Friday, November 11, 2016

What is Software Risk Management (SRM)?

Overview

Software risk management (SRM), is a process that combines a set of tools, processes and methods for managing risks in the software development life cycle.

 In the SRM process, we want to make a productive decisions about the things that can go wrong in different levels (Business, project and software), understand the importance of each risk and his severity, create a dedicated strategy to handle it, and finally implement the strategy to remove it.

תוצאת תמונה עבור ‪risk management best quotes‬‏

The 5 phases of Software risk management 


Risk identification
The first and probably the most crucial stage of the entire process, in this step we want to search and identify the risks that may come up during the SDLC and affect the project.

Risk Analyze
In this stage we need to determine the level of risk for each item in the list we prepared on stage one, the level of risk is determined by the likelihood of the risk to occur and on the impact that he has on the project.

Plan/implementation 
Based on the analyzed information, a plan is created and implemented (this plan is set to handle each risk with the corresponding set of actions).

Track/Monitor
Tracking the set of decision and actions that issued.

Controlling
Fixing any deviations that occurred at the implantation stage.

 

What data should be included in the Risk report? 


Any risk report should contain the following components:

Trigger – The reason that will cause the occurrence of the risks.

Probability – What is the “Likelihood” of this risk to append?

Consequences – What will be the effect of the risk?

Solution – What solution/Tasks should be performed to eliminate the risk or prevent it from happened.

 

The main goals of the SRM process

  • Develop an efficient test plan that will cover the areas that has the higher risks.
  • Learning the cause of risks and remove them from future projects.
  • Minimize the impact on different levels of the SDLC.
  • Monitor the changes made based on risk removal.
  • Anticipate and identification of the hidden risks.
  • Understand the location of the risks.
  • Provide confidence in the software.
  • Remove the risks.


The main benefits of the SRM process

  • Help to improve the current business strategy and project planning.
  • Help to answer the question “How much testing is enough..?”
  • Help to remove potential risks on earlier stages of the project.
  • Create a better communication between the business units.
  • Reduce the probability to encounter unwelcome surprises.
  • Provide an effective way to use the available resources.
  • Help to reduce the number of risks in a software.
  • Increase the chances to finish the project in time.
  • Help to design a productive testing matrix.
  • Help to design an efficient SDLC process.
  • Protecting the reputation of the business.
  • Promoting continues improvement.
  • Lower the project costs.

The environmental keys that build a successful SRM process

  • Realistic demands of the process and his outcomes (Technical, schedules Etc.).
  • The Management should review the SRM activities and add their input.
  • The SRM process should be supported with an appropriate budget.
  • The SRM process should be supported with dedicated timeframe.
  • Management should endorse and support the SRM process.
  • Management and workers' commitment to the process.
  • Working together to achieve a common goal.
  • Corporation between all resources involved.
  • Define a Clear project scope.
  • Project personnel are being trained both in the processes to be carried out and in the methods that going to be involved.
  • The project owners received the required training that should help them to identify and remove the risks.

 

The questions that you need to answer in advance:

  • What is the set of skills and knowledge that needed from the SRM resources?
  • What is the set of tools that we are going to use in the process? 
  • What are the actions that would be conducted at each step?
  • On which criteria we prioritize the identified risks?
  • What are the available timelines for the process? 
  • What we want to achieve in the SRM process?
  • What are the steps that need to be constructed?
  • What are the success/failure criteria?
  • How can we monitor the process?
  • How often we need to report?
  • Who is going to be involved?

1 comment:

  1. It would be really good if you could amplify with a practical illustration. For example; changing requirements is an ever present risk. How would you fit this into the framework above?

    ReplyDelete

My Presentations