Software Engineering (2160701)

BE | Semester-6   Winter-2017 | 11/03/2017

Q5) (c)

What is Risk Management? Explain RMMM plan

  • A risk is a potential problem – it might happen and it might not
  • Conceptual definition of risk
    • Risk concerns future happenings
    • Risk involves change in mind, opinion, actions, places, etc.
    • Risk involves choice and the uncertainty that choice entails
  • Two characteristics of risk
    Uncertainty – the risk may or may not happen, that is, there are no 100% risks (those, instead, are called constraints)
    Loss – the risk becomes a reality and unwanted consequences or losses occur

Steps for Risk Management

1. Identify possible risks and recognize what can go wrong
2. Analyse each risk to estimate the probability that it will occur and the impact (i.e., damage) that it will do if it does occur
3. Rank the risks by probability and impact. Impact may be negligible, marginal, critical, and catastrophic.
4. Develop a contingency plan to manage those risks having high probability and high impact


  • The RMMM PLAN documents all work performed as part of risk analysis and used by the project manager as part of the overall project plan
  • Some software teams do not develop a formal RMMM document, rather each risk is documented individually using a Risk information sheet (RIS)
  • In most cases, RIS is maintained using a database system.
  • So Creation and information entry, priority ordering, searches and other analysis may be accomplished easily.
  • The format of RIS is describe in diagram
  • RMMM - Mitigation, Monitoring, and Management
  • An effective strategy for dealing with risk must consider three issues

Risk Mitigation

  • Risk mitigation (avoidance) is the primary strategy and is achieved through a plan
  • For Ex., Risk of high staff turnover
  • To mitigate this risk, you would develop a strategy for reducing turnover.
  • The possible steps to be taken are:
    • Meet with current staff to determine causes for turnover (e.g., poor working conditions, low pay, and competitive job market)
    • Mitigate those causes that are under your control before the project starts
    • Once the project commences, assume turnover will occur and develop techniques to ensure continuity when people leave
    • Organize project teams so that information about each development activity is widely dispersed
    • Define work product standards and establish mechanisms to be sure that all models and documents are developed in a timely manner
    • Conduct peer reviews of all work (so that more than one person is “up to speed”).
    • Assign a backup staff member for every critical technologist

Risk Monitoring

  • The project manager monitors factors that may provide an indication of whether the risk is becoming more or less likely.
  • In the case of high staff turnover, the general attitude of team members based on project pressures, the degree to which the team has jelled, inter-personal relationships among team members, potential problems with compensation and benefits, and the availability of jobs within the company and outside it are all monitored.
  • In addition to monitoring these factors, a project manager should monitor the effectiveness of risk mitigation steps.
  • The project manager should monitor work products carefully to ensure that each can stand on its own and that each imparts information that would be necessary if a newcomer were forced to join the software team somewhere in the middle of the project.

Risk Management

  • Risk management and contingency planning assumes that mitigation efforts have failed and that the risk has become a reality.
  • If the mitigation strategy has been followed, backup is available, information is documented, and knowledge has been dispersed across the team.
  • In addition, you can temporarily refocus resources (and readjust the project schedule) to those functions that are fully staffed, enabling newcomers who must be added to the team to “get up to speed.” Those individuals who are leaving are asked to stop all work and spend their last weeks in “knowledge transfer mode.”