Risk associated with software development: a holistic framework for assessment and management

Abstract

Although the management of risk in the development process is critical for all engineering disciplines, this paper focuses on the software development process and proposes a framework for the assessment and management of risk associated with this process. The proposed framework is grounded on a holistic concept termed hierarchical holographic modeling, where more than one perspective or vision of the risk associated with software development is analyzed. Three perspectives, or decompositions, are introduced: 1) functional decomposition, which encompasses seven basic attributes associated with software development-requirement, product, process, people, management, environment, and system development; 2) source-based decomposition, which relates to the four sources of failure-hardware, software, organizational, and human; and 3) temporal decomposition, which relates to the stages in the software development process. The following set of questions is addressed at each level of the hierarchical holographic submodels: What can go wrong? What is the likelihood that it will go wrong? What are the consequences? What can be done? What options are available? What are the associated trade-offs in terms of all costs, benefits, and risks? And what is the impact of current management decisions on future options? Once the ''universe'' of risk-based problems has been identified, then a risk ranking method is applied to provide priorities among them. Because software development is an intellectual, labor-intensive activity, this paper pays special attention to the role of human resource development and improvement in risk assessment. The paper is the first among a set of articles on the risk associated with software development.