Towards An Elastic Risk Management Methodology By Using Business to Software Unified Process (BSUP)

Towards An Elastic Risk Management Methodology By Using Business to Software Unified Process (BSUP)

Pooya Khosraviyan Dehkordi (Islamic Azad University (Shahrekord Branch), Iran) and Farshad Kyoomarsi (Islamic Azad University (Shahrekord Branch), Iran)
DOI: 10.4018/978-1-61692-016-6.ch015


Riskit is a now a world-wide risk management methodology deployed by a number of expert software engineering communities since its first rollout by (Kontio et. al, 1994,1995,1996,1997 and 1996). Business to Software Unified Process (BSUP) has been the proprietary Business to software modeling approach introduced for the first time in 2003 (Nasiri et. al, 2004 and 2007). In this paper the goal is apply the capabilities inherent in BSUP to optimize Riskit process model. BSUP, UML 2.0 and Fuzzy Logic Concepts are widely used when ever the model is to be made.
Chapter Preview


The Riskit method for software engineering risk management (Charette,1989) is widely in use because of its sound theoretical foundation and its major focus on qualitative cognition of risks before their possible quantification (Carr et. al, 1993), in addition to its capability to provide a defined process for conducting risk management. Today, it is being supported by various tools, techniques and also rich guidelines. But the fascinating feature may be that the use of Riskit does not preclude the use of other risk management approaches (Kontio et. al, 1994, 1995, 1996 and 1997). Since the early days of software development (Basili et. al, 1989 and 19921992), risks had been perceived inevitable because of various unanticipated problems which cause development team to go over budget, miss deadlines, or finally deliver less than satisfactory artifacts and so on.

Although risks neither could be eliminated nor might be ignored, one may strictly monitor and manage them to control and mitigate their potential harmful effects. Reflective and proactive methods are alternatives to achieve the Goal. There are a few shortcomings which make the risk management process so sophisticated. The shortcomings of current methods are as follows:

  • Risk (MacCrimmon et. al, 1986) is very seldom a crisp straightforward concept and mostly it is perceived as a non deterministic concept which is quite close to Fuzzy Logic concepts (Harris, 2006) and measures (Ganesh, 2006). This is also true while the impression of risk on various stakeholders is measured.

  • Risks may influence each others in different ways. Risks may strengthen or diminish each other. This feature may make a very complicated scenario while analyzing the potential effects of risks.

  • Clarity of methods and cost effectiveness of many current risk management methods are totally in doubts since they are costly perceived as complex or too costly to use.

Complete Chapter List

Search this Book: