Risk Management Plan

Terminology

threat
a potential event or situation that posses a danger to the project
harm
the consequence of the actual occurrence of a threaten event

Risk Assessment Table

Threat Harm Symptom Monitoring
Mitigation
Team Related - Communication
not communicating with supervisor   conflicting stories

hesitation or evasion when answering questions

walkthrus
misleading communication  
not communicating bad news delays fixing problem a surprise problem enforce habit of communication
inadequate internal communication      
inadequate coordination between subtasks pieces won't fit together during integration    
self deception things get off-track    
       
Team Related - Task & Schedule
missing milestone deadline     internal deadlines

"let's see it now"

overconfidence, complacency     be careful with praise; increase level of expectation "you did a good job, but the next step is harder"
       

Threat Harm Symptom Monitoring
Mitigation
Team Related - Individual
team member drops course short a person    
loss of critical knowledge   understudy
loss of critical role  
       
Individual Related
stress

overload

loss of quality missing meetings
not answering email
missing dealines
"light at the end of the tunnel"

lack of continuity of effort
  (personal factors)
  1) discover cause
2) if legitimate & unavoidable, plan around
3) if not legitimate, immediately inform instructors
lack of effort     increasing levels of pressure:
  supervisor
  AI's
  instructor
  "firing"
self-deception
misrepresentation
  reality contradicts statements  
team member never speaks up

language difficulties

     
lose face ? ? ?      
       
Team Related - Aftershocks
new team member
(Brooks' law)
time spent bringing new member "up to speed"    
       

Threat Harm Symptom Monitoring
Mitigation
Client Related
contact person reassigned or leaves     make certain other client staff know of project
purchases product, leaves town, etc.     drop project or continue as "exercise"
scope creep
 
requirements creep
  on-the-fly respecification and redesign just say "no" - client signs off on RS which includes limits, so change is new request. Make use of management support.

anticipate; design-in flexibility

indentify likely creep, do last

client misunderstands process      
client misunderstands big-picture     enterprise modeling
client misunderstands RS     clear writing
careful document organization
       

Threat Harm Symptom Monitoring
Mitigation
Tool Related
wrong tool      
inadequate tool      
lack of understanding of tool inadequate design   prototype using tool - entire team must participate
       
Process Related
team doesn't back up work files lost    
inadequate CCCM      
       
Deliverable Related
muddy thinking implementation difficulties
incorrect functionality
vague or inconsistent documentation  
premature design decisions
  • structures wrong size
  • implementations inflexible
  • components inconsistent
 
  • generalized/ parameterized implementations
  • more thorough design
       
security issues     security focus from RS on

plan/staff to handle

avoid "leaky" tools (MS?)



Last modified: Wed Sep 19 13:41:51 EDT 2007