What is Software Risk and Software Risk Management?
When there is a possibility of loss in the software development process then we call is software risk. Losses can include production cost increase, poor quality software, inability to complete the project on time, and more. The reason for the existence of software risk is that there are many known and unknown things that you are not able to include in the project plan. Risks within the control of the project manager are internal risks but beyond his control are external risks. Risk management involves identifying the risk, reducing its impact, reducing the likelihood of risk, and monitoring the risk.
Every possible cause of risk has to be dealt with by the project manager.
The team and the entire project know some of the risks involved in any project. A known risk can be a project delay because of not having enough developers. The project management plan considers these risks.
Some know risks can be unknown in the sense that the project team doesn’t know if these risks exist in the project. An example of this is not being able to get the client’s requirement properly due to poor communication. This is a known risk but they don’t know if the client has actually communicated all the information properly or not.
You cannot know some risks. These risks are usually related to technology that you have no idea about but your client wants you to work with it so you expose yourself to unknown risk.
Quantifying risks is involve in software risk management. What is included in this is having a precise description of risks even that can occur in the project, defining a risk probability which explains the chances for the risk to occur, defining how much loss a risk can cause and defining the liability potential of the risk.
Studying previous projects can help identify risks that you may be exposed to. It is important to check all areas that are vulnerable to risk. A flowchart is very useful in examining all essential areas. Identify the known unknowns that can affect the project. Evaluate any decisions taken related to different factors including technical, operational, political, legal, social, internal and external. Here you define the processes that are important for risk identification.
Software risk analysis involves identifying and categorizing risk. Then its impact is analyzed. It is then followed by software risk planning. In this phase, preventive measures are defined that would lower down the likelihood of risks, measures are defined that would reduce the impact when a risk happens, and constant monitoring of processes to identify risks as early as possible.
Software risk monitoring is integrated into project activities and regular checks are conducted on top risks.