Linux Annoyances for Geeks: Getting the Most Flexible System in the World Just the Way You Want It

6.5 SUMMARY

A risk for a project is a condition whose occurrence is not certain but that can adversely affect the project. Risk management requires that risks be identified and prioritized and, for the top few risks, that actions be taken to minimize their impact. The cost of risk mitigation may seem wasted when the risks do not materialize, but they must be incurred to minimize the loss in case the risk materializes.

Table 6.5. Risk Management Plan for the XYZ Project

Sequence Number

Risk

Probability

Consequences

Risk Exposure

Mitigation Plan

1

Failure to meet the high performance

High

High

High

         Indicate expected performance to clients through requirements prototypes.

         Use tips from body of knowledge database to improve performance.

         Make team aware of the requirements.

         Update the review checklist to look for performance pitfalls.

         Study and improve performance constantly.

         Follow guidelines from earlier performance studies.

         Test application for meeting performance expectations during integration and system testing.

2

Lack of availability of persons with the right skills

Medium

Medium

Medium

         Train resources.

         Review prototype with customer.

         Develop coding practices.

3

Complexity of application requirements

Medium

Medium

Medium

         Ensure ongoing knowledge transfer.

         Deploy persons with prior experience with the application.

4

Manpower attrition

Medium

Medium

Medium

         Train a core group of four people.

         Rotate onsite assignments among people.

         Identify backups for key roles.

5

Unclear requirements

Medium

Medium

Medium

         Review a prototype.

         Conduct a midstage review.

6

Difficulty of reconciliation configuration of changes done in onsite maintenance during off-shore development

Medium

Low

Medium

         Create a management plan and adhere to well-defined reconciliation approach.

         Reconcile once per month (first Tuesday or next working day).

         Do not reconcile changes done after a cut-off date.

Table 6.6. Risk Evolution in the XYZ Project

Sequence Number

Risk

Current Probability

Current Consequences

Current Risk Exposure

2

Manpower attrition

High

High

High

3

Difficulty of reconciliation of changes created in onsite maintenance during off-shore development

Low

Low/medium

Low

Following are some of the key lessons from the Infosys approach to risk management:

         To help you identify risks, a list of commonly occurring risks is a good starting point. In addition, look ahead and try to visualize everything that can go wrong in the project.

         For risk prioritization, a simple and effective mechanism is to classify the probabilities of risks and their impacts into categories such as low, medium, and high, and then manage the risks that have high probabilities and impact.

         For the top few risks, plan the risk mitigation steps, and ensure that they are properly executed during the project.

         Monitor and reevaluate the risks periodically, perhaps at milestones, to see whether the risk mitigation steps are having an effect and to revisit risk perception.

With respect to the CMM, the Project Planning KPA of level 2 requires that a project have a risk management plan. Proper processes for risk management and monitoring are a requirement for the Integrated Software Management KPA at CMM level 3.

Категории