When we speak of software risk, it is the possibility of suffering from a loss in the software development process. This loss can be an increase in production cost, poor quality software, unable to complete the project on time, etc. The existence of software risk is due to the fact that there are many known and unknown things that you are not able to include in the project plan. Software risks can be both internal, that are within the control of the project manager, and external that are beyond the project manager’s control. When carrying out risk management it is important to identify the risk, reduce its impact, reduce the likelihood of risk, and monitoring the risk.
A project manager has to deal with many possible causes of risk.
Some risks are well known to the team and the entire project. If there are not enough developers, then a project can be delayed, and this risk is known. The project management plan considers these risks.
There are risks that a project team is aware of but they don’t know if these risks exist in the project. A known risk is not being able to get the client’s requirement properly because of poor communication. This is a known risk but they don’t know if the client has actually communicated all the information properly or not.
There are completely unknown risks. Technology is usually behind these risks and it is when clients ask you to work on technology that you have no knowledge about so you expose yourself to risk.
In software risk management, risk is quantified. There are many things involved in this including having a precise description of risks that can occur in the project, defining a risk probability which explains the chances for the risk to occur, defining how much loss a risk can cause, and defining the liability potential of the risk.
It is important that previous projects be studied in order to identify risks that your project may be subjected to. All possible vulnerable areas to risk should be checked. A flowchart is very useful in examining all essential areas. Identify the known unknowns that can affect the project. Evaluate any decisions taken related to different factors including technical, operational, political, legal, social, internal and external. Here you define the processes that are important for risk identification.
It is important to identify and categorize risk in software risk analysis. You also need to analyze its impact. Then software risk planning follows. Defining preventive measures that would lower down the likelihood of risks, defining measures that would reduce the impact when a risk happens, and constant monitoring of processes in order to identify risks early, are involved in software risk planning.
Finally, software risk monitoring is included in project activities and regular checks are done.