Risk Management Process

Risk management process consist of several processes.

Risk Identification

• It identifies project, product and business risks.
• Technological risks
• people risks
• organizational risks
• requirement risks
• Estimation risks

Risk Analysis

• Assess probability and seriousness of each risk
• probability may be very low, low, moderate, high or very high
• Risk effects might be catastrophic, serious, tolerable or insignificant.
• Eg; Organizational financial problems force reduction in the project budget- low probability, effect is catastrophic
• The organization is restructured so that different management are responsible for the project – high probability, effect is serious
• The size of the software is underestimated – high probability, tolerable effect

Risk Planning

• Consider each risk and develop a strategy to manage that risk
• Avoidance strategies – the probability that the risk will arise is reduced
• Minimization strategies –  The impact of the risk on the project or product will be required.
• Contingency Plan –  If the risk arises, contingency plans are plans to deal with that risk.

Risk Management Strategies

• Requirement changes – Derive traceability information to assess requirements change impact, maximize information hiding in the design.
• Database Performance – Investigate the possibility of buying a higher performance database
• Staff illness – Reorganize team so that there is more overlap or work and people; Understand each others job

Risk Monitoring

• Assess each identified risks regularly to decide whether or not it is becoming less or more probable.
• Also assess whether the effects of the risk have changed
• Each key risk should be discussed at management progress meetings.