Risk Management Metrics

Risk Management Metrics

Rimsy Dua (Chandigarh University, India), Samiksha Sharma (Chandigarh University, India) and Rohit Kumar (Chandigarh University, India)
DOI: 10.4018/978-1-6684-3702-5.ch004
OnDemand PDF Download:
No Current Special Offers


This chapter describes how risk management deals with the detection, the evaluation and the precedence of the risks in the process of project management. There is always an uncertainty factor related to the decisions of an investment while managing a project. Risk management is a proactive approach to deal with such future events that can lead to slow performance of the software project management. For successful risk management; there are different metrics that have been used in the past and are being getting used in the present for inspecting the progress of a project at specific points in a timeline that help in reducing the amount of risk. For the adoption of effective metrics for risk management, data is required. All of the metrics can be applied to the different domains of project, process and product. The chapter also covers strategies to advance, distinguish, estimate, and forecast the risk management process. A review of the key point indicators (KPIs) are also integrated along with the project metrics to signify the future and the present renderings.
Chapter Preview


Risk is a state that involves disclosure to threat. In normal day to day life people face enormous kind of risks that can happen from their personal actions or financial activities. Despite of all the other categories that belong to risk; this chapter covers the marketable and the industry risks that organizations face while executing project management. In today’s era organizations suffer from broad collection of risks that can lead to negative outcomes or bogus results. Different categories of risks an organization can face are control risk, opportunity risks and hazard risks (Hopkin, 2017). Hazard risks are those than can hinder an organization from achieving particular set of objectives, developing that objective is opportunity risk and creating a fiction of unpredictability in outcomes is control risk. Risk management deals with supervising, managing and estimating such risks. Risk management is adopted in private as well as public sectors in order to have a proactive approach towards the threats that can occur. While designing software, an organization may suffer from enormous number of risks such that personal risks, technical risks, financial risks and management risks (Westfall, 2004). Personnel risks arise due to lack of preparation and skill of the working employees whereas technical risks can happen because of wrong followed procedures and standards. For financial risks; cash runs, capital and return on savings are the main cause. At last, the management itself sometimes responsible for the project risks because of communication gap, lack of planning, proper training, authority and experience among employees.

Risk management process starts with first recognizing the risks. After identifying the risk, investigation is done on various types of identified risks (Boehm, 1991). When an investigation is performed risks are prioritized according to the extent of threat they can confer to the software. A risk management plan is prepared after prioritizing various risks, that plan will involve actions to be taken against risks. A risk management plan can reduce the probability of risk occurrence to a greater extent. After the completion of plan, a set of pre-defined actions is applied to the project and a constant monitoring or tracing is performed that signifies the degree of risk at each stage of project development (Rasmussen, 1997). Tracing of project at various stages gives insight about diverse count of new risks and old plans can be updated according to the newly identified risks after tracing the development of project at different timestamps. Figure 1 given below exemplifies the risk management process.

Figure 1.

Risk Management Process

  • Risk Identification: Risk identification deals with recognizing diverse risks that a project can come across during development process. Risk identification is the pre-process as it gives insight about risks that can lead to system failure. The process of identification involves key set of activities like communication between the team members and documentation. In the documentation, risk occurrences are defined along with their relationships.

  • Risk Assessment: After identifying all the risks, assessment is performed where risk analysis is carried out. An evaluation process is executed that signifies how much threat it can confer to the project. So briefly risk assessment deals with analysis of the identified risks and evaluating them on the source of degree of threat that can possess. Risk assessment also helps in prioritizing different identified risks, which helps in reducing their impact.

  • Risk Control: Subsequent to analysis and risk evaluation, control programs are being developed that holds different set of risk control activities. Controlling a risk is required as it reduces the impact of risk to a greater extent. After prioritizing the risks, control programs are applied that gives an organization a vision of how to diminish the degree of threat.

  • Monitoring: Monitoring deals with tracing of project development process at various check points. The major advantage an organization can get is identification of new risks at various levels of project progress. Organizations keep on updating their project plans in accordance with the tracing reports and builds up new strategies to cope with the new identified project risks.

Complete Chapter List

Search this Book: