring its probability is 0, or ensuring its impact 0.
SWEN90016 Software Processes and Project Management -4- Risk Management
Risk Response Strategies
• Four common strategies cont..
3. Mitigate
This involves employing techniques to reduce the probability of the risk, or reduce the impact of the risk. This results in a residual risk — that is, a risk consisting of the same event, but with a lower probability/impact, and therefore low exposure. We then must analyse the residual risk as we would our primary risk.
4. Transfer
This involves transferring the burden of the risk to another party. Insurance is one example of risk transfer, in which the impact of the risk is offset by payments from the insurer. Another example is outsourcing a portion of the work to somebody with more knowledge and expertise, which comes at a cost.
SWEN90016 Software Processes and Project Management -5- Risk Management
Risk Response – Example
• Example: Risk of a third-party software application
Consider the example of using a third-party software application to provide some functionality of a system that is being developed.
Do nothing because the vendor is reliable and have delivered quality software in the past.
Developing the required functionality in house, rather than buying it or change the requirements so that the functionality is not required at all.
Make the request date well before the required date.
We can also reduce the impact of the risk by designing the system such that the third-party application is accessed via a standard interface, and by producing a dummy implementation of that interface that allows development to continue if the third- party application is delivered late.
Specifying in the contract that any costs resulting from late delivery of the system will be paid for by the vendor of the third- party application.
SWEN90016 Software Processes and Project Management -6- Risk Management
Risk Response Strategies
• Four common strategies to handle opportunities: 1. Exploit:
Add work or change the project to make sure the opportunity occurs
2. Enhance:
Increase the probability and positive impact of risk events
Allocate ownership of opportunity to a third-party
This means that we believe that the cost to exploit or enhance is not justifiable so do nothing about it.
SWEN90016 Software Processes and Project Management -7- Risk Management
Risk Response Plan
• Once risks and strategies are identified, they can be documented as a part of a risk response plan, also called a Risk Register.
• Template of a simple risk register
– Risk ID: a unique identification for the risk
– Trigger:thetriggerthatflagsthattheriskhasoccurred
– Owner:thepersonorgroupresponsibleformonitoringandresponding – Response:thestrategyforresponding
– Resources:requiredresources
Resources Required
Risk Register
SWEN90016 Software Processes and Project Management -8- Risk Management
Learning Outcomes
Understand the fundamentals of risk management
Understand the Risk Management Process
Understand how to:
plan risk management activities identify risks
analyze and assess risks respond to risks (risk strategies) monitor and control risks
SWEN90016 Software Processes and Project Management -9- Risk Management
Monitor and control risks
• Once the risk response plan has been created, triggers must be monitored to keep track of various project risks
• New threats and opportunities may arise in the course of the project – they must be identified, analysed and responded to
• Risk monitoring must be part of the overall monitoring and control of the project
SWEN90016 Software Processes and Project Management -10- Risk Management
Monitor and control risks
• Tools for monitoring and controlling:
– RiskAudits:
• external team looks at comprehensiveness of the identification process and ensuring other procedures and processes are in place
– Risk Reviews:
• internal reviews of risks periodically that result in status reports generated for PM and those who need-to-know
– Risk status meetings:
• risks must be reviewed and discussed in project status meetings, which are periodically held in projects (e.g. weekly meetings)
SWEN90016 Software Processes and Project Management -11- Risk Management
December 2008 – Manage By Walking Around | Risk management, Manager humor, Risk analysis (pinterest.com.au)
Risk Management Process
SWEN90016 Software Processes and Project Management -13- Risk Management
Learning Outcomes
Understand the fundamentals of risk management
Understand the Risk Management Process
Understand how to:
plan risk management activities
identify risks
analyze and assess risks
respond to risks (risk strategies) monitor and control risks
SWEN90016 Software Processes and Project Management -14- Risk Management
References
• Shari L. Pfleeger and Joanne M. Atlee. Software Engineering: Theory and Practice. Prentice–Hall International,
3rd edition, 2006.
• R. S. Pressman. Software Engineering: A Practitioner’s Approach. McGraw Hill, seventh edition, 2009.
• J.T. Marchewka. Information Technology Project Management. & Sons, fourth edition, 2012.
SWEN90016 Software Processes and Project Management -15- Risk Management
程序代写 CS代考 加微信: powcoder QQ: 1823890830 Email: powcoder@163.com