本书详细讲述了软件开发过程中可能存在的风险,就其识别、管理、建立基础结构、实施管理这几个过程,展示了所有风险管理方法、工具和技能。针对风险管理过程中的各个阶段,本书还提供了值得软件开发组织借鉴的真实案例。\r\n
\r\n
FOREWORD: RUNNING TOWARD RISK \r\n\r\n PREFACE \r\n\r\n ABOUT THE AUTHOR \r\n\r\n PARTI RISK MANAGEMENT DISCOVERY \r\n\r\n Chapter 1 SOFTWARE RISK MANAGEMENT \r\n\r\n 1.1 Foundations \r\n\r\n 1.2 Risk in the Large \r\n\r\n 1.3 Risk in the Small \r\n\r\n 1.4 Consequences of Knowledge \r\n\r\n 1.5 Consequences of lgnorance \r\n\r\n 1.6 Summary \r\n\r\n 1.7 Questions for Discussion \r\n\r\n 1.8 References \r\n\r\n \r\n\r\n Chapter 2 P2I2 SUCCESS FORMULA \r\n\r\n 2.1 Major Factors in Risk Management Capability \r\n\r\n 2.2 People: The Human Element \r\n\r\n 2.3 Process: The Steps to Manage Risk \r\n\r\n 2.4 Infrastructure: The Organizational Foundation \r\n\r\n 2.5 Implementation: The Project Execution \r\n\r\n 2.6 Summary \r\n\r\n 2.7 Questions for Discussion \r\n\r\n 2.8 References \r\n\r\n \r\n\r\n Chapter 3 RISK MANAGEMENT MAP \r\n\r\n 3.1 The Road to Risk Management Capability \r\n\r\n 3.2 Risk Management Map Directions \r\n\r\n 3.3 Journey from Problem to Opportunity \r\n\r\n 3.4 Journey from Novice to Expert \r\n\r\n 3.5 Summary \r\n\r\n 3.6 Ouestions for Discussion \r\n\r\n 3.7 References \r\n\r\n \r\n\r\n PART II RISK MANAGEMENT PROCESS \r\n\r\n Chapter 4 IDENTIFY RISK \r\n\r\n 4.1 Oefine the Risk Identitication Process \r\n\r\n 4.2 Develop Risk Checklists \r\n\r\n 4.3 Define the Risk Assessment Method \r\n\r\n 4.4 Develop the Risk Management Form \r\n\r\n 4.5 Establish the Risk Database Schema \r\n\r\n 4.6 Summary \r\n\r\n 4.7 Questions for Discussion \r\n\r\n 4.8 References \r\n\r\n \r\n\r\n Chapter 5 ANALYZE RISK \r\n\r\n 5.1 Define the Risk Analysis Process \r\n\r\n 5.2 Define Risk Analysis Techniques \r\n\r\n 5.3 Define Risk Evaluation Criteria \r\n\r\n 5.4 Establish the Risk Prioritization Scheme \r\n\r\n 5.5 Summary \r\n\r\n 5.6 Questions for Discussion \r\n\r\n 5.7 References \r\n\r\n \r\n\r\n Chapter 6 PLAN RISK \r\n\r\n 6.1 Define the Risk Planning Process \r\n\r\n 6.2 Define Risk Resolution Strategies \r\n\r\n 6.3 Define SeIection Criteria \r\n\r\n 6.4 Develop the Risk Action Plan TempIate \r\n\r\n 6.5 Summary \r\n\r\n 6.6 Questions for Discussion \r\n\r\n 6.7 References \r\n\r\n \r\n\r\n Chapter 7 TRACK RISK \r\n\r\n 7.1 Define the Risk Tracking Process \r\n\r\n 7.2 Define Risk Tracking Techniques \r\n\r\n 7.3 Define Risk Measures and Metrics \r\n\r\n 7.4 Define Triggering Devices \r\n\r\n 7.5 Summary \r\n\r\n 7.6 Questions for Discussion \r\n\r\n 7.7 References \r\n\r\n \r\n\r\n Chapter 8 RESOLVE RlSK \r\n\r\n 8.1 Define the Risk Resolution Process \r\n\r\n 8.2 Define Risk Resolution Techniques \r\n\r\n 8.3 Define Risk Management Return on Investment \r\n\r\n 8.4 Develop a Corrective Action Procedure \r\n\r\n 8.5 Summary \r\n\r\n 8.6 Questions for Discussion \r\n\r\n 8.7 References \r\n\r\n \r\n\r\n PART III RISK MANAGEMENT INFRASTRUCTURE \r\n\r\n Chapter 9 DEVELOP THE POLICY \r\n\r\n 9.1 Obtain Commitment \r\n\r\n 9.2 Allocate Resources \r\n\r\n 9.3 Survey Existing Practice \r\n\r\n 9.4 Define Draft Policy \r\n\r\n 9.5 Review Draft Policy \r\n\r\n 9.6 Document Policy \r\n\r\n 9.7 Approve Po1icy \r\n\r\n 9.8 Communicate Policy \r\n\r\n 9.9 Summary \r\n\r\n 9.10 Questions for Discussion \r\n\r\n 9.11 References \r\n\r\n \r\n\r\n Chapter 10 DEFINE STANDARD PROCESS \r\n\r\n 10.1 Establish an Action Team \r\n\r\n 10.2 Develop the Draft Standard Process \r\n\r\n 10.3 Review the Draft Standard Process \r\n\r\n 10.4 Document the Standard Process \r\n\r\n 10.5 Approve the Standard Process \r\n\r\n 10.6 Distribute the Standard Process \r\n\r\n 10.7 Summary \r\n\r\n 10.8 Questions for Discussion \r\n\r\n 10.9 References \r\n\r\n \r\n\r\n Chapter 11 TRAIN RISK TECHNOLOGY \r\n\r\n 11.1 Prepare for Training \r\n\r\n 11.2 Develop Training Material \r\n\r\n 11.3 Appty Training Metrics \r\n\r\n 11.4 Deliver Training \r\n\r\n 11.5 Obtain Training Feedback \r\n\r\n 11.6 Summary \r\n\r\n 11.7 Ouestions for Discussion \r\n\r\n 11.8 References \r\n\r\n \r\n\r\n Chapter 12 VERIFY COMPLIANCE \r\n\r\n 12.1 Review the Risk Management Plan \r\n\r\n 12.2 Audit Agents and Artifacts \r\n\r\n 12.3 Generate an Audit Report \r\n\r\n 12.4 Track Action Items \r\n\r\n 12.5 Summary \r\n\r\n 12.6 Questions for Discussion \r\n\r\n 12.7 References \r\n\r\n \r\n\r\n Chapter 13 IMPROVE PRACTICE \r\n\r\n 13.1 Develop an Appraisal Method \r\n\r\n 13.2 Assess Risk Practices \r\n\r\n 13.3 Develop an Improvement Plan \r\n\r\n 13.4 Implement the Improvement Plan \r\n\r\n 13.5 Summary \r\n\r\n 13.6 Questions for Discussion \r\n\r\n 13.7 References \r\n\r\n \r\n\r\n PART IV RISK MANAGEMENT IMPLEMENTATION \r\n\r\n Chapter 14 ESTABLISH THE INITIATIVE \r\n\r\n 14.1 Review Risk Management Requirements \r\n\r\n 14.2 Plan Risk Management Activities \r\n\r\n 14.3 Budget Risk Management Activities \r\n\r\n 14.4 Schedule Risk Management Activities \r\n\r\n 14.5 Staff Risk Management Activities \r\n\r\n 14.6 Coordinate Risk Management Training \r\n\r\n 14.7 Summary \r\n\r\n 14.8 Questions for Discussion \r\n\r\n 14.9 References \r\n\r\n \r\n\r\n Chapter 15 DEVELOP THE PLAN \r\n\r\n 15.1 Outline the Risk Management Plan \r\n\r\n 15.2 Define Risk Management Goats \r\n\r\n 15.3 Define the Risk Management Strategy \r\n\r\n 15.4 Define the Risk Management Process \r\n\r\n 15.5 Define Risk Management Verification \r\n\r\n 15.6 Define Risk Management Mechanisms \r\n\r\n 15.7 Summary \r\n\r\n 15.8 Questions for Discussion \r\n\r\n 15.9 References \r\n\r\n \r\n\r\n Chapter 16 TAILOR THE STANDARD PROCESS \r\n\r\n 16.1 Review the Standard Process \r\n\r\n 16.2 Examine Tailoring Options \r\n\r\n 16.3 List Unique Project Factors \r\n\r\n 16.4 Recommend Process Changes \r\n\r\n 16.5 Document Standard Process Deviations \r\n\r\n 16.6 Summary \r\n\r\n 16.7 Questions for Oiscussion \r\n\r\n 16.8 References \r\n\r\n \r\n\r\n Chapter 17 ASSESS RISK \r\n\r\n 17.1 Conduct a Risk Assessment \r\n\r\n 17.2 Develop a Candidate Risk List \r\n\r\n 17.3 Define Risk Attributes \r\n\r\n 17.4 Document Identified Risk \r\n\r\n 17.5 Communicate Identified Risk \r\n\r\n 17.6 Estimate and Evaluate Risk \r\n\r\n 17.7 Prioritize Risk \r\n\r\n 17.8 Summary \r\n\r\n 17.9 Questions for Discussion \r\n\r\n 17.10 References \r\n\r\n \r\n\r\n Chapter 18 CONTROL RISK \r\n\r\n 18.1 Develop Risk Resolutlon Alternatives \r\n\r\n 18.2 Select the Risk Resotution Strategy \r\n\r\n 18.3 Develop the Risk Action Plan \r\n\r\n 18.4 Monitor Risk Status \r\n\r\n 18.5 Execute the Risk Action Plan \r\n\r\n 18.6 Take Corrective Action as Required \r\n\r\n 18.7 Summary \r\n\r\n 18.8 Questions for Discussion \r\n\r\n 18.9 References \r\n\r\n \r\n\r\n PART V PEOPLE IN CRISIS AND CONTROL \r\n\r\n Chapter 19 STAGE 1: PROBLEM \r\n\r\n 19.1 Problem Project Overview \r\n\r\n 19.2 The Process Improvement Initiative \r\n\r\n 19.3 Process Assessment \r\n\r\n 19.4 Process Assessment Results \r\n\r\n 19.5 Initiative Hindsight \r\n\r\n 19.6 Summary and Conclusions \r\n\r\n 19.7 Questions for Discussion \r\n\r\n 19.8 References \r\n\r\n \r\n\r\n Chapter 20 STAGE 2: MITIGATION \r\n\r\n 20.1 Mitigation Project Overview \r\n\r\n 20.2 Risk Assessment Preparation \r\n\r\n 20.3 Risk Assessment Training \r\n\r\n 20.4 Project Risk Assessment \r\n\r\n 20.5 Project Risk Management \r\n\r\n 20.6 Project Risk Retrospective \r\n\r\n 20.7 Summary and Conclusions \r\n\r\n 20.8 Questions for Discussion \r\n\r\n 20.9 References \r\n\r\n \r\n\r\n Chapter 21 STAGE 3: PREVENTION \r\n\r\n 21.1 Prevention Project Overview \r\n\r\n 21.2 Risk Assessment Results \r\n\r\n 21.3 Risk Manager \r\n\r\n 21.4 Risk Practice Survey \r\n\r\n 21.5 Risk Practice Observations \r\n\r\n 21.6 Summary and Conclusions \r\n\r\n 21.7 Questions for Discussion \r\n\r\n 21.8 References \r\n\r\n \r\n\r\n Chapter 22 STAGE 4: ANTICIPATION \r\n\r\n 22.1 Anticipation Project Overview \r\n\r\n 22.2 Proactive Risk Management \r\n\r\n 22.3 Organization Measurement Practices \r\n\r\n 22.4 Risk Management Committee \r\n\r\n 22.5 Living Lifecycle Model \r\n\r\n 22.6 Summary and Conclusions \r\n\r\n 22.7 Questions for Discussion \r\n\r\n 22.8 References \r\n\r\n \r\n\r\n Chapter 23 STAGE 5: OPPORTUNITY \r\n\r\n 23.1 Opportunity Project Overview \r\n\r\n 23.2 Fixed-Price Problems \r\n\r\n 23.3 Routine Risk Management \r\n\r\n 23.4 High-Performance Engineering \r\n\r\n 23.5 The Power Pyramid \r\n\r\n 23.6 Summary and Conclusions \r\n\r\n 23.7 Questions for Discussion \r\n\r\n 23.8 References \r\n\r\n \r\n\r\n EPILOGUE \r\n\r\n GLOSSARY \r\n\r\n INDEX \r\n\r\n \r\n\r\n 中文翻译目录: \r\n\r\n 第I部分 风险管理的发现 \r\n\r\n 第I章 软件风险管理 \r\n\r\n 1. l 基础知识 \r\n\r\n 1. 2 大规模的风险 \r\n\r\n 1. 3 小规模的风险 \r\n\r\n 1. 4 认识的结果 \r\n\r\n 1. 5 忽略的后果 \r\n\r\n 1. 6 小结 \r\n\r\n 1. 7 讨论题 \r\n\r\n 1. 8 参考文献 \r\n\r\n 第2章 P2I2成功模式 \r\n\r\n 2. l 风险管理能力的主要因素 \r\n\r\n 2. 2 人力因素 \r\n\r\n 2. 3 过程:管理风险的步骤 \r\n\r\n 2. 4 基础结构:组织基础 \r\n\r\n 2. 5 实施:项目执行 \r\n\r\n 2. 6 小结 \r\n\r\n 2. 7 讨论题 \r\n\r\n 2. 8 参考文献 \r\n\r\n 第3章 风险管理进展图 \r\n\r\n 3. l 提高风险管理能力之路 \r\n\r\n 3. 2 风险进展图方向 \r\n\r\n 3. 3 问题如何转变为机会 \r\n\r\n 3. 4 新手如何修炼为专家 \r\n\r\n 3. 5 小结 \r\n\r\n 3. 6 讨论题 \r\n\r\n 3. 7 参考文献 \r\n\r\n \r\n\r\n 第II部分 风险管理过程 \r\n\r\n 第4章 风险识别 \r\n\r\n 4. l 定义风险识别过程 \r\n\r\n 4. 2 制定风险核对清单 \r\n\r\n 4. 3 定义风险评估方法 \r\n\r\n 4. 4 制定风险管理表 \r\n\r\n 4. 5 建立风险数据库模式 \r\n\r\n 4. 6 小结 \r\n\r\n 4. 7 讨论题 \r\n\r\n 4. 8 参考文献 \r\n\r\n 真5章 风险分析 \r\n\r\n 5. l 定义风险分析过程 \r\n\r\n 5. 2 定义风险分析技巧 \r\n\r\n 5. 3 定义风险评价标准 \r\n\r\n 5. 4 建立风险优先级系统 \r\n\r\n 5. 5 小结 \r\n\r\n 5. 6 讨论题 \r\n\r\n 5. 7 参考文献 \r\n\r\n 第6章 风险计划 \r\n\r\n 6. l 定义风险计划过程 \r\n\r\n 6. 2 定义风险应对决策 \r\n\r\n 6. 3 定义选择标准 \r\n\r\n 6. 4 开发风险行动计划模板 \r\n\r\n 6. 5 小结 \r\n\r\n 6. 6 讨论题 \r\n\r\n 6. 7 参考文献 \r\n\r\n 第7章 风险跟踪 \r\n\r\n 7. l 定义风险跟踪过程 \r\n\r\n 7. 2 定义风险跟踪技巧 \r\n\r\n 7. 3 定义风险度量标准和度量结果 \r\n\r\n 7. 4 定义触发器 \r\n\r\n 7. 5 小结 \r\n\r\n 7. 6 讨论题 \r\n\r\n 7. 7 参考文献 \r\n\r\n 第8章 风险应对 \r\n\r\n 8. l 定义风险应对过程 \r\n\r\n 8. 2 定义风险应对技巧 \r\n\r\n 8. 3 定义风险管理投资回报 \r\n\r\n 8. 4 制定校正行动过程 \r\n\r\n 8. 5 小结 \r\n\r\n 8. 6 讨论题 \r\n\r\n 8. 7 参考文献 \r\n\r\n \r\n\r\n 第III部分 风险管理的基础结构 \r\n\r\n 第9章 制定决策 \r\n\r\n 9. l 取得承诺 \r\n\r\n 9. 2 分配资源 \r\n\r\n 9. 3 调查现有体例 \r\n\r\n 9. 4 定义换策草案 \r\n\r\n 9. 5 复查决策草案 \r\n\r\n 9. 6 将决策编写为文档 \r\n\r\n 9. 7 批准决策 \r\n\r\n 9. 8 决策交流 \r\n\r\n 9. 9 小结 \r\n\r\n 9. 10 讨论题 \r\n\r\n 9. 11 参考文献 \r\n\r\n 第10章 定义标准过程 \r\n\r\n 10. 1 建立行动团队 \r\n\r\n 1O. 2 制订标准过程草案 \r\n\r\n 10. 3 复查标准过程草案 \r\n\r\n 10. 4 将标准过程编写为文档 \r\n\r\n 10. 5 批准标准过程 \r\n\r\n 10. 6 分发标准过程 \r\n\r\n 10. 7 小结 \r\n\r\n 10. 8 讨论题 \r\n\r\n 10. 9 参考文献 \r\n\r\n 第11章 风险管理培训 \r\n\r\n 11. l 准备培训 \r\n\r\n 11. 2 准备培训材料 \r\n\r\n 11. 3 应用培训衡量标准 \r\n\r\n 11. 4 实施培训 \r\n\r\n 11. 5 收集培训反馈 \r\n\r\n 11. 6 小结 \r\n\r\n 11. 7 讨论题 \r\n\r\n 11. 8 参考文献 \r\n\r\n 第12章 检验一致性 \r\n\r\n 12. l 复查风险管理计划 \r\n\r\n 12. 2 核查行动者和典型产物 \r\n\r\n 12. 3 生成核查报告 \r\n\r\n 12. 4 跟踪行动项目 \r\n\r\n 12. 5 小结 \r\n\r\n 12. 6 讨论题 \r\n\r\n 12. 7 参考文献 \r\n\r\n 第13章 改进实践 \r\n\r\n 13. l 制定评价方法 \r\n\r\n 13. 2 评估风险实践 \r\n\r\n 13. 3 制订改进计划 \r\n\r\n 13. 4 实施改进计划 \r\n\r\n 13. 5 小结 \r\n\r\n 13. 6 讨论题 \r\n\r\n 13. 7 参考文献 \r\n\r\n \r\n\r\n 第IV部分 风险管理的实施 \r\n\r\n 第14章 建立风险管理开端 \r\n\r\n 14. 1 复查风险管理需求 \r\n\r\n 14. 2 计划风险管理活动 \r\n\r\n 14. 3 编制风险管理活动的预算 \r\n\r\n 14. 4 确定风险管理活动的时间 \r\n\r\n 14. 5 安排参与风险管理活动的人员 \r\n\r\n 14. 6 协调风险管理培训 \r\n\r\n 14. 7 小结 \r\n\r\n 14. 8 讨论题 \r\n\r\n 14. 9 参考文献 \r\n\r\n 祭15章 制订计划 \r\n\r\n 15. l 提出风险管理计划的要点 \r\n\r\n 15. 2 定义风险管理目标 \r\n\r\n 15. 3 定义风险管理决策 \r\n\r\n 15. 4 定义风险管理过程 \r\n\r\n 15. 5 定义风险管理验证 \r\n\r\n 15. 6 定义风险管理机制 \r\n\r\n 15. 7 小结 \r\n\r\n 15. 8 讨论题 \r\n\r\n 15. 9 参考文献 \r\n\r\n 第16章 剪裁标准过程 \r\n\r\n 16. l 复查标准过程 \r\n\r\n 16. 2 检查剪裁选项 \r\n\r\n 16. 3 列出独特的项目因素 \r\n\r\n 16. 4 建议过程更改 \r\n\r\n 16. 5 将建议过程与标准过程的偏差写成文档 \r\n\r\n 16. 6 小结 \r\n\r\n 16. 7 讨论题 \r\n\r\n 16. 8 参考文献 \r\n\r\n 第17章 风险评估 \r\n\r\n 17. l 进行风险评估 \r\n\r\n 17. 2 制定候选风险列表 \r\n\r\n 17. 3 定义风险属性 \r\n\r\n 17. 4 将已识别的风险写成文档 \r\n\r\n 17. 5 交流已识别的风险 \r\n\r\n 17. 6 风险估计和评价 \r\n\r\n 17. 7 区分风险优先级 \r\n\r\n 17. 8 小结 \r\n\r\n 17. 9 讨论题 \r\n\r\n 17. 10 参考文献 \r\n\r\n 第18章 风险控制 \r\n\r\n 18. l 开发各种风险应对备用方案 \r\n\r\n 18. 2 选择风险应对决策 \r\n\r\n 18. 3 制订风险行动计划 \r\n\r\n 18. 4 监测风险状态 \r\n\r\n 18. 5 执行风险行动计划 \r\n\r\n 18. 6 按需要采取校正行动 \r\n\r\n 18. 7 小结 \r\n\r\n 18. 8 讨论题 \r\n\r\n 18. 9 参考文献 \r\n\r\n \r\n\r\n 第V部分 处于危机和控制状态的人 \r\n\r\n 第19章 第1阶段:问题 \r\n\r\n 19. 1 问题项目概述 \r\n\r\n 19. 2 过程改进的开始 \r\n\r\n 19. 3 过程评估 \r\n\r\n 19. 4 过程评估结果 \r\n\r\n 19. 5 初步过程改进后的认识 \r\n\r\n 19. 6 小结和结论 \r\n\r\n 19. 7 讨论题 \r\n\r\n 19. 8 参考文献 \r\n\r\n 第20章 第2阶段:缓和 \r\n\r\n 20. l 缓和项目概述 \r\n\r\n 20. 2 风险评估准备 \r\n\r\n 20. 3 风险评估培训 \r\n\r\n 20. 4 项目风险评估 \r\n\r\n 20. 5 项目风险管理 \r\n\r\n 20. 6 项目风险回顾 \r\n\r\n 20. 7 小结和结论 \r\n\r\n 20. 8 讨论题 \r\n\r\n 20. 9 参考文献 \r\n\r\n 第21章 第3阶段:防范 \r\n\r\n 21. l 防范项目概述 \r\n\r\n 21. 2 风险评估结果 \r\n\r\n 21. 3 风险经理 \r\n\r\n 21. 4 风险管理实践的调查 \r\n\r\n 21. 5 风险管理实践的一些评论 \r\n\r\n 21. 6 小结和结论 \r\n\r\n 21. 7 讨论题 \r\n\r\n 21. 8 参考文献 \r\n\r\n 第22章 第4阶段:预知 \r\n\r\n 22. l 预知项目概述 \r\n\r\n 22. 2 主动的风险管理 \r\n\r\n 22. 3 组织测量实践 \r\n\r\n 22. 4 风险管理委员会 \r\n\r\n 22. 5 活的生命周期模型 \r\n\r\n 22. 6 小结和结论 \r\n\r\n 22. 7 讨论题 \r\n\r\n 22. 8 参考文献 \r\n\r\n 第23章 第5阶段:机会 \r\n\r\n 23. 1 机会项目概述 \r\n\r\n 23. 2 固定价格的问题 \r\n\r\n 23. 3 日常风险管理 \r\n\r\n 23. 4 高性能工程 \r\n\r\n 23. 5 权力金字塔 \r\n\r\n 23. 6 小结和结论 \r\n\r\n 23. 7 讨论题 \r\n\r\n 23. 8 参考文献 \r\n\r\n 后记 \r\n\r\n 词汇表 \r\n\r\n 素引 \r\n
\r\n
The growing pains of the software community continue with the increased demand for software systems. The fact that software, the code developed to execute in a computing system, is pervasive in society is both a problem and an opportunity for managers and engineers. Many software professionals see the problems, but only a few see the opportunities. Problems that cause projects to be late, over budget, or of poor quality are collectively known within the community as the software crisis. Application of traditional problem-solving methods to solve the software crisis has been ineffective for the most part. The source of the software crisis is the project, process, and product risk that turns into problems because risk management is not done. Risk management differs from traditional problem solving for the simple reason that a risk is not a problem. By analogy, risk management is to a risk what an algorithm is to a problem. Whereas problems may be solved by the application of algorithms, a risk may be resolved by application of risk management.
Software risk management is a practice designed to reso1ve risks that affect be software Project, process, or product. The goal of Managing Risk is to help people responsible for software systems acquire the knowledge necessary to apply software risk management. This book provides a handy reference to help busy professionals assess and control software risks.
This book will help you answer the following questions
l. What does it take to manage software risk?
2. What is my ability to manage software risk?
3. How can I increase my abi1ity to manage software risk?
This book is a practical, easy-to-use guide for managing software risk that describes an approach based on proved practices. Whether your level of expertise in managing risk is novice, beginner, intermediate, advanced, or expert, the five stages of risk management evolution ensure that you know where to start your journey.
Because risk is defined as the possibility of loss, traditional works often portray it with a negative connotation. This book however, has a broad and positive perspective on risk. Risk has long been associated with unmet reliability, safety, and security requirements. A1though these requirements are important applications of risk concepts, they do not preclude managing risk to satisfy any other requirement, such as profitability, reusability, and quality. This book makes no assumptions about what your requirements are; it simply encourages you to take a broad view of managing risk to satisfy your requirements and achieve your goals. This book does not judge the consequence of a risk. Instead, it reframes risk in a positive manner, and views opportunity cost as a loss. A broad and positive perspective of risk challenges us to exceed expectations through thinking about the possibilities. How can we manage risk to benefit from the enormous opportunity that exists today in the field of software?
Audience
This book is written for people who manage and develop software systems, including those who hold the responsibi1ities for oversight and improvement of a software project, product, or process. I assume that you are a busy professional, interested in maintaining a competitive advantage for yourself and your organization. Your job could be one of these:
● Senior manager, responsible for management of an organization that has a core competency in software.
● Engineering manager, responsible for functional management of technical staff who develop or maintain software systems.
● Project manager of software systems acquisition, development, or maintenance.
● Software manager, responsible for directing software teams.
● Systems engineer, responsible for meeting the technical requirements of software systems.
● Software engineer, responsible for large-scale software development or maintenance.
● Quality assurance specialist, responsible for verification of process and product compliance using risk identification and problem prevention as a proactive strategy.
● Measurement analyst, responsible for either short-term or long-term measurement of software projects.
● Engineering process group or process action team member, responsible for organizational technology transfer, process definition, and process improvement.
● Change agent, working with software organizations as a corporate trainer.
● Process consultant, performing risk assessment and risk management for clients within the government or commercial software sector.
● College professor, teaching software project management or risk management.
Book Overview
The book is divided into five parts that describe a risk management road map designed to take you from crisis to control of software projects. The path to increasing your ability to manage risk is shown through progress in four synergistic dimensions of people, process, infrastructure, and implementation. These dimensions provide a separation of responsibility and focus that map to the specialization of the roles required on a software project. Parallel efforts in each dimension may speed the transition of risk management in your organization.
Each book part begins with a brief overview that summarizes the key topics covered in each chapter and why they are important.
Part I, "Risk Management Discovery," lays the foundation for understanding the role of risk management in software engineering. The chapters describe the relationship of six disciplines that illustrate where risk fits in to managing product development and the factors that contribute to the abi1ity to manage software risks. The Risk Management Map, Persona1 Risk Management Matrix and the Ten-Point Game P1an are presented to provide understanding and motivation for improvement.
Pat II, "Risk Management Process," elaborates the activities to perform risk management using a standard process definition notation. Process steps, inputs, and outputs are fully defined. Methods and tools used by the process are shown by example. The process dimension describes the steps to predictable risk management results in terms of what and how. Engineering process group or process action team members and process consu1tants can appreciate this reusable process component.
Part III, "Risk Management Infrastructure," sets out the organizational foundation that supports the establishment of a risk-aware culture. Training metrics help you provide just enough information just in time. Techniques for project oversight are included, as wel1 as a method for estab1ishing a baseline for quantitative process improvement. Without infrastructure, there is no strategic plan in place to institutionalize risk management. Senior managers, engineering managers, and change agents should benefit from these organizational building blocks.
Part IV, "Risk Management Implementation," instantiates the standard process within a software project. Risk management activities throughout the life cycle are planned, budgeted, scheduled, and staffed. The implementation dimension describes who, where, when, and why. The detai1s of the risk management plan are presented, with tailoring suggestions for the standard process, especially useful for project managers, software managers, systems engineers, and software engineers behind schedule.
Part V, "People in Crisis and Control," describes actual project teams whose practices formed the basis of the risk management evolution stages. These case studies provide a wealth of experiences, ancedotes, and benchmark data from the l990s. I had the opportunity to survey and study people's perceptions of the performance and importance of their risk management practices and identified effective and ineffective practices used by project managers, engineering managers, configuration managers, quality assurance specialists, systems engineers, software engineers, test engineers, and customers. These insights and lessons learned should be invaluable to people struggling to manage software systems risk.
How to Read This Book
The approach for reading this book depends on your job category, and your risk management ability. Everyone should read Part I, which provides the background for the rest of the book. If you are a risk management novice read Chapter 1 comp1etely. Read Chapter 2 to learn the success formula for managing risk. Read Chapter 3 to understand the road map to increase your risk management ability. Depending on your job category, Parts II through IV wi1l apply. Read Part II if you are responsible for risk management process definition or execution; Part III if you are responsible for establishing risk management policy, training, compliance, verification, or process improvement; and Part IV if you are responsible for planning, tailoring, or performing risk management on a project. Everyone should read the case studies in Part V to benchmark their personal, project, and organizational risk management capability.
These case studies are based on a range of software projects. Read them to determine whether your risk management process is above or below the levels described. Use them to define the steps needed to mature your risk management ability. Technical terms in boldface are explained in the Glossary. You might read a section out of order and tin d a term defined a few chapters back. The questions at the end of each chapter support retention and learning.
第二书店&China-pub战略联盟提供专业服务
第二书店联系方式 010-64348411 webmaster@dearbook.com