Estimating Quality-Affecting Risks in Software Projects

Regardless how much effort we make for the success of software projects, many software projects have very high failure rates and risks during their life. In addition to technical risks, the projects normally suffer from risks caused by management practices and conflicts of interests. Risk is not always avoidable, but it is controllable. The aim of this paper is to improve quality of software projects of the participating companies while estimating the quality–affecting risks in IT software projects. The results showed that there were 40 common risks in software projects of IT companies in Palestine. The amount of technical and non-technical difficulties was very large. Our data showed, once again, that most of the risks were very important. The study has been conducted on a group of managers to improve the probability of project succes

The Linkage Between Software Risk Management Practice and Peoject Success: Evidence from Thai Software Firms

Software risk management has been around at least since it was introduced in mainstream of software management process, in 1989 [1-3]. Review of literature has shown that there is a great deal of interest in the effects of software risk management on project success. 29 publications, from 1997 to 2009, were found in the literature review work for empirical evidence of the contribution of risk management to IT project success of Bakker et al. [8]. This research explored the relationship between the actual organizational software risk management practice and project performance success in Thai software industry. The findings of this study show that the risk management practices are positively correlated with performance success in meeting both the reliability of the application and the completion of the application within the schedule. This is different from the finding of Raz et al. [21] that project risk management practices are more correlated to schedule and budget goals than in product performance measures

Software Development Top Models, Risks Control and Effect on Product Quality

In recent time considerable efforts have been made to improve the quality of software development process and subsequently the end product One of such efforts is finding a way to avoid or prevent risks in the overall process and where or when it is not possible to prevent risk alleviation readily comes handy Seve ral problem solving methods such as six thinking hat risk table and riskit analysis graph RAG applied along with generic models such as spiral waterfall prototyping and extreme programming have been used in the past to prevent risk and enhances both delivery time and product quality Howeve r some gaps were identified in the earlier works done in this area and in the generic models designed for evaluating and controlling risks prompting the development of modern ones Hence this work tries to investigate different types of risks and risk management models leaning on the gaps in research it attempts to create a framework for better risk prediction and alleviation with the aim of enhancing delivery time and product quality To enhance good understanding and reading of the work it has been structured into different sections It concludes on some recommendations for future research in this paradig

An industrial study on the risk of software changes

ABSTRACT Modelling and understanding bugs has been the focus of much of the Software Engineering research today. However, organizations are interested in more than just bugs. In particular, they are more concerned about managing risk, i.e., the likelihood that a code or design change will cause a negative impact on their products and processes, regardless of whether or not it introduces a bug. In this paper, we conduct a year-long study involving more than 450 developers of a large enterprise, spanning more than 60 teams, to better understand risky changes, i.e., changes for which developers believe that additional attention is needed in the form of careful code/design reviewing and/or more testing. Our findings show that different developers and different teams have their own criteria for determining risky changes. Using factors extracted from the changes and the history of the files modified by the changes, we are able to accurately identify risky changes with a recall of more than 67%, and a precision improvement of 87% (using developer specific models) and 37% (using team specific models), over a random model. We find that the number of lines and chunks of code added by the change, the bugginess of the files being changed, the number of bug reports linked to a change and the developer experience are the best indicators of change risk. In addition, we find that when a change has many related changes, the reliability of developers in marking risky changes is affected. Our findings and models are being used today by an industrial partner to manage the risk of their software projects

An industrial study on the risk of software changes

ABSTRACT Modelling and understanding bugs has been the focus of much of the Software Engineering research today. However, organizations are interested in more than just bugs. In particular, they are more concerned about managing risk, i.e., the likelihood that a code or design change will cause a negative impact on their products and processes, regardless of whether or not it introduces a bug. In this paper, we conduct a year-long study involving more than 450 developers of a large enterprise, spanning more than 60 teams, to better understand risky changes, i.e., changes for which developers believe that additional attention is needed in the form of careful code or design reviewing and/or more testing. Our findings show that different developers and different teams have their own criteria for determining risky changes. Using factors extracted from the changes and the history of the files modified by the changes, we are able to accurately identify risky changes with a recall of more than 67%, and a precision improvement of 87% (using developer specific models) and 37% (using team specific models), over a random model. We find that the number of lines and chunks of code added by the change, the bugginess of the files being changed, the number of bug reports linked to a change and the developer experience are the best indicators of change risk. In addition, we find that when a change has many related changes, the reliability of developers in marking risky changes is negatively affected. Our findings and models are being used today in practice to manage the risk of software projects

Supply chain risk management practice in Malaysian automotive industry

Organizations are experiencing increasing supply chain risks especially due to new business trends such as globalization and offshoring. For that reason, supply chain risk management is required to manage those risks effectively. Although there is a voluminous academic research on descriptive and conceptual model of supply chain risk management, evidences which describe the implementation of supply chain risk management in industry are limited. Therefore, the purpose of this research is to explore the implementation of supply chain risk management among Malaysian small and medium automotive companies. This study also explores the enablers to supply chain risk management implementation and barriers that impede this practice. Case study method was employed at three companies which were selected through purposeful sampling. By using thematic analysis, the data was analyzed and interpreted. The research results indicated that all three companies were heading towards more formal supply chain risk management implementation. Although the companies managed the supply chain risks based on TS16949 standard and company formal procedures, the tools used in the supply chain risk management, risk communication, training and risk responsibility were yet to be completely formalized. Pressure from customers and top management emerged as the primary enablers to such implementation. This study also revealed that barriers rooted from companies internal such as the lack of knowledge impeded the case companies from advancing their supply chain risk management implementation. The findings of this study offer a description of supply chain risk management implementation for organizations

WeDRisk :an approach to managing web and distributed software development risks

PhD ThesisWeb and distributed software developments are risky and face speci c challenges like time zone and cultural di erences. These challenges have resulted in new risks and risk management needs. In this thesis, a systematic review of existing software risk management approaches was conducted to investigate their ability to satisfy the risk management needs of web and distributed developments. The review identi es a number of weaknesses in existing approaches. Examples are the lack of consideration for web and distributed factors and lack of preparation for atypical risks. A new approach called WeDRisk is introduced to manage the risks from project, process and product perspectives. The WeDRisk approach addresses the weaknesses of existing approaches to risk management, which are less able to deal with the speci c challenges of web and distributed develop- ment. A key part of the approach is exibility to deal with the rapid evolution which is typical of such developments. This exibility is achieved by customiz- ing the risk management and providing a method for coping with atypical risks. WeDRisk also provides an improved risk estimation equation to consider web and distributed factors. The novel aspects of the WeDRisk approach were subjected to a series of evaluation cycles, including peer review, two controlled experiments, expert evaluation and a case study. In addition to a number of improvement sug- gestions, the evaluation results illustrate how WeDRisk is useful, understandable, exible, easy to use, and able to satisfy many web and distributed development risk management needs.Industrial Research Centre and Libyan government-Higher Ed- ucation for the scholarship