Information Technology Reference
In-Depth Information
Risk Management Process
Production/
Process Control
Suppliers/
Outsourcing/
Purchasing
Servicing
Management
Responsabilities
Software Life
Cycle/ Including
Design and
Development
Customer
Complaints and
Data Analysis
Internal and
External
Upgrades
Traceability and
Records
Retention
FIGURE 15.3
Software risk management elements.
currently is receiving increasing focus to address industry efforts to shorten lead
times, cut development and production costs, lower total life-cycle cost, and improve
the quality of the software entities.
The current approach to software risk mitigation is to manage all potential risks
becoming a hazard that could result in safety problems and harm. This approach of
risk management
plasters broad categories of risk such as project risks, technical
risks, and environmental risks and domain specific software such as medical device
risks and many others. In this chapter, we elected to combine all risks pertaining
to the environment and to humans into a category called safety risks and all other
risks into a category called business risks and then used the Design for Six Sigma
methodology to manage both types of risks.
Software development houses generally are required to have a quality manage-
ment system as well as processes for addressing software-related risks. Figure 15.3,
illustrates the integration of the risk management process into a quality management
system.
A software risk management begins with
planning
for the software based on the
quality system objectives to include the risk acceptability criteria defined by manage-
ment then followed by
risk analysis
to identify all potential hazards associated with
the software, followed by
risk evaluation
to estimate the risk for each hazard. Risk
evaluation is based on experience, evidence, testing, calculation, or even subjective
Search WWH ::
Custom Search