At a glance
Software Risk Management
In 1995 the US Department of Defence named "risk management" as the No 1 information technology "best management practice". Yet in our experience, the careful examination and management of software risk is rare. There is little doubt that as the complexity of the IT environment increases, software risks need to be identified and managed. This programme draws on the work of Carnegie-Mellon's Software Risk Management project, and the ideas of Robert Charette, Barry Boehm and other leading authorities in this field.
Risk management is the process of assessing and planning for project risk. This two-day programme introduces concepts and techniques of formal software risk management. Besides teaching the main ideas behind software risk management, it suggests approaches that can be taken within participants' software projects to mitigate and manage risk factors... before they become problems. The focus is therefore practical: the course helps participants establish risk management programmes within their organisations.
Intended For
Project managers, senior software developers, IT auditors, software quality specialists, IT managers and software leaders from the user community. The course will provide value for anyone responsible for the success of a project.
Prerequisites
It is recommended that participants have previously attendedSoftwareEducation's"Managing Software Projects" course. As a minimum, participants should have a good understanding of software development life-cycles.
Participants are encouraged to bring examples of "work in progress" for software project assessment.
Learning outcomes
On successful completion of the course, participants will be able to:
- Define the major components of a risk management programme
- Identify the risks involved in a particular software development project
- Establish a basic software risk management programme within their organisation.
Content
Introduction:
- Course Objectives
- Why software risk management?
- Common strategies
- Why doesn't it happen?
- Risks vs problems
- Important points
- Ways of defining "Risk"
- Risk as a common concept
- When is formal software risk management appropriate?
- When is it not?
- Three elements of risk management
- Decision trees
- Scenarios and probability
- simulations
- Writing a risk statement
Attitudes To Risk:
- Risks are important
- What's your attitude?
- What is 'Safe Enough'?
- Risk in context
Risk Management Approaches:
- PMI's PMBOK
- SWEBOK
- SEI's risk management program
- Risk in the CMM
- The AS/NZS 4360:1999 and 3931:1998 standards
- Our risk management process
Families of Risk:
- Areas of risk
- SEI's taxonomy
- 'Top Ten' software risks
- A 'Top Ten' list
- Steps involved in risk management
Risk Identification and Analysis:
- Risk identification methods
- Focus area method
- Probability and severity
- Assigning risk
- Root causes
- Primary, secondary, tertiary model
- Scoring risk factors
- Defining criteria
- Composite project risk score sheet method
- Interviewing method
- One practical approach
Risk Mitigation and Contingency Planning:
- Risk mitigation defined
- Risk mitigation options
- Cause - effect diagrams
- Risk mitigation and timing
- Mitigation vs contingency planning
- Triggers
- Quantitative targets
- Triggers and contingency
- Measurement limitations
Best Practices
- Airlie Software Council's "9 Principal Best Practices"
- Capers Jones' list
- Steve McConnell's list
Management Issues:
- Scope
- Risk reporting
- 'Dashboard' reporting
- CSF's for software risk management
- Staffing issues
- Microsoft Consulting Services "Phase O"
- Starting a risk database
- Financials
- Tools
- Summary
Bibliography:
- Bibliography
- Useful web sites
Method Used
Software Risk Management is a mixture of lectures, video, individual and team exercises.
Documentation
Course notes and bibliography. Participants also receive a free copy of Software Education's Survey of Software Risk Management Practices.
