Professional Documents
Culture Documents
Risk Management
Risk Management
Success in systems analysis and design requires not only skills in methodologies and
techniques, but also project management skills for managing time, resources, and risks.
If a project is considered to be high risk and highly complex, and has a development
team made up of hundreds of people, then more traditional methods will apply.
Less risky, smaller, and simpler development efforts lend themselves more to Agile
methods.
Other determining factors include organizational practice and standards, and the extent
to which different parts of the system will be contracted out to others for development.
Identifying and assessing risk
The goal of this activity is to identify sources of project risk and estimate the
consequences of those risks.
Risks might arise from the use of new technology, prospective users’
resistance to change, availability of critical resources, competitive reactions
or changes in regulatory actions due to the construction of a system, or team
member inexperience with technology or the business area.
You should continually try to identify and assess project risk.
What are some sources of risk in a systems analysis and design project and
how does a project manager cope with risk during the stages of project
management?
Where is Risk ?
It is important to note that all projects have risk and that risk is not necessarily
something to avoid.
Yet it is also true that, because organizations typically expect a greater return on their
investment for riskier projects, understanding the sources and types of technical risks
proves to be a valuable tool when you assess a project.
Also, risks need to be managed in order to be minimized; you should, therefore, identify
potential risks as early as possible in a project.
The potential consequences of not assessing and managing risks can include the
following:
• Failure to attain expected benefits from the project
• Inaccurate project cost estimates
• Inaccurate project duration estimates
• Failure to achieve adequate system performance levels
•Failure to adequately integrate the new system with existing hardware, software, or
organizational procedures
Risk Factors -Planning
Following is the list of risk factors for the feasibility study phase:
Project manager often make a mistake in estimating cost, time, resources and scope of the project.
Unrealistic budget, time, inadequate resources and unclear scope often leads to project failure.
Unrealistic Budget: As discussed above inaccurate estimation of budget may lead to project running
out of funds early in the SDLC. Accurate estimation budget is directly related to correct knowledge of
time, effort and resources.
Unrealistic Schedule: Incorrect time estimation lead to a burden on developers by project managers
to deliver project on time. Thus compromising the overall quality of the project and thus making the
system less secure and more vulnerable.
Insufficient resources: In some case the technology, tools available are not up-to date to meet project
requirements or resources(people, tools, technology) available are not enough to complete the
project. In any case it is the project will get delayed or in worst case it may lead to project failure.
Unclear project scope: Clear understanding of what project is supposed to do, which functionalities
are important, which functionalities are mandatory, which functionalities can be considered as extra
is very important for project managers. Insufficient knowledge of the system may lead to project
failure.
Requirement Elicitation-- Analysis
This involves validating the requirements that are gathered and analyzed till
now to check whether they actually defines what user want from the system.
Risk Factors
Among the biggest challenges that software developers face is scope variation.
Changing requirements due to ongoing client and user feedback is a constant risk in
software development.
It is a good thing on hand as it ensures that the final product is of sound quality and is
helpful to the end-users.
However, from a risk management perspective in software development, it is a risk
that can delay project implementation, introduce numerous uncertainties or even lead
to budget overruns.
As such, it is a critical risk that needs analysis, tracking, and mitigation. The best way
to mitigate against this risk is by having structured communication between the
development team and the client/end-user.
The project manager is usually the link between the development team and the client.
Scope Variation Risks
The best practice is monitoring scope variations using a scope variation metric
visible to both the development team and the customer.
The variation metric will serve as a tool to show how the scope variations have
impacted the project in terms of budget and timelines. More importantly, it will
help in prioritizing tasks.
One of the significant variation risks in software development is the scope creep,
which can lead to cost overruns, delays, and an increase in the project’s overall
risk.
However, for legacy system migration, managing the scope can be challenging, as
the existing software is often complex, interconnected, and highly customized.
The scope of migration of legacy systems must be clearly defined to ensure that
the project is manageable and to avoid unnecessary costs and risks
End-user Engagement Risks
You cannot talk about risk management in software development and fail to address the
risk involved with end-user engagement.
The end goal of software development is to develop a product that is useful to some
people. If these people have any problems using the final product, then that’s a
considerable risk.
End-user engagement is critical to the project’s success, whether the software is for
external customers or internal.
Strong end-user involvement and engagement throughout the project life cycle ensure
the final product is easily acceptable.
Achieve engagement through:
User surveys
Frequent releases
Minimum Viable Product (MVP) release
Beta testing
These mitigation strategies will hopefully ensure a smoother adoption phase.
Stakeholder Expectations Risks
There is always some stakeholder expectation risk in every software
development project. Stakeholders in these projects are all people involved
in one way for the successful completion of the project.
Of particular concern in mitigating this risk are:
End users
Customers
Investors
Development team
These groups will require a mitigation strategy to address their expectations
before developing into a risk affecting the project.
Technical Risks
Technical risks in a software development project are generally those that impact
the quality of the end product. These are things like poor code, support, integration
issues, etc. These technical risks can have a severe negative consequence on the
usability of the product. That’s why it’s necessary to address technical risk when
talking about risk management in software development.
The thing with technical risk management is that they are not quickly noticeable
during the development phase. They become apparent at the end of the process,
which can make them challenging to correct.
Poor productivity among software developers is a technical risk. It mainly occurs in
projects that have a long life cycle. Developers may lose motivation the longer the
project goes.
There is also the risk that a long-term deadline is far away, and there is enough time
to cover for any tasks not done.
Intense oversight of software iterations reduces technical risks.
Agile methodologies are particularly robust in maintaining productivity and
motivation among the development team.
Human Resource Risks
While working with people, there is always a risk that someone may
unexpectedly become unavailable. This person may be a vital member of the
team, which has the chance of creating a knowledge gap.
The person may be from the development team or the client-side, actively
involved in the project.
To mitigate this risk, proper documentation of every detail of the project is
critical. Software development documentation is an active and continuous
process.
Additionally, having contingency plans on how to onboard new team members
should always be in place.
Communication Risks
It doesn’t sound like a good strategy, but some risks are not worth mitigating.
It is best to avoid them altogether. If the risk is too big, has a very high
probability of happening, or could be costly to mitigate, avoiding it may be
the best option.
Small organizations/businesses or startups would benefit from this approach
as some risks would wipe them off.
Risk Transfer
It is a strategy where you procure someone to deal with any risks on your
behalf. This risk management strategy in software development is attractive
to organizations/agencies with the resources to procure such services and
concentrate on their core software development task.
Risk management in software development may take away precious time and
focus from the core work. Therefore it makes sense to outsource to a
professional whose only work is dealing with such risks.
This approach has the added advantage of speeding up the process.
Closing Thoughts