Professional Documents
Culture Documents
MODULE 3
• Very simply, a risk is a potential problem. It’s an activity or event that may
compromise the success of a software development project. Risk is the possibility of
suffering loss, and total risk exposure to a specific project will account for both the
probability and the size of the potential loss.
• Risk management includes the following tasks:
• Identify risks and their triggers
• Classify and prioritize all risks
• Craft a plan that links each risk to a mitigation
• Monitor for risk triggers during the project
• Implement the mitigating action if any risk materializes
• Communicate risk status throughout project
FIVE TYPES OF RISK IN SOFTWARE PROJECT
MANAGEMENT
• For most software development projects, we can define five main risk impact
areas:
1. New, unproven technologies
2. User and functional requirements
3. Application and system architecture
4. Performance
5. Organizational
RISK MANAGEMENT IN SDLC
• Identify assets that need to be protected and assigning their criticality in terms of confidentiality, integrity and
availability
• Risk Factors
• Unqualified testing team: Lack of good testing team is a major setback for a good software as testers may
misuse the available resources and testing tools.
• Limited testing resources: Time, budget, tools if not used properly or unavailable may delay project delivery.
• Not possible to test in real environment: Sometimes it is not able to test system in the real environment due to
lack of budget, time constraints etc.
• Testing cannot cope up with requirements change: Users requirements often change during entire software
development life cycle, so test cases should be designed to handle such changes. If not designed properly they
will not be able to cope up with change.
• System being tested is not testable enough: If the requirements are not verifiable, then In that case it becomes
quite difficult to test such system.
6. INSTALLATION, OPERATION AND ACCEPTANCE TESTING:
• This is the last and longest phase in SDLC. In this system is delivered,
installed, deployed and tested for user acceptance.
• Support from Risk Management Activities –
The system owner will want to ensure that the prescribed controls, including
any physical or procedural controls, are in place prior to the system going live.
Decisions regarding risks identified must be made prior to system operation.
• This phase involves three activities:
• Installation,
• Operation,
• Acceptance Testing.
6. INSTALLATION, OPERATION AND ACCEPTANCE TESTING:
• Operation Activity: Here end users are given training on how to use
software system and its services.
• Risk Factors
• New requirements emerge: While using system, sometimes users feel need to
add new requirements.
• Difficulty in using system: Being a human it is always difficult in the
beginning to accept a change or we can say to accept a new system. But this
should not go for a long otherwise this will be a serious threat to
acceptability of the system.
6. INSTALLATION, OPERATION AND ACCEPTANCE TESTING: