Abstract : Software project development requires the investment of a large number of human, material and financial resources, but in the process of development there are a number of uncertainties and variability, and thus it is necessary to manage and control software project risk. In this paper, through the software project throughout the risk identification, analysis, response and monitoring, in all phases of project development and actively do a good job of risk prevention and control work, in order to achieve the purpose of reducing project risks, reduce risk losses.
Keywords : software project development; risk management; risk prevention and control
1 Introduction
Risk refers to the process of carrying out a certain activity, some sudden, uncertain factors on the participants of the activity to cause damage, the probability of damage to the natural environment [ 1]. Like other engineering projects, the development of software projects also has a variety of risks, such as the project capital overdraft, the extension of the construction period, the system can not meet the demand and so on. Thus, in the process of software development, good risk management will help to reduce the development risk and ensure the quality of development.
2 Software Project Risk Classification
2.1 Technical Risk
Software in the process of analysis, design, testing and implementation, the potential technical problems that may occur to the software project is called technical risk, such as the use of obsolete or immature technology, the system documentation is not standardized.
2.2 Management Risk
Management risk refers to the lack of planning, control and management of the project in terms of budget, staffing, schedule, resources, and so on, which has a negative impact on the software project.
2.3 Commercial Risk
Commercial risk is also known as market risk, including the development of software products do not meet market demand, the positioning of the software product is not clear and thus lack of market competitiveness, the market competition is more competitive.
2.4 Security Risks
Security risks include natural risks, human risks, external environmental risks, such as piracy, viruses and so on.
3 Software Project Risk Management Steps
3.1 Risk Identification
The risk identification phase needs to identify what risks will affect the development of the software project, including the categories, factors, provenance, and consequences of these risks [2]. Common approaches to risk identification include the following.
(1) expert survey method. Software project development risk issues, consult the project-related industry experts, the collected opinions and suggestions to organize the formation of the report, and then send the report to the experts again for consultation. After several rounds of this, when the experts' opinions converge, a final conclusion can be reached.
(2) brainstorming method. Members of the project development team, representatives of the project unit, invited experts and consultants to convene, through the meeting of the way, on the development of the project risk discussion and exchange, in order to accurately identify, analyze and predict the project risk.
(3) risk detection table method. The design and use of various types of entry-type risk detection table to help the project team to identify various risks. Such as the developer risk detection table, you can list such as the technical level of the developers, developers have similar project development experience, the number of developers is appropriate, the developers are able to participate in the software development work from start to finish, the developers are able to concentrate all their energy into the software development work, the developers have received the necessary training, the developers of the staff mobility to ensure continuity of work and other entries. ensure the continuity of the work, and so on. By analyzing and answering these questions, you can identify the risks that personnel factors pose to a software project.
3.2 Risk Analysis
Risk analysis focuses on the assessment of the probability of occurrence of risk events and their consequences [3]. In order to complete the assessment of various risks, the need to establish a risk metrics system, clear the consequences of various risks and losses, estimate the impact of risk on the software project, and ultimately give the results of risk estimation [4]. Risk analysis, often use the quaternion [R,P,I,W] to describe the risk. Where R represents the risk, P represents the probability of the risk occurring, I represents the impact of the risk, and W represents the weight of the impact of the risk on the project. Since the ability to complete the software development work according to the terms of software performance, time and amount specified in the contract plays a crucial role in the successful acceptance of the project. Therefore, focus on the selection of cost, schedule, software performance three aspects of the software project risk metrics, when a certain aspect of the metric value reaches or exceeds the threshold, the software project will be forced to terminate.
Usually the process of risk assessment can be divided into four steps:
(1) According to the results of risk identification, analyze the probability of occurrence of each risk, each risk on the project cost, schedule, the size of the impact of the three aspects of software performance, based on the severity of the consequences of the risk of each risk is given a different risk weight.
(2) Define the quaternion [R,P,I,W] for each risk.
(3) Define the threshold at which the project is forced to terminate.
(4) Predict the combined impact of risk combinations on the project [5].
3.3 Risk Response
The various risks that may occur need to formulate a corresponding response strategy. Commonly used coping strategies include risk prevention, risk transfer, risk avoidance and so on. Risk prevention usually refers to improving the reliability and standardization of the various stages of the software project, thereby reducing the probability of risk. Risk transfer refers to the use of contracts, insurance, guarantees, sale, contracting, etc. [6] to transfer part of the loss when the risk occurs to a third party, in order to reduce the risk loss on their side. Risk avoidance refers to the fact that when the occurrence of certain risks is unavoidable and the consequences are more serious, the project program can be adjusted, or worse, the project is actively abandoned, so as not to cause irreparable losses. After completing the risk identification, analysis and response strategy selection, should form an easy to understand risk analysis and response table, as shown in Table 1.
3.4 Risk Monitoring
Risk monitoring refers to the monitoring of the implementation of risk response measures based on the results of the preliminary risk analysis, to strengthen the control of the whole process of project risk [7]. The purpose of risk monitoring is to monitor the actual implementation of risk management strategies and countermeasures to see whether it meets the expected goals, and at the same time, according to the current risk monitoring results in a timely manner to amend the risk analysis and response table, or to analyze the newly identified risks in the project and develop appropriate risk response measures [8].
4 Risk Prevention and Control Measures
4.1 Requirements Analysis Stage
Software requirements are the basis for software development, but also the software acceptance criteria, so the precise determination of the software requirements belongs to the focus of the development of the software project and difficult. On the one hand, it is difficult for users to start a complete and clear software system functions, performance, operating environment and other aspects of the demand for accurate expression. However, as the project progresses, the user's requirements for the software may become more and more clear and more and more, and even sometimes there will be a user request to change the software requirements in the testing phase. This is unacceptable to system analysts and software developers. On the other hand, users, system analysts and software developers have different ways of describing software requirements. Users want to use natural language to describe software requirements, while professionals want to use structured description languages, such as data flow diagrams, data dictionaries, and so on. This avoids the dichotomy and uncertainty that natural language tends to cause, and facilitates the next step in the software design process.
Preventive and control measures for this type of situation include:
(1) Strengthen the understanding of the organizational structure of the project unit, the workflow and existing software systems.
(2) system analysts need to master some of the techniques and ways to obtain user requirements.
(3) the company has been put into use similar software as a software prototype, submitted to the user to facilitate the collection of system analysts on user requirements.
(4) organization by the project unit, system analysts and system designers *** with the participation of the requirements review meeting, and ultimately the formation of the results of the agreed requirements analysis phase - the requirements specification.
(5) on the completion of the requirements analysis phase of the new requirements put forward by the user, can be taken to stay in the future version of the upgrade processing, such as the project unit must be added to the requirements, it can be discussed with the customer to extend the development time, increase the amount of the contract.
4.2 Design and development phase
If the software product development using the prototype method, although it can reduce the project risk due to unclear requirements, but due to the prototype method using a cyclic iterative approach to continuously meet the user's needs, which may result in the design and development of the software beyond the expected cost and time, and in the process of repeated modifications, it is easy to make the customer project can be successfully completed. In the process of iterative modification, it is easy to make customers doubt whether the project can be completed successfully. To address this type of risk, on the one hand, the life cycle approach can be combined with the prototype approach to complement each other, the structured life cycle approach as the main method in software development, and in some parts of the process, the prototype approach is used to quickly obtain user feedback information [9]. On the other hand, do a good job of communicating with customers, timely inform customers of the progress and process of software design and realization [10].
4.3 Testing phase
A common risk in the testing phase is poor test cases. This can lead to incomplete testing, where errors in the software are not detected, making the software perform less well. The measures that can be taken to prevent and control this include:
(1) Train testers on software requirements.
(2) Strengthen the review of test cases.
(3) If conditions permit, users can be invited to participate in software testing.
4.4 Implementation phase The implementation phase may face the risk of customers relying too much on technical staff and delaying acceptance of the project. Preventive and control measures include:
(1) the formation of a standardized "User Manual", to strengthen the training of software users.
(2) Do a good job of leadership.
(3) Preach the company's later scope of services and the standardization of service management. The process of switching between the old and new systems also has certain risks. If the conversion work lacks standardized management and reliable security, it is bound to cause serious consequences, and even affect the normal work. In the face of this situation, first, we need to pay special attention to the original system and the new system of document protection work, strengthen the management of personnel and data backup; second, according to user requirements, the status of the project unit, the progress of the conversion process to adjust the system switching process.
5 Conclusion
There are various risks in the software development process, and risk management needs to be implemented for each risk. As a result, risk management itself can also constitute a sub-project in the software project. Scientifically formulated software project risk management plan, in the necessary human resources and financial support, continue to complete the risk identification, analysis, response and monitoring and other risk management steps [11], do a good job in all phases of the project development of risk prevention and control work, so as to achieve the risk control at a minimum, reduce the impact of risk on the software project, and better control the software development costs and schedules of the purpose.
References
[1]Yang Yiping,Lu Shan. Management Information System. Beijing:Machinery Industry Press,2018
[2]Suo Hongjun. Software project risk analysis and research. Software Guide,2017,16(08):128-131
[3]Gu Shan.Research on Strategic Material Purchasing Strategy of S Company [Master's Thesis]. Shanghai Jiaotong University,Shanghai,2015
[4]Baidu Library. Risk analysis of software projects.
[5]Han, Most Jiao. Software Engineering Fundamentals. Beijing:Tsinghua University Press,2009
[6]Wang Hui. Cost risk management and analysis and control of highway project construction stage. Building Materials and Decoration,2019(24):259-260
[7]Mei Xudong.Research on Risk Management of M Company Karachi Nuclear Power Plant Project [Master's Thesis]. Donghua University,Shanghai,2018
[8]Liu Qiang Management. Risk management based on the whole life cycle of international engineering projects. Journal of Civil Engineering and Management,2017,34(06):1-9+16
[9]Yuan Longyin. Research on the role of libraries and knowledge services in the integrated development of urban and rural areas [Master's thesis]. Chongqing University, Chongqing University, 2012
[10]Ma Xingpeng. System analysis and design of comprehensive analysis platform project for universities [Master's thesis]. Northeastern University, Liaoning, 2011
[11]Zhan Hongyan. Research on risk control strategy in software project management. Software,2019,40(06):230-232
Author: Yang Hui Unit: School of Transportation Information, Hubei Institute of Transportation Vocational and Technical