Risk Identification in Software Project

What is Risk Identification ?

Risk identification can be defined as the efforts taken to specify treats to the project plan.  Risk identification can be done by identifying the known and predictable risks.

The risk identification is based on two approaches

1. Generic Risk Identification – It includes potential threat identification to software project.
2. Product Risk Identification – It includes product specific threat identification by understanding people, technology and working environment in which the product gets built.

Normally the risk identification is done by the project manager who follows following steps :-

Steps 1 : Preparation of risk items check list

The risk items can be identified using following known and predictable components.

1. Project Size– The risk items based on overall size of the software product is identified.
2. Business impact – Risk items related to the marketplace or management can be predicted.
3. Customer Characteristics – Risks associated with customer-developer communication can be identified.
4. Process definition – Risks that get raised with the definition of software process.  This category exposes important risks items because whichever is the process definition made, is then followed by the whole team.
5. Development environment – The risks associated with the technology and tool being used for developing the product.
6. Staff Size and experience – Once the technology and total related risks items are identified it is essential to identify the risk associated with sufficient highly experienced and skilled staff who will do the development.
7. Technology to be built – complexity of the system should be understood and related risk items needs to be identified.

After preparing a risk item checklist a questionnaire is prepared.  These set of questions should be answered and based on these answers the impact or seriousness of particular risk item can be judged.

Step 2 : Creating Risk Components and drivers list.

The set of risk components and drivers list is prepared along with their probability of  occurrence.  Then their impact on the project can be analysed.

Risk Components and Drivers

The Types of Risk Components :

1. Performance Risk,


2. Cost Risk,


3. Support Risk,


4. Schedule Risk.

How to Access Overall Project Risk ?

The best approach is to prepare a set of questions that can be answered by Project managers in order to asses the overall project risks.  The questions can be

1. Will the project get proper support by the customer manager ?
2. Are the end-users committed to the software that has been produced ?
3. Is there a clear understanding of requirements ?
4. Is there an active involvement of the customer in requirement definition ? 
5. Is that the expectations set for the product are realistic ?
6. Is project scope stable ? 
7. Are there team members with required skills ?
8. Are project requirements stable ?
9. Does the technology used for the software is known to the developers ?
10. Is the size of team sufficient to develop the required product ?
11. Is that all the customers know the importance of the product / requirements of the system to be built ?

Thus the number of negative answers to these questions represents the severity of the impact of the risk on overall project.