Article Preview
TopIntroduction
Many problems in software projects are caused through risks and could be avoided or minimized, if they are identified and treated in advance (Cristina & Salmeron, 2012). Initiating a project without proactively focusing on risks not only increases the probability of risks occurring, but also the impact they may have on the project, and, thus, the chances of project failure (Persson, Mathiassen, Boeg, Madsen, & Steinson, 2009; Öbrand, Nils-Petter, & Holmstr, 2012). A risk is an uncertainty, whose materialization can negatively impact on the project plan (Jalil & Hanif, 2009). For example, if hardware prices increase, the project may come in over budget or if a key software analyst becomes ill, critical activities may be delayed. The probability of a risk is the chance it happens, whereas the risk impact indicates what will be affected in the project (e.g., schedule, budget, or quality) and to what degree. Risk management serves to identify the risks to which the project is exposed to, and to plan actions to minimize the impact or even avoid them happening (PMI, 2013). It consists of a set of processes, responsible for identifying the project risks, analysing them, planning risk responses, and to control risks throughout the project execution (PMI, 2013).
Yet, risk management is still underutilized in the software sector (PMI, 2010), where the majority of enterprises approaches risk management informally. This issue is even more severe as typically most software organizations are Small and Medium Enterprises (SMEs) with limited resources (SEBRAE, 2013; SOFTEX, 2012).
And, although, there exist various guides on risk management (such as the PMBOK (PMI, 2013)), comprehensive tool support for the adoption of risk management is basically only available through commercial tools such as MS-Project (microsoft.com/project) or Primavera (oracle.com/primavera). Yet, due to their price, such tools may be not suitable to the budget of many SMEs (Fabac, Radoševi, & Pihir, 2010). On the other hand, open-source project management tools such as dotProject (dotproject.net), project.net (project.net), or phpCollab (phpcollab.com) also provide some kind of risk management, yet, are less complete and generally not in conformity with best practice guides such as the PMBOK (Pereira, Gonçalves, & Wangenheim, 2013). However, due to their low cost and flexibility, they may represent an interesting alternative especially for SMEs.
One of the most popular and comprehensive open-source tools is dotProject, a web-based tool for project management. However, dotProject is also far from supporting completely the project management process as proposed by the PMBOK (Dippelreiter, Grün, & Pöttler, 2010; Wangenheim, Wangenheim, & Hauck, 2009). Especially for risk management, dotProject itself does not provide any support (Pereira et al., 2013). And, although, there exist an add-on module that provides basic support to risk management for risk registering and reporting (SOURCEFORGE, 2013), it is still far from providing comprehensive support.