risk assessment
TRANSCRIPT
A Study on Risk Assessment for Small and Medium Software Development Projects
By Spoorthi Sham
1PI14SSE12
04/15/2023 M.Tech SSE, PESIT 2
• Risk“ Smoking is dangerous to health. It causes cancer”
Introduction
Risk Scenario
04/15/2023 M.Tech SSE, PESIT 3
Introduction
• "If you don’t actively attack the risks, the risks will actively attack you.“ – Tom Gilb
• Barry Boehm’s risk management process
04/15/2023 M.Tech SSE, PESIT 5
• Risk IdentificationCreative methodAnalytical method
• Risk Analysis
• Risk Prioritization
Risk Assessment
Risk assessment tool
04/15/2023 M.Tech SSE, PESIT 8
SMSDP Risk Assessment Timeline
Two categories :• Model category (6)• Method category (6)
04/15/2023 M.Tech SSE, PESIT 9
Models Category
Focus Proposes Description Inputs Risk ranking Decision taking types Prototypes
1Assessment,
treatment and monitoring
RAT model
Early phases of the project
Project plan and resources
Risk rank matrix – category, occurrence probability, impact
Hybrid assessment
Web application prototype
2 Risk assessment and estimation SRAEM
Estimates efforts, cost and risk
exposureMeasurement, model and assumption errors
Probability and software metrics of risk management
Quantitative assessment --
3 Risk assessment SRAM
Based on Grey Theory using Analytic
Hierarchy Process
Demand analysis, project quality,
schedule,circumstance,technology
Subjective and objective method
Quantitative assessment --
4Risk
assessmentRA model for prototyping
projects
Structures and automates the
assessment of risk
Requirements, personal and
complexity metrics-- Quantitative
assessment --
5Risk
assessment SRAMUses
comprehensive questionnaire
Complexity,reliability,requirements, development
process, tools used
Impact of risk elements on
quality,schedule and cost
Quantitative assessment --
6Risk
assessment SPRAMAssessment of
loss and risk impact
Risk factor nodesConditional probability
distribution table
Hybrid assessment
--
04/15/2023 M.Tech SSE, PESIT 10
Methods Category
Focus Proposes Description Inputs Risk ranking
Decision taking types Prototypes
1 Cost and quality
Expectation – Maximization
algorithm
Enhances ability in producing
hidden nodes
Probability vector of top-
level nodes-- Quantitative
assessmentAssessment
tool
2 Risk assessment
Source based SRAM
Accounts primary and
secondary facts
Primary and secondary
facts-- Quantitative
assessment --
3 Risk identification
Risk identification based on Kepner-Tregoe Program
4 analysis methods : PA, DA, PPA, SA
Checking vulnerable
areas-- Quantitative
assessment --
4 Risk assessment
Fuzzy expert system
Evaluates risk in all respects
Management, funding, planning,
technology
Matrix based on probability and severity
measurements
Quantitative assessment
Assessment fuzzy expert
system
5 Risk assessment
Fuzzy linguistic multiple attribute decision making
method
Estimates risk criteria values
Information from
experts
Probability, loss,uncontrolla
bility, occurence time
Quantitative assessment
Case study application for historic data
6 Risk assessment
Risk assessment method
Uses probabilistic interference
model
Interview based risk
assessment3 choices Quantitative
assessmentRisk assessment visualization tool
(RAVT) 4
04/15/2023 M.Tech SSE, PESIT 13
Author’s Conclusion
• 12 articles based on two categories according to 7 parameters
• The parameters and inputs that each model or method takes are not all of them available in SMSDPs
• SMSDPs are rapid development projects and they run from cost, they have no time to fill all the conditions defined by methods or models
04/15/2023 M.Tech SSE, PESIT 14
A five – step process to assess risks :• Establish strategic guidelines• Determine model direction• Choose the model• Perform gap analysis• Design a strategic road map
Conclusion