Managing risk : methods for software systems development

"The increasing rate of technological change we are experiencing in our lifetime yields competitive advantage to organizations and individuals who are willing to embrace risk and the opportunities it presents. Those who choose to minimize or avoid risk, as opposed to managing it, set a course for obsolescence. Hall has captured the essence of risk management and given us a practical guide for the application of useful principles in software-intensive product development. This is must reading for public and private sector managers who want to succeed as we begin the next century." - Daniel P. Czelusniak, Director, Acquisition Program Integration Office of the Under Secretary of Defense (Acquisition and Technology) The Pentagon "Since it is more than just common sense, the newcomer to risk management needs an intelligent guide. It is in this role that Elaine Hall's book excels. This book provides a set of practical and well-delineated processes for implementation of the discipline." - Tom DeMarco, from the Foreword Risk is inherent in the development of any large software system. A common approach to risk in software development is to ignore it and hope that no serious problems occur. Leading software companies use quantitative risk management methods as a more useful approach to achieve success. Written for busy professionals charged with delivering high-quality products on time and within budget, Managing Risk is a comprehensive guide that describes a success formula for managing software risk. The book is divided into five parts that describe a risk management road map designed to take you from crisis to control of your software project. Highlights include: Six disciplines for managing product development. Steps to predictable risk-management process results. How to establish the infrastructure for a risk-aware culture. Methods for the implementation of a risk management plan. Case studies of people in crisis and in control.

(Each chapter concludes with a Summary.) Foreword. Preface. I. RISK MANAGEMENT DISCOVERY. 1. Software Risk Management. Foundations. Risk in the Large. Risk in the Small. Consequences of Knowledge. Consequences of Ignorance. 2. P2I2 Sucess Formula. Major Factors in Risk Management Capability. People: The Human Element. Process: The Steps to Manage Risk. Infrastructure: The Organizational Foundation. Implementation: The Project Execution. 3. Risk Management Roadmap. The Road to Risk Management Capability. Risk Management Roadmap Directions. Journey from Problem to Opportunity. Journey from Novice to Expert. II. RISK MANAGEMENT PROCESS. 4. Identify Risk. Define Risk Identification Process. Develop Risk Checklists. Define Risk Assessment Method. Develop Risk Management Form. Establish Risk-Database Schema. 5. Analyze Risk. Define Risk Analysis Process. Define Risk Analysis Techniques. Define Risk Evaluation Criteria. Establish Risk Prioritization Scheme. 6. Plan Risk. Define Risk Planning Process. Define Risk Resolution Strategies. Define Selection Criteria. Develop Risk Action Plan Template. 7. Track Risk. Define Risk Tracking Process. Define Risk Tracking Techniques. Define Risk Tracking Measures. Define Triggering Devices. 8. Resolve Risk. Define Risk Resolution Process. Define Risk Resolution Techniques. Define Risk Resolution Measures. Develop Corrective Action Procedure. III. RISK MANAGEMENT INFRASTRUCTURE. 9. Develop Policy. Obtain Commitment. Survey Existing Practice. Allocate Resources. Define Draft Policy. Review Draft Policy. Document Policy. Approve Policy. Communicate Policy. 10. Define Standard Process. Establish Action Team. Develop Draft Standard Process. Review Draft Standard Process. Document Standard Process. Approve Standard Process. Distribute Standard Process. 11. Train Risk Technology. Prepare for Training. Develop Training Material. Apply Training Metrics. Deliver Training. Obtain Training Feedback. 12. Verify Compliance. Review Risk Management Plan. Audit Agents and Artifacts. Generate Audit Report. Track Action Items. 13. Improve Practice. Develop Appraisal Method. Assess Risk Practices. Develop Improvement Plan. Implement Improvement Plan. IV. RISK MANAGEMENT IMPLEMENTATION. 14. Establish Initiative. Review Risk Management Requirements. Plan Risk Management Activities. Budget Risk Management Activities. Schedule Risk Management Activities. Staff Risk Management Activities. Coordinate Risk Management Training. 15. Develop Plan. Outline Risk Management Plan. Define Risk Management Goals. Define Risk Management Strategy. Define Risk Management Process. Define Risk Management Verification. Define Risk Management Mechanisms. 16. Tailor Standard Process. Review Standard Process. Examine Tailoring Options. List Unique Project Factors. Recommend Process Changes. Document Standard Process Deviations. 17. Assess Risk. Conduct Risk Assessment. Develop Candidate Risk List. Define Risk Attributes. Document Identified Risk. Communicate Identified Risk. Estimate and Evaluate Risk. Prioritize Risk. 18. Control Risk. Develop Risk Resolution Alternatives. Select Risk Resolution Strategy. Develop Risk Action Plan. Monitor Risk Status. Execute Risk Action Plan. Take Corrective Action as Required. V. PEOPLE IN CRISIS AND CONTROL. 19. Stage 1: Problem. Problem Project Overview. Process Improvement Initiative. Process Assessment. Process Assessment Results. Initiative Hindsight. 20. Stage 2: Mitigation. Mitigation Project Overview. Risk Assessment Preparation. Risk Assessment Training. Project Risk Assessment. Project Risk Management. Project Risk Retrospective. 21. Stage 3: Prevention. Prevention Project Overview. Risk Assessment Results. Risk Manager. Risk Practice Survey. Risk Practice Observations. Stage 4: Anticipation. Anticipation Project Overview. Proactive Risk Management. Organization Measurement Practices. Risk Management Committee. Living Lifecycle Model. 23. Stage 5: Opportunity. Opportunity Project Overview. Fixed Price Problems. Routine Risk Management. High Performance Engineering. The Power Pyramid. Glossary. Index. 0201255928T04062001