Project Management

1. What is Risk?

   Risk management is the identification, assessment, and privatization of risks followed by coordinated and economical application of resources to minimize, monitor, and control the probability and/or impact of unfortunate events.^[1] Risks can come from uncertainty in financial markets, project failures, legal liabilities, credit risk, accidents, natural causes and disasters as well as deliberate attacks from an adversary. Several risk management standards have been developed including the Project Management Institute, the National Institute of Science and Technology, actuarial societies, and ISO standards.

2.  Identify at least 5 software risk. Discuss each.

   §  Objectives-based risk identification^{[citation needed]} Organizations and project teams have objectives. Any event that may endanger achieving an objective partly or completely is identified as risk.

   §  Scenario-based risk identification In scenario analysis different scenarios are created. The scenarios may be the alternative ways to achieve an objective, or an analysis of the interaction of forces in, for example, a market or battle. Any event that triggers an undesired scenario alternative is identified as risk - see Futures Studies for methodology used by Futurists.

   §  Taxonomy-based risk identification The taxonomy in taxonomy-based risk identification is a breakdown of possible risk sources. Based on the taxonomy and knowledge of best practices, a questionnaire is compiled. The answers to the questions reveal risks. Taxonomy-based risk identification in software industry can be found in CMU/SEI-93-TR-6.

   §  Common-risk checking In several industries lists with known risks are available. Each risk in the list can be checked for application to a particular situation. An example of known risks in the software industry is the Common Vulnerability and Exposures list found athttp://cve.mitre.org.

   §  Risk charting {Crockford, N., "An Introduction to Risk Management, Cambridge, UK, Woodhead-Faulkner 2nd edition1986 p. 18} This method combines the above approaches by listing Resources at risk, Threats to those resources Modifying Factors which may increase or decrease the risk and Consequences it is wished to avoid. Creating a matrix under these headings enables a variety of approaches. One can begin with resources and consider the threats they are exposed to and the consequences of each. Alternatively one can start with the threats and examine which resources they would affect, or one can beg

3.  Identify risk management strategies.

   The Risk Management Strategies are: 

4.