CS3007A Software Project Management

Problem Sheet 4b

Lecturer: Dr Robert Macredie

E-mail: Robert.Macredie@brunel.ac.uk,

Introduction

In the second part of the fourth session we talked about risk. We discussed the nature of risk with respect to software projects and thought about why risk management had become such an important issue. We then went on to look at the activities that play a part a in risk management - notably risk identification; risk assessment and risk actions.

Learning Outcomes

The learning outcomes for the problem sheet are as follows:

(i)     you should be able to define risk with respect to software 
        projects and explain its relevance/importance;

(ii)    you should be able to present justified examples of risks 
        which might occur in different areas of a project;

(iii)   you should be able to critically discuss issues of risk 
        assessment with respect to likelihood and impact of risk;

(iv)    you should be able to explain and exemplify the different 
        classes of risk action that can be taken.

Questions

(i)     How would you define risk with respect to software projects? 
        Give examples to support your definition from projects that 
        have had difficulties because of poor management of risk.

(ii)    Why have risk and risk management become such important 
        areas in SPM? Do you think that the risks in software projects 
        now are greater than those typically faced 20 years ago? 
        Justify your answer.

(iii)   Identify and give examples of the types of risk that you might 
        find associated with each of the following: (i) the commercial 
        background of the project; (ii) the project contract; (iii) the 
        customer; (iv) the users of the proposed system; (v) the 
        acceptance of the proposed system; (vi) the project's functional 
        requirements; (vii) the project's technical requirements; 
        (viii) project staffing issues.  

(iv)    Explain what is meant by 'likelihood' and 'impact', the two key 
        dimensions in assessing risk.  Using your final year project as 
        an example, what risks might you identify.  Comment on their 
        likelihood and possible impact on your project.  

(v)     For the risks that you have identified in (v), what actions might 
        you take to 'avoid' the risks or 'mitigate' against them? 
        What do you understand by these terms?

(vi)    In the above questions that draw on your final year project as 
        an example, the risk activities are likely to be quite limited.  
        Why might this be the case? And why would commercial/industrial 
        software projects have to attach more importance to risk.

I would encourage you to work in groups of around five for this and subsequent exercises.

Robert Macredie

24 October 1998