Lviv PM Club Руслан Середюк "Ризики в управлінні проектами"

1. Ruslan Seredyuk
RISKS IN SOFTWARE

2. PROJECTS SUCCESS RATE
Failed
18%
Challenged
43%
Successful
39%
Projects
Chaos Report 2013 by Stabd

3. RECENT EVIDENCE
• Obama Care - only 1% of people managed to successfully enroll with the site in
its first week of operation
• The Surrey Integrated Reporting Enterprise Network (SIREN). Not fit for
purpose. Team was not capable to finish the project. (15M GBP failure)
• Digital Media Initiative (By 2013, the project was judged to be obsolete (as
much cheaper commercial off the shelf alternatives by then existed) and was
scrapped by BBC management. (98M GBP)
• Expeditionary Combat Support System . US Air Force. No significant
capabilities ready on time; would have cost $1.1bn more just to get to 1/4 of
the original scope. (1.1 bn USD )
http://en.wikipedia.org/wiki/List_of_failed_and_overbudget_custom_sof
tware_projects

4. BUT WHY IN SOFTWARE

5. RISKS ARE INEVITABLE IN SOFTWARE.
WHY???
• Misunderstanding of requirements
• Lack of top management commitment and support
• Lack of adequate user involvement
• Failure to gain user commitment
• Failure to manage end user expectation
• Changes to requirements
• Lack of an effective project management methodology
Top Ten Lists of Software Project Risks :
Evidence from the Literature Survey, 2011

6. WHY WE DON’T DO RISKS
MANAGEMENT
• Boring/Hard to do
• Does not work
• We should think positively toward the project goals 
• The data needed to do risk management effectively is lacking.
• Agile handles risks as a part of methodology
• One person can not manage risks effectively
• People minimize the need for risk management by the absence of evidence
(nothing bad has happened yet).
• We don’t really what is a RISK

7. WHAT IS A RISK

8. TYPE OF RISKS
• known known – general software development risks
• known unknowns - project specific risks
• unknown unknowns - “Black Swans”

9. KNOWN KNOWS
• Misunderstanding of requirements
• Lack of top management commitment and support
• Lack of adequate user involvement
• Failure to gain user commitment
• Failure to manage end user expectation
• Changes to requirements
• Lack of an effective project management methodology

10. KNOWN KNOWS. WHAT WE CAN DO ?
• Be prepared, they will come
• Identify using checklists (top 5 - Demarko , top 10 Bohem, taxonomy method)
• Have a risk response plan in place
• Put avoidance strategies into estimates
• Have contingency plans for mitigation

11. BOHEM CHEKLIST. TOP 10
• 1 Personnel Shortfalls - avoid
• 2 Unrealistic Schedules and Budgets - mitigate
• 3 Developing the wrong software functions - avoid
• 4 Developing the wrong user interface - avoid
• 5 Gold-plating - avoid
• 6 Continuing stream of requirements changes - mitigate
• 7 Shortfalls in externally-performed tasks – avoid, transfer
• 8 Shortfalls in externally-furnished components – avoid, transfer
• 9 Real-time performance shortfalls – avoid, mitigate
• 10 Straining computer science capabilities - avoid

12. TAXONOMY BASED RISK
IDENTIFICATION
Software Engineering InstituteSoftware Engineering Institute
Software Engineering Institute

13. KNOWN UNKNOWNS
• Project/product specific risks – new business area
• New technology (e.g. Hadoop)
• Team from Ukraine , cultural differences
• High speed/performance objectives

14. KNOWN UNKNOWNS. WHAT WE CAN DO
• Be prepared, they MAY come
• Identify using brainstorming, Crawford Slip method, Weekly Meetings,
Documentation analysis etc.
• Have a risk response plan in place
• Put avoidance strategies into estimates
• Have contingency plans/reserves for risk management

15. KNOWN UNKNOWNS. WHAT WE CAN DO

18. UNKNOWN UNKNOWNS
• 50% of your team decided to quit
• Virus broken source code repo
• Server crashed with no backups

19. BLACK SWANS. AMOUNT VS DAMAGE
0%
10%
20%
30%
40%
50%
60%
70%
80%
90%
100%
Amount Damage
Black Swans Other risks
According to Tom Kendrick most severe 20% of the risks are black swans.
Black swans bring 50% of the damage

20. UNKNOWN UNKNOWNS. WHAT WE CAN
DO
• Be prepared they may occur
• Have a reserve (100% from initial risks estimates)
• Don’t get shocked with the risk
• Have a swot team to handle that
• Enjoy

21. WHERE ELSE I CAN LOOK FOR RISKS
User
18%
Requirement
21%
Complexity
5%
Planning and
Control
34%
Team
11%
Organizational
Environment
11%
User Requirement Complexity Planning and Control Team Organizational Environment

22. CONCLUSION
• Don’t be afraid of risks
• Identify as soon as possible
• Use checklists and people around for risks identification and management

23. SOMETHING TO READ