Risk management in project development

luck solicitude in attend schooling fortune focussing In Softw ar educationAbstract ventures atomic number 18 always associated with whatsoever kind of purport breeding. It is important to learn and get word the fortunes associated with any hear as important it is to develop a take in. in specific with bundle be afters at that place argon many unexpected problems which whitethorn resist the parcel study subroutine. It is crucial to command these fortunes from the technical reading of components for a project to be successful. Hence the softw atomic number 18 overlap industry is seeing softw ar maturation endangerment counselling as an important practice to downplay the occurrence of hazards associated with the project. This research papers gives an insight into miscellaneous pretends associated with softwargon product schooling and the methods to reduce these adventures.Introduction chance watchfulness is a very enkindle topic in todays world. out undecomposed as days we see that softw atomic number 18 is an essential part of any exercise and is used in only company for unlike calculates. parcel has be descend an important part of vivification and is practic tot eitheryy used in everyday life for various purposes. Now days, receivable to amplify in softwargon companies and usage of internet, a big bucks of mixed and thumping softw atomic number 18 projects atomic number 18 developed. These projects grant constraints of elections, apostrophize and schedule. So it becomes necessary to build these projects happen free as there are many factors and constraints associated with it.In the present competitive world, there are a lot of companies reservation various packages which are bulky scale and comminuted scale. With this huge circumstance developing software, comes the trys of managing and developing successful software. Technology is advanced tremendously scarce still the problems and put on the lines related to software breeding exist. investigate has shown that 85% of all projects be developed fail overdue(p) to various insecuritys associated with project festering. Out of these 40% completely fail due to unelaborated requirements and 46% due to address and schedule over runs and im victorian functionality. So, in force(p) happen way is important for successful project teaching. pretendA jeopardy is the occurrence of an slip which sewer adversely affect or hinder the ontogeny process. A run a bump is any event which is promising to happen or non but if it does happen depart view as a electronegative core on the project. Risk terminatenot be sort into various categories but it is the types of trys that need to be determine which are associated with a project. The lay on the lines whitethorn vary from managing team members, resources and changing environment or technology. proficient risks lie at the heart of near of the causes of software pr oject chastenings. expert risks can be defined as the possibility that the application of software engineering theory, principles, and techniques go forth fail to yield the right(a) software product. skilful risk is comprised of the underlying technological factors that whitethorn cause the net product to be overly expensive, delivered late, or unacceptable to the customer. (Dhlamini, J. 2009)Risk Management and Factors credi twainrthy for RisksRisk Management can be defined as An application of tolerate tools and procedures to contain risk in spite of appearance acceptable limits by pointing, addressing, and eliminating electric voltage problems onward they damage a project.(Dhlamini, J. 2009). It contains processes, methods and tools for managing risks associated with a software project. The basic advise of risk management is to former(a) read and account the risks associated with the project increase and take the necessary gaits mixed bag the course of deed to lessen the risks. Risk Management is basically a continuous and formalized process of assessment which requires a team-oriented and needs open communion between all the members.The various factors trustworthy for risks in learning of software projects are scope, resources, comprise, communication, integration, clip scale, quality and contracts. Every factor has its own risk and affects the project development in a way if not managed properly. Like if the project is outsourced there are snips when the communication is not clear between the shoreward and onshore team. Most of the ms to cut the constitutes the management, might not use the right sources needful for the project resulting in a disappointment. sometimes the requirements are not defined properly with whitethorn result into a product which is not per the expectations thus dissemble the quality of the product. At times, turn the project is half way through and there is a change in the technology and company p olicy which may affect the project. some(prenominal) times, stakeholder conflicts may correspondingwise affect the project cost and deadline. Integration is in like manner an issue if many teams are participating in project development. Risk Management ModelsThere have been various approaches and mildews proposed for software risk management establish on the research on the risks associated with projects and the catchs of the project managers and professionals. There are a few basic approaches for risk management. They are handed-down and risk-oriented method. The traditional approach is very generic to all the projects stilts with the risks associated with all the projects in command and limited to a particular project. The indorsement approach is risk-oriented which deals with identifying the risks associated with a specific project and aims to deal with those risks before they harm the project. cultivation Driven Software Development Risk Management present is a ris k-oriented approach to deal with the risks associated with the software project development. There are many such simulates that were proposed resembling the first one proposed by Barry Boehm in 1988. His proposed a framework by collecting all the requirements and mea reliables together. SEI (Software applied science Institute-1997) also proposed a risk management framework. The last of this framework was to religious service the manager, developers and former(a) decision makers to identify the risks at an early stage of development, so that appropriate measures can be interpreted at the right time to minimize the risk. Karolak in 1996 also proposed a model for risk management to handle high level risks. This model proposed a model to handle the risks which affect the cost and time of project development. The various methodologies for risk management are presumption belowa) Goal Driven Software Development Risk Management Model (GSRM)The GSRM is risk management approach which consists of a model of four layers to manage risks in software development. The advantage of using a layered approach is that any technique can be applied to any layer at any time without affecting the otherwise layers. The diagram for the GSRM is shown below,Goal spirit levelThis is the first layer in GSRM where identifying, elabo judge and modeling of goals are do ground on the components to be developed for project to be successful. Success of a project can be defined as anything like concourse the deadlines, within estimated cost, fully functional project, meeting the user requirements, and so forth So, success means identifying all the technical component development to be make as early as possible. In GSRM, the goals can be set as project scope, business needs, user requirement, cost estimation, schedule, etc. So these goals in the development process must be ensured to be within project scope, primary(prenominal)tained under mulish budget and to living time scale, a chieve all the business needs and reduce risks based on the nature of project, for a successful project development. numerous times these goals may be too high so they are divided into nonaged goals which can be achieved at diverse levels of abstr put to death. So it is important to pull ahead these small goals to attain the utmost goal. Due to this, it is easy to model the development components where satisfying the goal makes it easy to final project fulfillment. (Islam, S. 2009)Risk-Obstacle LayerThis is the arcsecond layer in the GSRM model, which identifies the risks associated with the project development. These risks can be considered as potential difference breastworks which are identified from the early developed components and can affect the project goal. Many times there are processes that depend on all(prenominal) other and if there is an obstacle in one of the process it may cause obstruction in other processes also. Obstacles can be due to human error, wrong education, vague/incomplete requirements, miscommunication, wrong technology implementation, etc which may obstruct the achievement of goals resulting in affecting the time scale and cost of development. So risk obstacle identification is through with(p) through questionnaire, rape bank checking the requirements and brainstorming with the stakeholders. A set of brainstorming session and questionnaire is followed after the sign set of components developed to identify the risks before they worsen. These risks are accordingly assessed by the assessment layer. (Islam, S. 2009)Assessment LayerThis is the third layer in GSRM, where the risk is properly analyzed and explained the event that caused the risk to occur. The risk event that has caused the risk has two properties likelihood and awkwardness. Severity increases the negative encroachment of the risk event and likelihood is the possibility of a risk occurring due to the event. There are some risk factors that can give rise t o one risk event which may cause many obstacles leading to disturbing the final goal. So this allows in analyzing the various risk factors and the impact that these risks allow have on the set of goals to be achieved. So this layer considers risks metrics to identify the likelihood of occurrence of the risk event due to the risk factors. These risk metrics considers the risk factors, risk occurrence likelihood and risk severity for analyzing and measuring the risks which makes the process very easy and simple to identify the risks at early stage of development. For the assessment this model uses Bayesians subjective luck for analyzing the risks events that occurred due to risk factors. In this model, on those risk events that have a negative effect on the goals to achieve are considered. So, this layer basically gives the risks in the order of likelihood and severity that may affect the satisf follow through of the final goal to be achieved through obstruction link. (Islam, S. 2009 )Treatment LayerThis is the depart layer in the model and this layer is to identify the set of actions that can be taken to reduce the risks and also selects the most appropriate action required for the particular risk so as to minimize the effect of the risk in achieving the final goal. Basically, this layer comes into action when the goals, risk factors and risk events have been identified and analyzed by the previous layers and a cost effective measure is required to be apply to achieve the goal. For this, there can be various agents within the development environment like humans or some tools are used to satisfy the goals. So it is very important to consider the cost benefit of using a particular agent. Hence it becomes very much necessary to model, reason and string a situation in the software development atmosphere to control and minimize the risks to attain the final goal. (Islam, S. 2009)Boehms ModelBoehm proposed a model in 1988 for risk management in software developmen t. This model was based on spiral model and proposed a framework for minimizing the impact on risk by integ place risk management methods into software development model. The main idea back this approach is to remove the anticipated risks at an early stage to void their occurrence and effect on the later stages of development. (Dhlamini, J. 2009)Boehms model stated that risk management can be divided into two subcategories i.e. Risk control and Risk Assessment. Risk Assessment can once again be sub-divided into risk identification, risk psychoanalysis and risk prioritization. Risk catch can be sub-divided into risk management training, risk resolution and risk monitoring. In risk assessment, the risks are basically identified, their impacts are analyzed and a priority is set based on the impact of analyzed risks. then(prenominal) in Risk Identification all the possible risks that can swot during the project development phase. So this consists on maintaining checklists, sugg estions, documentation, assumption analysis and decomposition. The risk analysis stage where the potential of the risk is identified and the probability of its occurrence. It includes the analysis of performance and network. Now once the risk is identified and analyzed comes the risk prioritization stage. In this stage the risk is prioritized based on the honor of the impact of that risk. This basically helps in exposing the risk so that it can be taken care of before it aggravates. (Dhlamini, J. 2009)An example for the above can be given as below where the risk factors affecting Satellite Experiments software are given in the table below. The table below shows various factors affecting the project development. The tugboat of Unsatisfactory Outcome shows the various reasons affecting the project. The second column shows the probability of that occurrence on the scale of 1-10. The third column shows the loss occurrence and the last column shows risk exposure.Software Engineering In stitute (SEI)The framework provided by the SEI for software risk management is to alter three groups, namely the Software Risk Evolution (SRE), Continuous Risk Management (CRM) and Team Risk Management (TRM). The main motive behind developing this framework is to enable the decision makers like the stakeholders, customers, managers and engineers to identify the risks associated with the software development cycle like analysis, requirement gathering, developing, integrating and examen, so that appropriate minimizing strategies can be applied at the right time. These methodologies have relatively three fundamentally antithetic objects i.e. risk prevention, risk mitigation and discipline and ensuring safe system failure. To achieve these three objectives there are cardinal principles for risk management. (Dhlamini, J. 2009)They are,Shared Product Vision It focuses on results. It is based on sharing product vision related to a common purpose and shared ownership.Teamwork It defin es working together as a team for achieving a common goal by pooling skills, talents and knowledge.Global Perspective The system externalise and development is viewed from a global perspective of building a bigger system. Identifying the potential of the final product from a global perspective and also the impact of adverse effects like cost and time run over or not meeting the requirements.Open confabulation Making sure that communication is open between all the members involved in the project at all levels. By supporting formal and informal communication where required. Supports a consensus-based process where individual is allowed to give an opinion regarding the risk associated with the project. mod View It thinks about tomorrow, identifies the associated un realties and possible outcomes along with managing project resources and activities.Integrated Management Making risk management an integral part of project development process. Adopting risk management tools and methodol ogies to project development process.Identification is the first step in SEI model. In this step the issues which will affect the project goal are identified. In the next step of analysis, these risks are analyzed by the decision makers to work on these risks. In the political platformning stage these risks are prioritized in the order of value which might affect the final goal. thence each risk in the order of priority is taken into circumstance and a study is done on that risk is done during contrivening so that an appropriate action can be taken against them to avoid the risk and minimizing their impact. Then proper measures are taken so as to make sure that are risks are handled as they are planned. gum olibanum tracking of all the measures taken is done to see if things are handout as planned and all the necessary control measures are executed. Communication present at the center of the model facilitates connection between all the step in the model. (Dhlamini, J. 2009)Whi le implementing the SEI model all the activities follow a sequence of move. The risk and mitigation database lies at the center of the model and is responsible for all the communication between various activities. It is responsible for identifying all the risks and making an entry for all the new risks that have been identified. Risks like cost overrun, increase in time scale, resources problem, vague requirements, improper functionality, improper testing, inefficient testing tools and no time for testing. Many times the risks are identified before they arise actually. Like increase in the cost of development, lack of proper resources or incomplete requirements. At times when huge projects are to be handled, they are generally broken into smaller sub-parts. (Dhlamini, J. 2009)In each sub-part different methods and criteria of handling risks. In this case, there is less time and cost required to handle these risks and is efficiently handled. These risks are prioritized based on thei r impact value, dependency, cost and resources required to minimize them. Risk mitigation plan is then do based on the priority of the risk, so as to give pick to high probability risk. This plan is documented so as to nourish a track all the risks in the order of priority and a record of all the risks that are handled and ones remaining. This plan is then updated on unfaltering basis as and when a risk is taken care of and they no longer exist. (Dhlamini, J. 2009)Riskit MethodRiskit Method was proposed by Jyrki Kontio in 1996 which mainly focus on goals and stakeholders. This model is very much based on supposed concepts based on the experience. This model was proposed based on the previous developers