Why Risk Management?

Software development is often plagued with unanticipated problems that cause projects to miss deadlines, exceed budgets, or deliver less than satisfactory products. While these problems cannot be eliminated totally, some of them can be controlled better by taking appropriate preventive action. Risk management is an area of project management that deals with these threats before they occur. Organizations may be able to avoid a large number of problems if they use systematic risk management procedures and techniques early in projects.

Although risk management has been considered an important issue in software development and significant contributions to risk management have been made over the past decade, risk management is rarely actively and explicitly applied in practice. Furthermore, most risk management approaches rely on quantification of risk and fail to account for the problems associated with the accuracy of estimates used for the quantification. We have composed a PowerPoint slide set that highlights the issues and challenges in risk management. You can view and download it here.

Riskit is a comprehensive risk management method that is based on sound theoretical principles and thus it avoids many of the limitations and problems that are common to many other risk management approaches. Its key principles can be listed as follows:

• It has a complete, defined, and documented process for the risk management activities in a project.
• Goals and stakeholders are explicitly analyzed and recognized, as they are essential in risk identification and analysis.
• Risks are explicitly documented by well-defined terms and they can be graphically represented as risk scenarios.
• Risk prioritization is based on theoretically sound, yet practical technique that can be used even when quantitative information about risks is not available.
• A key element in Riskit is the Riskit analysis graph that helps document risk scenarios in detail. An example of the Riskit analysis graph is given in Figure 1.

Figure 1. An example of the Riskit analysis graph.

The main steps in the Riskit process are: 1) establishing the risk management infrastructure, 2) defining the risk management mandate for a project, 3) project goal analysis, 4) risk identification, 5) risk analysis, 6) risk control planning, 7) risk control, and 8) risk monitoring.

Figure 2. Riskit process.

For more information, see contact information or email us at info@rdware.com.
Copyright ©2001 R & D-Ware Oy, All rights reserved.