What is Software Risk and Software Risk Management?
When there is a possibility of loss in the software development process then we call is software risk. This loss can be an increase in production cost, poor quality software, unable to complete the project on time, etc. The existence of software risk is due to the fact that there are many known and unknown things that you are not able to include in the project plan. There are internal risks and external risks where internal risks are those within the control of the project manager and external risks are those beyond the project manager’s control. Identifying the risk, reduction of its impact, reduction of the likelihood of risk, and monitoring the risk are the important steps in carrying out risk management.
Every possible cause of risk has to be dealt with by the project manager.
There are risks that are facts known to the team and the entire project. An example of this would be not having enough number of developers that can delay project delivery. The project management plan considers these risks.
Some know risks can be unknown in the sense that the project team doesn’t know if these risks exist in the project. An example of this is not being able to get the client’s requirement properly due to poor communication. This is a known risk but what is unknown is if the client has indeed communicated all the information properly or not.
You cannot know some risks. Technology is usually behind these risks and it is when clients ask you to work on technology that you have no knowledge about so you expose yourself to risk.
What is involved in software risk management is quantifying risk. There are many things involved in this including having a precise description of risks that can occur in the project, defining a risk probability which explains the chances for the risk to occur, defining how much loss a risk can cause, and defining the liability potential of the risk.
Studying previous projects can help identify risks that you may be exposed to. Check for all possible vulnerable areas to risk. Make a flowchart to examine all essential areas. Identify the known unknowns that can affect the project. Evaluate any decisions taken related to different factors including technical, operational, political, legal, social, internal and external. Here you define the processes that are important for risk identification.
Software risk analysis involves identifying and categorizing risk. You also need to analyze its impact. It is then followed by software risk planning. Involved in software risk planning are defining preventive measures that would lower down the likelihood of risks, defining measures that would reduce the impact when a risk happens, and constant monitoring of processes in order to identify risks early.
Software risk monitoring is integrated into project activities and regular checks are conducted on top risks.