Role of Risk Management in Development of Software Projects

Role of Risk Management in Development of Software Projects

Akhil Kumar

Amity institute of information and technology Amity University

Noida, India

Dr. Alpana Kakkar

Amity institute of information and technology Amity University

Noida, India

Abstract- Nowadays, software development is becoming a major part of enterprise business. Software development is an activity connected with new technologies and high level of knowledge. There are many risks associated with software development such as time-to-market, budget and schedule estimation, product deployment or maintenance. These risks on software development projects must be successfully mitigated to build successful software systems in the organization. Lack of knowledge about risk management is one of the major causes for project failures. To develop a project successfully, risk management determines common risk impact areas in the software projects. Software risk management is a systematic way to manage risks in development of software projects. This paper recognizes the role of risk management in present software projects and aims at providing more support in this area. Firstly the paper consist what are the software risks involved in development of software projects, then a model of software risk management process with the overview of risk assessment process.

Keywords- Software project risks, Software Risk Management Process, Risk assessment.

I. INTRODUCTION

Nowadays, software development is becoming a major part of enterprise business. Software development is an activity connected with new technologies and high level of knowledge. Almost in every software organization, software development project faces a significant amount of uncertainty that is usually major reason of project failures. The success of a software development project is always connected with the risk. Every phase of a software development project could be affected by risks that could cause project failure. There are so many types of software project risks which might be occurred from the very first stage of development to the completion stage of the software project. It is common to say that risks are the chance of opportunity, i.e. a project with many risks has an opportunity on the global software market if the project is completed successfully on time and within budget. Software risk management used for project planning and control purposes during the project execution. Software risk management will help reduce project failure.

The paper is organized as follows: In section II, various software project risks are discussed. In section III, software risk management is discussed. In section IV, software risk assessment is defined as A process of identifying risks, analyzing risks, and prioritizing risks. Section V contains conclusion part of the paper.

1. SOFTWARE PROJECT RISKS

   A software project fails among the common factors such as unrealistic project goals, badly defined requirements, unmanaged risks, poor technology or environment, which if ignored tends to increase the occurrence of software project failure [1]. Software project risks are major challenge to software project managers. The reasons for variations in success can be attributed to risk factors which are technical, economic and behavioral in nature.

   To summarize, risk has two components

   1. The probability that an undesirable event will occur.

   2. The negative consequences of loss because of the occurrence of this event [3].

   The mostly occurred risks in development of software projects are of many types. Some of risks are as follows:

   1. Team Factors

      Team related risk items are very common while developing a software projects. These issues include changes in project team members, lack of technical skills among team members, conflicts within project team, level of staff motivation and improperly assigned responsibilities.

   2. Communication

      Communication is a big issue in software projects. The stakeholders of the project have to communicate day to day during the project development. Lack of English communication skills is another major factor which affects the developer team members. Telecommunication facilities such as slow internet connections or telephone

      lines, slow computer networks in organizations etc may seriously hamper the project work.

   3. Adopted Methodology

      Methodology is the important factor in software development .If the organization or project team adopts wrong methodologies or it is not feasible then there are lots of chances for risk such as high budget, time duration, post maintenance etc. So it is very important to adopt feasible methodologies according to the requirements of user or client of the system.

   4. Planning and Estimation

      A common problem encountered in developing a software projects is incidence of poor estimation and planning for determining a project's budget and schedule.

   5. External Factors

      External factors refer to the interdependence on third parties such as vendors, which may affect the ability of the internal development team to complete a software project on time without problems. For example, Indian workers are facing more visa restriction problems, especially in the USA which affects the work assigned to them. This causes the risk of work not being completed on scheduled time [3].

   6. Role of the User

      These risks include unwilling Information System users, lack of user support, lack of user experience, user resistance to change. Lack of software experience on the part of the client is another major risk factor that affects project development. After these risks all areas in systems are potential sources of software risks such as technology, hardware, software, people, cost, and schedule [6].

      • Developing wrong user interface

      • Frequently changes in requirements

      • Real-time Performance Shortfalls

      • Personnel shortfalls

      • Gold plating

      • Shortfalls in external tasks

2. SOFTWARE RISK MANAGEMENT

   All approaches to software project risk management uses to maximize both efficiency and effectiveness. Although the details of risk impacts may differ depending on the software project, risk management has three important parts: identification of risk, analysis of risk, and action plans to reduce the risk [2]. Before risk can be managed or reduce, it must first be identified, properly described, understood, and assessed. Analysis is a necessary step for manage the risks, but it is not sufficient; it must be followed by action plans. The software project risk management process is not complex. It only offers a structured way to think about risk and how to reduce them.

   1. Software risk management has following stages suggested by the (SEI):

      1. Risk identification: Risk identification is a first stage of risk management and the systematic way to specify threats to the software projects. The purpose of risk identification is to developing a risk reports called risk register, checklists, etc. Within the identification phase, several activities occur such as identify the risks, define the risk attributes, and prepare the documents etc.

      2. Risk Analyze: When the risk has been identified in risk identification phase, all the risks, threats are analyzed using different criteria. The purpose of risk analysis is to calculate the loss probability and importance of each risk. A decision is then made about which are themost important risk must be reduce immediately.

         TECHNOLOG Y

         HARDWARE AND SOFTWARE

         PEOPLE COST SCHEDULE

      3. Plan: The planning process is the next stage of the software risk management process to manage the risks. The planning depends on the risks which identified in the identification stage.

         Fig. 1. Risks within system context

         For each risk there are two aspects: probability of risk and loss by risk. These aspects are used to calculate Risk Exposure. Boehm (1991) defined risk exposure (RE) as:

         RE= P (UO). L (UO)

         Where, RE is the Risk Exposure (or risk impact)

         P (UO) is the probability of an unsatisfactory outcomes and L (UO) is the loss from the unsatisfactory outcomes [5].

         Some of the software risk items (listed below), which are introduced by Boehm, are examples of sources of risk for software projects [5].

         • Unrealistic Schedules and Budget

         • Developing wrong functions

      4. Track: In the track stage the risks and action plans have taken against risks to reduce the risks are monitored.

      5. Risk Control: The last stage of risk management is Risk Control. It is the process of managing risks to achieve the desired results. Risk control relies on risk management process to control risk action plans, respond to uncertain events, and improve risk. Risk control process involves the following activities such as planning to reduce the risks, mitigation of risks and monitoring of various risks.

   2. To manage the software project risk, following steps are suggested by SEI [4]

      1. Decide upon the measure for success of the project.

      2. Identify top five or top ten issues which may prevent the project from being successful.

      3. Decide importance of each of these issues.

      4. Decide the actions necessary to get these, issues.

      5. Decide the timing, for these decisions.

      6. Decide the boundary as, well as people needed to be involved in these decisions.

      7. Decide information needed to ensure effectiveness of the decisions.

      8. Openly share-and communicate the issues involved.

         Fig. 2. Risk Management Paradigm

3. RISK ASSESSMENT OVERVIEW

   Risk assessment is the first phase of the risk management methodology. It is combination of three stages which are identification of risk, analysis of risk and prioritizing the risks. In risk assessment firstly risks are identified, after that identified risks and their impacts are analyzed and then action plans are developed to reduce the risk ad its impacts. We all know that risk assessment is process to analysis and prioritize the identified risks. It is merely a process of analyzing the impact of risks in the software projects.

   Risk assessment process can also do through active review and continuous review [7]. In review based risk assessment organization can use snapshots of generated checklists and risk registers in identification phase and that snapshots pass for the analysis of identified risks and reports describe the results of the risk assessment.

   1. Risk Assessment Process

      Risk assessment can also do though the decision making tree method to calculate the risk impacts in numerical form [9]. This kind of assessment called quantitative risk assessment.

      For example: A software project is planned which is dependent on technology and the final decision criteria is set to the value of 75%. As per the information generated through risk registers and technologies, the following data is assembled.

      • Chances of good technologies: 40%

      • Chances of poor technologies: 60%

      • Chance of successful project with feasible technologies: 70%

      • Chance of successful project with unfeasible technologies: 30%

   By decision making tree for this assessment all data has to be calculated. The calculating way is:

   [Good conditions] + [bad conditions]

   = [0.40*0.70] + [0.60*0.30]

   = 0.28 + 0.18

   = 0.46

   This is also translated as 46% probability for successful project and the criteria is set to 75%. So the planning of develop a software project can be cancelled because risk of technologies is too high and it will never succeed.

4. CONCLUSION

The most important thing for developing a successful software project is to get focused on its critical success factors. India has become the major destination of software development and there is no limit of software projects in the software industries. However, the study on risk, risk management and project outcome with respect to development of software projects was not easy. This paper includes the various software project risks and software risk management process. This paper also contains the overview of Risk Assessment and assessment process. Risk management is performing very important role in software industries because in software development process there are lots of risk which may largely affect the software projects.

ACKNOWLEDGMENT

At first I am thankful to God for giving me idea, ability and intelligence to work on interesting and realistic topic for my Master degree. I would like to thank my supervisor Dr. Alpana Kakkar. I would like to express my gratitude that has encouraged me for my work.

REFERENCES

1. http://spectrum.ieee.org/computing/software/why- software-fails

2. A Project management handbook (A scalable approach) by Risk management task group, version 1 (June 2012)

3. Sam Thomas, A study on software development project risk,

   risk management, project outcomes and their inter-relationship, (July 2008).

4. Shri A.K.Hirve, FM and Reprepared by Shri V.G.Sekar, FM, Software risks and control prepared. CAB, Pune

5. Boehm B., "Software Risk Management: Principles and Practices, IEEE Software, Vol. 8 (1), 1991, pp. 32-41.

6. Ronald P. Higuera, Yacov Y. Haimes, , Software Risk Management. Technical Report CMU/SEI-96-TR-012 ESC-TR- 96-012, (June 1996)

7. Abdullah Al Murad Chowdhury, Shamsul Arefeen Software Risk Management: Importance and Practices, IJCIT, vol 02, Issue 01 (2011)

8. Software Engineering Institute Web site: http://www.sei.cmu.edu/risk

9. http://www.brighthubpm.com/risk-management/110139-an- overview-of-project-risk-assessments-with- samples/?cid=parsely_rec#imgn_1

10. A. Kakkar , R. Punhani, " Implementation of ISMS and Its Practical Shortcomings". IARS' International Research Journal (I'IRJ), Vol-2,No.1,(2012)

11. A. Kakkar, Anju Bhatla, E-Mail a Business Continuity Process. Global Journal of Business Management and Information Technology, Vol.1, No.1 (2011) pg 35 -41