5 Steps Software Project Managers Take in Managing Risk

About the Author: Chris Hanks

May 28, 2015


Risk Management


Software has become an integral part of all businesses. Its significance is growing every day along with the development of technology. But with every software project there are high-risk activities that face a significant amount of uncertainty and require proper risk management throughout the project. [tweet_quote hashtags=”#ProjectMgt” ]Many software projects end in failure or run over their budgets because of poor risk management.[/tweet_quote] The success of a software project is directly connected to the involved risks and how you manage them.

Don’t Deny it. Every Software Project has Risks.

Risk is the probability of the occurrence of an adverse event that can compromise the success of a project. Risks can lead to failure of the project, increased costs, delayed completion, or compromised quality of work. Every software development project has risks and they can be of different types which include schedule risks, product risks, platform risks, personnel risks, and process risks.

What is Software Risk Management?

The risk management process identifies the areas that need special attention and ensures minimization of risks and overall success of the project. Simply put, it can be defined as all the necessary steps that should be taken to minimize and/or manage risk.

Risk Management in Continuous Cycles

Ten years ago, the prevailing theories on risk management were much like the prevailing theories on software project management: plan everything then execute everything. This classic “waterfall” approach, however, has been supplanted by more agile and iterative methods, with continuous cycles of identify, analyze, plan, assess, and adjust.

1. Identify

The first step in the process of risk management is to identify risks before they adversely affect your project. At the beginning of the project, a small set of risks might be identified based upon contracts or statements of work, team member input, prior experience with similar projects, and client or stakeholder expectations. As the project progresses, however, new risks will emerge and it is critical to identify them as soon as possible.

2. Analyze

Each identified risk should be analyzed to determine its likelihood to occur and its potential impact on on the project budget, schedule, scope, and quality. Each risk should be treated with the urgency and priority that it deserves based upon this analysis.

3. Plan

Once the risk has been identified and analyzed, the project manager plans a response. There are four basic options available to a project manager in response to a risk:

  1. Transfer the risk to the client or stakeholder
  2. Avoid the risk by eliminating the source of risk in the scope or project plan
  3. Minimize the risk by minimizing its impact
  4. Accept and manage the risk

When planning ahead, each response can be constructed as a contingency plan, to be implemented if and when the risk is encountered. In many cases, however, the risk is identified as it is encountered, so the response must be implemented immediately.

4. Assess

Assessing the success of a planned risk response is an important step that is often overlooked as project managers move on to other important duties. But in the dynamic and ever-changing environments of software and business, sometimes a risk response doesn’t work as expected. It is critical that the project manager assess the success of his or her risk responses and, if necessary, apply adjustments.

5. Adjust

Ideally, a risk response is implemented and the result is that the risk is transferred, avoided, or minimized as expected. Often, however, the response is not 100% effective and further response is required. When a risk response is implemented but additional risk remains, the iterative cycle begins again: identify, analyze, plan, assess, and adjust.

Project Management is Risk Management

In many ways, [tweet_quote hashtags=”#PM” ]the most important role of a project manager, particularly in software projects, is to manage risk[/tweet_quote]. When given a set of requirements, any team member can provide estimated completion dates, establishing a rough schedule. From this, a budget can be calculated. But unless a project manager is actively identifying and analyzing risks and planning, analyzing, and adjusting responses to those risks, a project is unlikely to be delivered on schedule or within budget.

Share article

Related Articles —

— Also on Galvin Tech —