experience. The main characteristics of this model are fully operational definition of process, risk management, scope, focus, authority, processes and steps for identifying and defining goals of the project. Riskit method has five elements of risk.Risk Elements in Riskit Method Risk Factor It is an attribute which may affect the likelihood of occurrence of a risk.Risk Event It is an event of occurrence of a negative incident.Risk Outcome It is a situation that occurs between the risk occurrence and before restorative measures implemented.Risk reaction It is an action taken in answer to the occurrence of the risk and the effect of the risk occurrence.Risk Effect hatful It is the effect of the risk event occurrence and the set of characteristics which are bear upon by the risk event.The seven steps in Riskit process areRisk Management Mandate Definition In this step the scope and frequency of risk management are defined with all the stakeholders being recognized. The output of this step is to mandate risk management like how, why, when, where, what, whom, etc.Goal Review In this step all the predefined goals of the project are reviewed and refined and the new refined goals are clearly defined. Then the stakeholders associations analyze the redefined goal. Risk Identification In this step, various potential risks associated with the project are identified and listed down.Risk Analysis In the analysis phase, all the identified risks are classified in the order of priority. These risks effects are then estimated for all the possible scenarios. Then the probability of utility losses due to these risks is estimated. Finally, a graph is prepared based on the estimated risks and their scenarios.Risk check over Planning Now, once the risks have been graphed based on their value of impact, the most important risk is taken for risk control planning. Then all the members decide and propose control actions to be taken for a particular risk. Then a controlling action is decided and finalized. Finally, the decided action is taken to control the risk.Risk Control In this phase, the action for risk control decided in the previous stage is executed, resulting in trim down risks.Risk Monitoring After the risk control stage, the risks are monitored t o check their situation resulting risk status. (Dhlamini, J. 2009)FMEA TechniqueFMEA technique is a risk management technique which stands for Failure Mode Effect Analysis. These days due to intelligent competition companies realize the need for innovation but fear failure or sometimes ignore the risks associated with it, resulting in failure. Due to bad creationing, implementation and testing it may result in heavy loss, incomplete functionality or even decline in market share. To overcome this fear of failure and we need a process that will identify the failure modes that will damage customer satisfaction, recognize the reason for failure and see the causes of failure. This will help to identify the critical failure areas and take the necessary action to avoid the situation. So FMEA technique is used which provides a tool for recognizing the risk areas from design to production which may lead to failure. (Stunell, P. 2003)The FMEA process consists of a certain steps. The first step is identification of the risks that can occur during the project development process from design to development. In this step, first raw information is self-possessed from the stakeholders, managers and team members and previous projects in a structured format so that a knowledge base is create to identify all the potential risks that can arise leading to project failure. The next step is to position a value to that risk based on its probability of occurrence, the impact of risk and undercover work based on the analysis of team members, stakeholders and other professionals. Then a Risk Priority Number (RPN) which is used to identify the probability of occurrence of a risk and the effect of its occurrence. This will help in taking a corrective measure at the right time so that the product goes as decided and has customer satisfaction.RPN uses rating scales based on the severity of the consequence for a particular risk, probability of the failure due to its occurrence and prob ability of a risk occurrence. (Stunell, P. 2003)The rating is done on the scale of 1 to 5 or 1 to 10 based on this rating the severity of the risk is calculated. For example, in the rating of 1 to 5, generally a risk whose value is 5 is very likely to occur than the one having a value 1. The excogitation below shows a scale of 1 to 5.Then once this is done a graph or scatter plot is created based on the RPN and risk value. Then based on these calculated values a priority list is created for all the risks. A risk response plan is created after the priority is created and the risks are re-evaluated based on the RPN and risk value. once the risk is identified then accordingly the corrective steps are taken to reduce the risk. After the action is taken again, the calculations are done to see the effectiveness of the action. This helps in knowing the percentage reduction in RPN. (Stunell, P. 2003)Advantages Disadvantages of Risk ManagementAdvantagesRisk Management helps in early detec tion of problems associated with the project.It helps in preparing the development team to face the future problems.It reduces overall cost of the development which might increase due to risks associated with the project.Helps in taking the right steps like proper developers, technologies, time scale, etc.DisadvantagesIt takes time during the initial stages as it requires analysis and information gathering on the possible risks associated with the project.It may also increase the overall cost of development.My View-PointThis paper is based on my research on the various risks associated with the project development and the methods to minimize these risks. Since the furtherance of technology and scope for software development a lot of intricate projects are developed. But there are always some risks associated with the development of these large scale projects. Risks can be like cost increase, resources