Managing Risk: Methods for Software Systems Development
||Author: Elaine M. Hall Ph.D.|
List Price: $59.99
Our Price: Click to see the latest and low price
Publisher: Addison-Wesley Pub Co (05 February, 1998)
Sales Rank: 69,839
Average Customer Rating: 5 out of 5
Customer ReviewsRating: 5 out of 5
Necessary for CMM 4 & 5, excellent general approach
Shows how to establish and manage a comprehensive risk management program. The basis of Ms. Hall's approach is called "P2I2", which stands for Process, People, Infrastructure and Implementation. Within these processes are subprocesses and tasks that, as a whole, will result in a risk management posture that is seamlessly integrated into a development project. Although this book is about managing software development project risks, the approach can be applied to any type of project, and can also be tailored to work in an operational or production environment. For example, implementation plans and change control in the operational environment require a risk management strategy, and the methods provided in this book will fill the void with no modification of the basic P2I2 approach.
The process portion of P2I2 consists of 5-steps for managing risks: identify, analyze, plan, track and resolve. For those who manage projects in accordance with the Project Management Institute's Project Management Body of Knowledge (PMBOK) processes, the P2I2 on the surface appears different from the 6 steps set forth in the PMBOK. The key difference between the two is the PMBOK's risk management approach groups 5 processes into project planning and 1 into project control, while the P2I2 approach takes a more holistic view and incorporates risk management across the entire project life cycle. If you are striving for or working within the Capability Maturity Model at level 3 or above, then this book is essential and perfectly aligns. The book devotes a chapter to each of the processes, which clearly identifies the what's and how's of each. Note that the book does not cover advanced risk management techniques, such as probability curves - you will need to obtain this information elsewhere. It does give qualitative techniques, and gives quantitative methods to assess ROI for the risk management initiative itself, as well as other metrics to prove its effectiveness or lack thereof.
Implementing the risk management infrastructure is covered in great detail and is a roadmap for making risk management an integral part of your project. It starts with developing a policy, defining standard processes to be employed, training your team and compliance verification and continuous improvement methods. This material spans five chapters, which sets the foundation for the next five chapters that address implementation of the program itself. These chapters cover establishing the initiative, developing the plan, tailoring the process to your environment, and assessing and controlling risks. The last two are excellent primers on their topics.
The remaining five chapters are devoted to the people part of P2I2, and are broken down into stages, each discussed in its own chapter. The stages are: problem, mitigation, prevention, anticipation and opportunity. Each is thoroughly discussed and taken together these last chapters clearly show roles, issues and factors, and how human resources are integrated into a coherent and holistic risk management initiative.
This book is clearly written and well illustrated. The approach is not only practical, it's essential to ensuring the success of any specific project or extended to encompass a development organization. Moreover, it is also essential for any organization that wants to attain CMM level 4 or 5.
Rating: 5 out of 5
A great resource on project risk management
An excellent resource. It presents very practical methods for project manager who wants to mange project risk proactively.
Rating: 5 out of 5
This book is impressive and contains a lot of useful detail and original thought. Anyone interested in risk will enjoy and learn from the book as I did. It does tackle "quantified objectives" much better than other texts.
· Software Engineering Risk Management
· Quality Software Project Management
· Waltzing With Bears: Managing Risk on Software Projects
· Assessment and Control of Software Risks