Managing Organizational Risk Knowledge
Luciana de Landa Farias
(Federal University of Rio de Janeiro – COPPE, Brazil delanda@cos.ufrj.br) Guilherme H. Travassos
(Federal University of Rio de Janeiro – COPPE, Brazil ght@cos.ufrj.br) Ana Regina Rocha
(Federal University of Rio de Janeiro – COPPE, Brazil darocha@cos.ufrj.br) Abstract: Risk planning requires an organization global view, as it is strongly centered in the experience and knowledge acquired in former projects. The larger the experience of the project manager the better will be his ability in identifying risks, estimating their occurrence likelihood and impact, and defining the mitigation and contingency plans. However, project manager risk knowledge cannot stay in an individual level, but it must be made available to the organization. This paper describes an approach to risk planning in software projects based on the organizational risk knowledge reuse. A risk management process focused on the capture and utilization of organizational knowledge together with a support case tool make part of this approach. An experimental study of the relations between risk-causing facts and risks of software projects was accomplished and its results used to define such a tool.
Keywords: Risks Management, Knowledge Management, Risks Planning.
Categories: D.2.0, D.2.9
1
Introduction
It is becoming more difficult to manage project risks due to the size and complexity of current software products [Garvey et al., 1997]. Project managers can inadvertently repeat past mistakes simply because they do not know the mitigation actions which have been successfully applied or even because they do not value risks caused by certain project restrictions and characteristics. Inefficient risk knowledge management contributes to maximize this problem. One of the
References: [Basili et al., 1994] Basili, V. R. , Caldiera, G., Rombach, H. D. :“Goal Question Metric Paradigm” pages 528532. John Wiley & Sons (1994). [Garvey et al., 1997] Garvey, P.R., Phair, D.J., Wilson, J.A.: “An Information Architecture for Risk Assessment and Management”, IEEE Software, 14, 3 (1997), 25-34. [IEEE, 2001] IEEE Std 1540-2001: IEEE Standard for Software Life Cycle Processes – Risk Management (2001). [ISO, 1997] ISO 10006 : Quality Management – Guidelines to Quality in Project Management (1997). 681 [ISO/IEC, 1999] ISO/IEC DTR 16326: “Software Engineering – Guide for the application of ISO/IEC 12207 to project management” (1999). [Kontio and Basili, 1996] Kontio, J., Basili, V.R: “Risk Knowledge Capture in the Riskit Method”, Proceedings of the 21st Software Engineering Workshop, NASA, Greenbelt, Maryland (1996). [Markkula, 1999] Markkula, M.: “Knowledge Management in Software Engineering Projects”, Software Engineering and Knowledge Engineering - SEKE 99; Kaiserlautern, Germany, June (1999). [Pfleeger et al., 2001] Pfleeger, S. L., Haton, L., Howell, C.C.: “Solid Software”; Prentice Hall (2001). [Statz, 1999] Statz, J.: “Leverage your Lessons”, IEEE Software, 16, 2 (1999), 30-32 [Villela et al., 2001] Villela, K., Santos, G., Bonfim, C., et al.: ”Knowledge Management in Software Development Environments”, 14th International Conference Software & Systems Engineering and their Applications, Paris (2001). [Wohlin et al., 2000] Wohlin, C., Runeson, P., Höst, M., Ohlsson, M., Regnell, B., Wesslén, A: “Experimentation in Software Engineering – An Introduction”, Kluwer Academic Publishers (2000). [Williams et al., 1997] Williams, C.R., Walker , J.A., Dorofee, A. J.: “Putting Risk Management into Practice”, IEEE Software, 14, 3 (1997), 75-81.