Risk Assessment White Paper (November 2013)
Software risk assessment and formal risk management are disciplines that are essential to the application development process. Risk management may be defined as the vehicle used to identify project risk factors using empirical data (or the lack of empirical data) to quantify factors that could cause a project to fail. Webster defines risk as “the chance of injury, damage, or loss; hazard.” Therefore, software development project risk may be defined as the “potential realization and cumulative effect of unwanted negative consequences effecting project objectives.”
Risk is not entirely bad. Every major work effort involves risk. However, with risk comes knowledge and opportunity – the opportunity for planning to overcome potential threats to project success. Every project is at risk to fail. The opportunity comes with the project team’s knowledge and understanding of the risk factors and the preparation of a risk management plan to mitigate
Project risk assessment activities must be periodically updated throughout the project system development life cycle. Continuous risk management is essential for several reasons:
- To monitor and measure progress in risk management,
- To provide management with visible target dates and milestones in risk management activities,
- To identify new risk items and issues, and
- To establish new risk management priorities.