There are many risks involved in creating high quality software on time and within budget. With ever increasing software complexity and increasing demand for bigger, better, and faster product, the software industry is a high-risk business. When teams don't manage risk, they leave projects vulnerable to factors that can cause major rework, major cost or schedule over-runs, or complete project failure. Adopting software risk management processes is a step the can help effectively manage software development and maintenance initiatives. However, in order for it to be worthwhile to take on these risks, the organization must be compensated with a perceived reward. The greater the risk, the greater the reward must be to make it worthwhile to take the chance. In software development, the possibility of reward is high, but so is the potential for disaster. Risk exists whether it is acknowledged or not. People can stick their heads in the sand and ignore the risks but this can lead to unpleasant surprises when some of those risks turn into actual problems. The need for software risk management is illustrated in Gilb’s risk principle. “If you don’t actively attack the risks, they will actively attack you" [Gilb-88]. In order to successfully manage a software project and reap the rewards, software practitioners must learn to identify, analyze, and control these risks. This paper focuses on the basic concepts, processes, and techniques of software risk management. This paper was presented at the ASQ World Conference for Quality and Improvement, May 2009.
Software Program & Project Management
This paper was presented at the American Society for Quality's Annual Quality Congress (ASQ AQC) in May 2003.
Before the task of purchasing commercially available software, contracting a supplier to create a custom software package, or developing a “homegrown” software application can commence, adequate planning must take place. Having a defined software acquisition and supplier management process helps insure that important steps in the acquisition process are not forgotten. Predefined goals and objectives align the business needs with the mission of the acquisition. The software industry is now several decades old, however problems including schedule slippage, budget overruns, missing functionality and poor quality and reliability are still prevalent. These continuing issues make the need for good software acquisition and supplier management practices essential to the success of our organizations. This paper discusses the first seven steps in the Software Acquisition and Supplier Management process, including:
Step 1: Planning the acquisition
Step 2: Defining the software product’s requirements
Step 3: Determining the acquisition approach
Step 4: Identifying and evaluating potential suppliers (and their software products)
Step 5: Defining the contract requirements
Step 6: Selecting a supplier
Step 7: Negotiating and awarding the contract
There are many risks involved in creating high quality software on time and within budget. However, in order for it to be worthwhile to take these risks, they must be compensated for by a perceived reward. The greater the risk, the greater the reward must be to make it worthwhile to take the chance. In software development, the possibility of reward is high, but so is the potential for disaster. The need for software risk management is illustrated in Gilb’s risk principle. “If you don’t actively attack the risks, they will actively attack you" [Gilb-88]. In order to successfully manage a software project and reap our rewards, we must learn to identify, analyze, and control these risks. This paper focuses on the basic concepts, processes, and techniques of software risk management.
A Guide to the Project Management Body of Knowledge (PMBOK® Guide), 5th Edition Project Management Institute, 2012
The Certified Software Quality Engineer Handbook, Linda Westfall, ASQ Quality Press, Milwaukee, WI, 2009.
Peopleware - Productive Projects and Teams, Second Edition; Tom DeMarco and Timothy Lister; Dorset House, New York, 1999
Software Engineering Project Management, 2nd Edition, Richard Thayer editor, IEEE Computer Society, Los Alamitos, CA, 2000.
Quality Software Project Management, Robert T. Futrell, Donald F. Shafer, Linda Isabell Shafer, Prentice Hall PTR, Upper Saddle River, NJ, 2002.
Agile Project Management with Scrum, Ken Schwaber, Microsoft Press, Redmond, WA, 2003, ISBN 0-7356-1993-X.
Succeedingf with Agile: Software Development Using Scrum, Mike Cohn, Addison-Wesley, 2009
Manage It! Your Guide to Modern, Pragmatic Project Management, Johanna Rothman, The Pragmatic Bookshelf, Raleigh, North Carolina, 2007.
Project Retrospectives: A Handbook for Team Reviews, Norm L. Kerth, Dorset House Publishing, New York, New York, 2001.
Continuous Risk Management Guidebook, Audrey J. Dorofee, Julie A. Walker, Christopher J. Alberts, Ronald P. Higuera, Richard L. Murphy, and Ray C. Williams, Carnegie Mellon University, Software Engineering Institute, Pittsburgh, PA, 1996.
Waltzing with Bears: Managing Risk on Software Projects, Tom DeMarco and Timothy Lister, Dorset House, New York, New York, 2003.
Agile Project Leadership Network - apln.org
COCOMO - Constructive Cost Model - csse.usc.edu/csse/research/COCOMOII
Cyber Security & Information Systems Information Analysis Center (CSIAC) - thecsiac.com
Dilbert - dilbert.com
IEEE Computer Society - computer.org
International Organization for Standards - iso.org
The IT Metrics and Productivity Institute - itmpi.org
Project Management Institute - pmi.org
Scrum Aliance - scrumalliance.org
SEI - Software Engineering Institute - sei.cmu.edu
Software Program Managers Network - spmn.com
Software Testing and Quality Engineering - stickyminds.com
Wikipedia - wikipedia.org