Lecture 21: Risk Management Flashcards
What is risk analysis?
Identifying, assessing, and prioritizing risks that could negatively impact a project or system
What are the types of risk?
Speculative: implies the possibility of either a profit or a loss
Static: Only have losses
How do risks happen?
Lack of information
Lack of control
Lack of time
Lack of resources
What is risk identification?
Attempts to reduce the structural uncertainty - missing information
Tries to identify the system variables
Tries to determine the potential threats to the system’s success
What is risk estimation?
Attempts to reduce the measurement uncertainty
Tries to assign meaningful values to the system variables
Tries to determine the effects of the identified threats on the system
Tries to assign meaningful values to the losses associated with the identified threats
What is risk evaluation?
Tries to assign priorities to the risks
Tries to generate ways to reduce, avoid, or eliminate risks
What is risk planning?
Choosing a course of action acknowledging all of the known risks involved
Develops a plan for doing that course of action
Develops a risk aversion plan
What is risk control?
Implements the risk aversion plan
Updates and supports the plan as needed
What is risk monitoring?
Watches for risk changes
Refines the plans as needed to account for new or changing risks
When should risk analysis be done?
Only when the risks are expected to exceed the cost of doing the assessment
What is a risk table?
For each risk, add an entry to each of the three columns:
Scenario: what could go wrong
Likelihood: probability of it occurring
Damage: how will it affect us
Precision vs. Accuracy
Precision: Exactness by which we describe a variable
Accuracy: Freedom from error
What are estimation biases?
People tend to think their own estimates are more accurate than they really are
Lack of understanding of probability and statistics can lead to bad estimates
What is system failure probability?
Even if low probability component failure, system probability failure can be high due to large number of components
What are some classic mistakes?
People-related: no motivation, weak personnel, adding people late, etc.
Process-related: Overly optimistic schedules, insufficient planning, etc.
Product-related: Requirements
Technology-related: Silver-bullet syndrome, overestimated savings from new tech