Undestanding Risk Management in Software Development

There are always risks associated with a project. Purpose of risk management is to ensure levels of risk and uncertainty are properly managed so that the project is successfully completed. It is important to understand Risk Management and employ contemporary risk management practices. This article contains streamlined approach to Risk Management.

Risk Management Process

Risk Management Workflow Chart

Risk identification begins in the early planning phase of the project. A Risk Management Excel Worksheet is started during the planning phase. Then, as scheduling, budgeting, and resource planning occur, the worksheet is updated to reflect further risks identified in the planning.

At this point, (or when a risk probability increases) the project manager and project team develop mitigation strategies that assess the impact of the problem. Mitigation strategies divide in two types:

Preventative - planned actions to reduce the likelihood a risk will occur, and the seriousness if it does occur. In other words, what should we do now?
Contingency - planned actions to reduce the seriousness of the risk if it does occur. In other words, what should we do if?

At project start-up, the Risk Management Worksheet is reviewed again, and any new risks are added to it. As the project progresses, members of project team identify new risk areas that are added to the Risk Management Worksheet.

Risk identification is a recurring event; it is not performed once and then set aside. Risk identification, management, and resolution continue after project initiation throughout the life of the project. New risks are developed as the project matures and external and internal situations change. Trigger dates are be included in the schedule for tracking risks.

Risk Management Worksheet

The Risk Management Worksheet records details of all the risks identified at the beginning and during the life of the project, their grading in terms of likelihood of occurring and seriousness of impact on the project, initial plans for mitigating each high level risk and subsequent results.

The Risk Management Worksheet usually includes:

a unique identifier for each risk;
a description of each risk and how it will affect the project;
an assessment of the probability it will occur and the possible seriousness/impact if it does occur (low, medium, high);
a grading of each risk according to a risk assessment table
who is responsible for managing the risk;
an outline of proposed mitigation actions (preventative and contingency); and
costs for each mitigation strategy.

Risk Management Worksheet is kept throughout the project, and changes regularly as existing risks are re-graded in the light of the effectiveness of the mitigation strategy and new risks are identified.

Risk Management Worksheet is amended by conducting a number of meetings or brainstorming sessions involving (as a minimum) the Project Manager, Project Team members, Project Executive, Customer (via Instant Messaging or Phone).

The Risk Management Worksheet is visited weekly with re-evaluation of the risks occurring on a monthly basis. On an agreed regular basis a Risk Status Report is conducted to the Customer, as a part of Project Status Report.

Risk Management Responsibility

Project Manager is responsible for monitoring and managing all aspects of the risk management process, including:

development of the Risk Management Worksheet;
development of risk mitigation strategies;
continual monitoring of the project to identify any new or changed risks;
continual monitoring of the effectiveness of the Risk Management Worksheet and
regular reports on status of risks to the Customer.

Note: In very large projects, the Project Manager may choose to assign risk management activities to a separate Risk Manager, but the Project Manager still retains responsibility.

Other Project Team members assist with the identification, analysis and evaluation of risks and assist in the development of the Risk Management Worksheet. They are also responsible for risk mitigation strategies.

Project Executive provides input into the Risk Management Worksheet, especially assessment of potential risks and risk mitigation strategies. They are also responsible for some risk mitigation strategies.

Customer oversees the Risk Management Worksheet in its periodic review. They are responsible for ensuring an effective risk management process is in place throughout the life of the project.

The following table summaries the roles and responsibilities of personnel and customer in the Risk Management process.

Personnel\Customer Role and Responsibility

Customer Identify Risks, Monitor Risk Status

Project Executive Identify Risks, Develop Mitigating Strategies, Monitor Risks Status

Project Manager Identify Risks, Develop Mitigating Strategies, Monitor Risk Status, Report Risk Status

Project Team Identify Risks, Develop Mitigating Strategie

Personnel\Customer	Role and Responsibility
Customer	Identify Risks, Monitor Risk Status
Project Executive	Identify Risks, Develop Mitigating Strategies, Monitor Risks Status
Project Manager	Identify Risks, Develop Mitigating Strategies, Monitor Risk Status, Report Risk Status
Project Team	Identify Risks, Develop Mitigating Strategie

Attached you can find sample Rish Management Worksheet and Risk Status Report templates.

Attachment	Size
Risk Management Worksheet.xls	14.5 KB
Risk Status Report.xls	15.5 KB

GerixSoft