Reducing the risks

Broadly, there are five strategies for risk reduction.

• Hazard prevention Some hazards can be prevented from occurring or their likelihood reduced to insignificant levels. The risk of key staff being unavailable for meetings can be minimized by early scheduling, for example.

• Likelihood reduction Some risks, while they cannot be prevented, can have their likelihoods reduced by prior planning. The risk of late changes to a requirements specification can, for example, be reduced by prototyping. Prototyping will not eliminate the risk of late changes and will need to be supplemented by contingency planning.

• Risk avoidance A project can, for example, be protected from the risk of overrunning the schedule by increasing duration estimates or reducing functionality.

• Risk transfer The impact of some risks can be transferred away from the project by, for example, contracting out or taking out insurance.

• Contingency planning Some risks are not preventable and contingency plans will need to be drawn up to reduce the impact should the hazard occur. A project manager should draw up contingency plans for using agency programmers to minimize the impact of any unplanned absence of programming staff.

In Section 7.4 we mentioned the use of checklists for hazard identification.

Many of these generic checklists, as well as listing common generic hazards, list typical actions for risk reduction. The checklist in Table 7.2 is based upon an often-quoted list produce by Barry Boehm.

Exercise 7.3

For each of the risks listed in Table 7.1, identify actions that Amanda might take to reduce their likelihood or impact.

Table 7.2

Software projects risks and strategies for risk reduction.


Risk reduction techniques

Personnel shortfalls

Unrealistic time and cost estimates

Developing the wrong software functions

Developing the wrong user interface Gold plating

Late changes to requirements

Shortfalls in external supplied components

Shortfalls in externally performed tasks

Real-time performance shortfalls

Development technically too difficult staffing with top talent; job matching; team building; training and career development; early scheduling of key personnel.

multiple estimation techniques; design to cost; incremental development; recording and analysis of past projects; standardization of methods.

improved project evaluation; formal specification methods; user surveys; prototyping; early users' manuals.

prototyping; task analysis; user involvement.

requirements scrubbing; prototyping; cost-benefit analysis; design to cost.

stringent change control procedures; high change threshold; incremental prototyping; incremental development (defer changes).

benchmarking; inspections; formal specifications; contractual agreements; quality assurance procedures and certification.

quality assurance procedures; competitive design or prototyping; teambuilding; contract incentives.

simulation; benchmarking; prototyping; tuning; technical analysis.

technical analysis; cost-benefit analysis; prototyping; staff training and development.

This top ten list of software risks is based on one presented by Barry Boehm in his Tutorial on Software Risk Management, IEEE Computer Society, 1989.

Was this article helpful?

+1 0
Project Management Made Easy

Project Management Made Easy

What you need to know about… Project Management Made Easy! Project management consists of more than just a large building project and can encompass small projects as well. No matter what the size of your project, you need to have some sort of project management. How you manage your project has everything to do with its outcome.

Get My Free Ebook


  • jukka-pekk h
    Why is risk reduction important to software?
    7 months ago

Post a comment