Title: Software Development is a Risky Business
1Software Development is a Risky Business!
- Whenever a computer program is to be built, there
are areas of uncertainty..
2Software is a Risky Business!
3Why Uncertainty?
- Are the needs of the customer really understood?
- Can the functions that must be implemented be
accomplished before the project deadline? - Will there be difficult, hidden technical
problems? - Will the changes that invariably occur cause the
schedule to slip badly?
4What is risk?
- Risk recognized the reality of change.
- Risk concerns future happenings.
5- Risks are the consequences
- of
- Inadequate Information!
6Risk analysis
- - risk identification
- - risk assessment
- - risk management
7Risk identification --
- Identify ALL the risks that are OBVIOUS to both
managers and practitioners.
8Categories of risk
- Technical risk
- Business risk
- Product risk
- Project risk
9Categories of risk Technical risk
10Categories of risk Business risk
11Categories of risk
- Product risk
- Project risk
12What is the BEST way to deal with Risk?
13What is the BEST way to deal with Risk?
- Expect the unexpected, it invariably occurs!
14Risk Assessment
- Rate each risk in two ways
- 1) What is the likelihood that the risk is real?
- 2) What is the consequence of the problem if the
risk does occur?
15Risk Reduction ALARP?
- ALARP As Low As Reasonably Practical
- Once potential hazards and their causes have been
identified, the system specification should be
formalized in such a way that these hazards are
unlikely to result in an accident!
16Risk Reduction
Unacceptable region Risk cannot be
tolerated Risk tolerated only if risk
reduction is impractical or grossly
expensive. Acceptable region
ALARP Region
Negligible Risk
17Risk Reduction
- 1) Hazard avoidance
- 2) Hazard Probability Reduction
- 3) Accident Prevention
18Risk Reduction Hazard avoidance
- Design system so that hazards CANNOT arise.
19Risk Reduction Hazard Probability Reduction
- Design system so that the likelihood of hazard
occurring is reduced. - Design system so that risk cannot occur as the
result of any single action or error.
20Risk Reduction Accident Prevention
- Design system so that risks can be detected and
recognized. - Design an accident monitoring system.