Software Engineering Resources
	Risk Analysis and Management Risk analysis and management are a series of steps that help a software team to understand and manage uncertainty. Many problems can plague of software project. A risk is a potential problem; it might happen, it might not. But regardless of the outcome, it's a really good idea to identify it, assess its probability of occurrence, estimate its impact, and establish a contingency plan should the problem actually occur. The following topic categories are presented: Risk Management Resources Risk Management Tutorials, Articles and Papers Risk Tools Books Risk Management Resources Software Risk & Risk Management Resources Introduction as well as useful resources, tools, papers. Recommended. Risk Management - Sources Points to a wide range of RM resources. Recommended. Risk Management Resources Pointers to a variety of case studies, articles and tools. Recommended. RiskWorld Covering risk news and views, but not specifically focused on software. Risk Analysis Resources A mini-report on risk analysis followed by a list of worthwhile resources (on-line and print) can be found at this site. Society for Risk Analysis The Society for Risk Analysis (SRA) provides an open forum for all those who are interested in risk analysis. This discussion is NOT limited to software risks. Security Resources A major risk today is system security. Risk Management Tutorials, Articles and Papers • Tutorials, Overviews, Articles, and Guidebooks Gold Practice - Formal Risk Management Developed by DACS, this indepth discussion covers every important aspect of risk management for software projects. Highly recommended. Risk Management Tutorial A brief but still worthwhile tutorial on IT risk management. Overview of Risk Management A more detailed overview written by Karl Wiegers. Principles of Risk Management SEI's one page discussion of basic principles. SEI Continuous Risk Management Guidebook "Describes the underlying principles, concepts, and functions of risk management and provides guidance on how to implement it as a continuous practice in your projects and organization." Recommended. Risk Management and the Software Process An in-depth report that describes a number of different perspective of risk management and its place in the software process. SEI Risk Management Pages Excellent overview with consideration of risk paradigms, principles, products, and publications. Risk Management Fundamentals in Software Development A useful article discussing risk in software development. Know Your Enemy: Software Risk Management An in depth article by Karl Wiegers. Risk Management for Software Projects An instructive slide presentation by Tom DeMarco. Best Practices for Software Projects - Risk Management A brief article on the subject. Project Risk Checklist A collection of questions that must be asked and answered. The Role of Architectural Risk Analysis in Software Security "Design flaws account for 50% of security problems.... That's why architectural risk analysis plays an essential role in any solid software security program." Risk Analysis in Software Design A downloadable paper by DHS that examines the design for "vulnerabilities, threats, impacts, and probability." Design Phase: Risk Analysis An article provided by MSDN. Project risk management in smaller software teams A downloadable thesis that "investigates project risk management issues in smaller software teams." Traditional Risk Management Doesn't Work A brief contrarian commentary • Specialized Papers Risk Management Papers-I A worthwhile collection of downloadable RM papers. Risk management Papers-II A collection of RM papers. Free Registration required. Taxonomy-Based Risk Identification This report can be downloaded from the SEI. Risk Reduction Patterns Alistair Cockburn describes five risk reduction patterns. Reducing Project Management Risk This detailed tutorial provides many useful risk reduction guidelines. pdf: Risk Management in Global Software Development: A Position Paper The paper discussion intends to motivate risk identification, analysis and risk mitigation as earlier as possible in global software projects, foster an efficient risk management process. pdf: Project risk management: lessons learned from software development environment This paper addresses lessons learned from implementing project risk management practices in software development environment. pdf: Risk Analysis in Software Design Examing risks associated with the design action. pdf: Heuristic Risk-Based Testing An article by James Bach. • Hazards and Safety Hazard Analysis Database A voluminous database containing all entries from the ACM's Forum on Risks to the Public can be found at this site. System and Software Safety A paper by Nancy Leveson. Software Safety Resources An extensive list of software safety resources developed by DACS. • Videos Video: Browser Compatibility Testing Risk Analysis Examining risks associated with web browsers. Video: Project Risk Management A lecture on risk management issues (56:04) Video: Decision Trees and Risk Evaluation A generic discussion of risk analysis. Not software specific but still useful. Risk Tools Risk Management and Analysis Tools Pointers to a wide array of RM tools. Risk Management Related Software Pointers to a variety of RM products and shareware. Risk-Related Software A list of commercially available RM software. Risk Radar Developed by the Software Program Managers Network, this tool "enables you and your project team to manage risks for a single project." Also provides a downloadable book on Risk. RiskyProject and the Event Chain Methodology A useful discussion of event chain methodology (a method for project risk analysis) and a commercial description of a tool for accomplishing it can be found here. Risk Identification Questionnaire Questions that help developers identify project and technical risks. Books For many software projects, risk analysis and manage are implicit, at best. The software risk management literature provides useful guidance for addressing risk at the project level. Books that provide benefit include: Coping with IT/IS Risk Management presents pragmatic advice from project managers who deal with risk on a continuing basis. Project Risk Management discusses a "a proactive project management process" and techniques for program risk auditing Proactive Risk Management defines a "step-by-step process for managing innovation risk in an effective cross-functional manner." Software Engineering Risk Management is a guidebook that introduces an easy-to-use risk analysis model with worthwhile checklists and questionnaires supported by a software package. Risk and Decision Analysis in Projects considers risk analysis from a statistical perspective. Managing Risk: Methods for Software Systems Development presents one of the more thorough treatments of the subject. Risk Management Processing for Software Engineering Models considers metrics, security, process models and other topics. Practical Risk Assessment for Project Management provides a useful snapshot of risk assessment. The abbreviated treatment provides a concise introduction to the subject. The Fundamentals of Risk Measurement presents useful methods and tools that every project manager can use. Waltzing With Bears: Managing Risk on Software Projects is an entertaining and insightful book that guides software managers and practitioners through risk management Additional books worth examining include: Project Risk Management: Processes, Techniques and Insights describes a systematic approach to project risk management Project & Program Risk Management presents a useful introduction to risk in the project or program environment. Assessment and Control of Software Risks presents a detailed discussion of software risks that includes data collected from hundreds of software projects, defining 60 risk factors that can affect the outcome of software projects. Software Risk Management suggests excellent questionnaire and checklist formats that can prove invaluable in identifying risk. Software Engineering Risk Analysis and Management presents a detailed treatment of the mechanics of risk analysis, calling on probability theory and statistical techniques to analyze risks. Application Strategies for Risk Analysis discusses risk in the context of both system and software engineering and suggests pragmatic strategies for risk management. Principles of Software Engineering Management presents a set of "principles" (which are often amusing and sometimes profound) that can serve as a worthwhile guide for risk management. Software Development Failures: Anatomy of Abandoned Projects and Death March discuss what happens when risks overwhelm a software project team. Against the Gods presents an entertaining history of risk that goes back to ancient times. In addition, a number of books on risk management, as it is applied in other fields, may have relevance to the management of software project risks: Modeling Risk The Essentials of Risk Management Risk Management, Tricks of the Trade for Project Managers Identifying and Managing Project Risk