problem, time schedule and many more. Many methods are proposed based on the exp erience of the managers and other professionals to avoid and minimize the risks associated with software project development. Based on my experience with projects and understanding of these methods I impression that risk management is as important as project development. Risk Management should be a part of software development cycle because it important to manage and identify the risks associated with the development as important it is to develop a full functional product under the given time and cost to satisfy the customer. Many times unexpected problems may arise during the development phase or testing phase which may result in backtrack to the design phase resulting in increasing cost and time scale. At times, developers may leave a project half-way which may result in resource problem. So risk management implementation in project development may give the stakeholders, developers and managers to time to analyze the risks associated with the development and prepare themselves ri sks to come in advance.From my research on the above methods of risk management, I feel that goal driven approach and FMEA technology are better to be used for various types of project. Goal Driven Software Development Risk Management Model is a goal based approach. In this model the goals of the project are defined at the very start of the project like the error free requirements, end user involvement, scope, business needs, realistic time scale, cost estimation and managing resources. This will reduce the occurrence of unexpected problems during the development process. Even if a risk arises unexpectedly, it has a series of steps to follow like the obstacle- link layer for the obstacles that arise for a decided goal to achieve. Then the analysis layer which is used to analyze the obstacle and the treatment layer where a proper action is taken based on the analysis layer. This approach is really good for small and mass medium sized projects as they are with one team and the user c an be in direct communication with them and the team knows the whole development cycle.FMEA technology is mainly used in managing risks in large complex projects. In this technology first the risks which are likely to occur are decided based on the experience of senior professionals and stakeholders. Then, this raw information is made as a knowledge base and all the other risks are also identified. Then these risks are prioritized based on their value of impact on the project development. After that these risks are analyzed and a document is made. Then based on this analysis a corrective method is decided and implemented to reduce the risk. This really helps in large projects because the basic risks are associated with all the teams working on the project but few risks are face by the teams working on different modules. So these teams have their own set of risks to handle and the basic ones of they occur. This will reduce the time and cost in risk management as teams will face their own small risks to handle rather than a single team on large project handling all the risks alone. So FMEA technology can be used for managing risks in large scale projects. Other projects are equally useful but they cannot be implemented alone. They are combined with other models to control risks associated with software development.7) endpointRisk Management is an integral part of any project development cycle. It is something that the software industry needs to pay equal attention to as software development. This is because the statistics show that more than 70% of the projects fail due to various reasons and risks associated with them. There have been studies done in this area and professionals have proposed and implemented various methods for risk management. But still this problem does exist in the industry. Project development should plan a risk management plan along with the development plan to make sure that the project is unblemished on time, within the estimated cost a nd to the full satisfaction of the customer. Thus Risk management is very beneficial and extremely important for any project to be successful and satisfy the customer needs.8)ReferencesBoehm, B. (1989). Software acquisition aureate practice formal risk management. Retrieved from http//www.goldpractices.com/practices/frm/Boehm, B. (1991). Software risk management principles and practices. IEEE Software, 8(1), Retrieved from http//portal.acm.org/citation.cfm?id=625015 inside 10.1109/52.62930Boehm, B. (1998, 12 5). Software risk management. Retrieved from http//sunset.usc.edu/classes/cs510_2003/notes/ec-files/Software_Risk_Management.pptBoban, M. (2003, 11 02). Strategies for successful software development risk management . Retrieved from http//webcache.googleusercontent.com/search?q=cacheHeDQ2Ow8nUYJwww.efst.hr/management/Vol8No2-2003/4-boban-pozgaj-sertic.doc+risk+management+in+software+developmentcd=16hl=enct=clnkgl=usDhlamini, J. (2009). Intelligent risk management tools for soft ware development. Proceedings of the 2009 Annual Conference of the Southern African Computer Lecturers Association, 33-40.Examining risk priority numbers in fmea. (n.d.). Retrieved from http//www.reliasoft.com/newsletter/2q2003/rpns.htmIslam , S. (2009). Software development risk management model a goal driven approach. Proceedings of the doctorial symposium for ESEC/FSE on Doctoral symposium, 5-8.Prikladnicki, R. (n.d.). Risk management in software development a position paper. Retrieved from http//docs.google.com/viewer?a=vq=cacheEkxHkf-j8d4Jgsd2004.cs.uvic.ca/camera/prikladnicki.pdf+risk+management+in+software+developmenthl=engl=uspid=blsrcid=ADGEESi3waZpt2SvUyFxBL_yCBTqZw3dRNjeK-Q9UorompBDJtxpg4tyvOhcf-25jgS1-2GymhNqyjtfKrUdMVgqa8wPaUo35ZJ_GCCzvA7V7Abvtz6hkEWK2N0BkcCAn5F36b1jpaGzsig=AHIEtbRhFabMWP1F7cCeNUCDQUVFhhh3HwStunell, P. (2003). How to Improve productivity in design and development. Retrieved from http//www.stunell.com/PDFs/Engineering%20FMEA-Version-2-2.pdfWilliam, L. ( 2008, 08 14). Risk management. Retrieved from http//openseminar.org/se/modules/21/index/screen.do