undefined | unit 5 risks and configuration management

Unit - 5

Risks and Configuration Management

Q. 1) What is the risk management and software risk ? Also write the types ?

Ans. Risk Management -

Risk analysis and management are a series of steps that help a software team to understand and manage uncertainty. Many problems can plague a software project.

A risk is a potential problem—it might happen, it might not.

Software Risks

Risk always involves two characteristics: a set of risk information sheets is produced.

● Uncertainty—the risk may or may not happen; that is, there are no 100% probable risks.

● Loss—if the risk becomes a reality, unwanted consequences or losses will occur.

It is necessary to measure the level of uncertainty and the associated degree of loss when assessing risks.

Q. 2) What are the types of risk ?

Ans : Types of Risk -

Project Risk - If the risks become real, the project timeline is likely to slip and the costs will grow.

Technical Risk - When the issue is harder to fix than you expected it would be, technological risks arise.

Implementation can become challenging and impossible if a technological risk becomes a reality.

Business Risk - The feasibility of the software to be developed is threatened and the project or product is always compromised.

Known Risk - The business and technological climate in which the project is being developed, and other credible sources of knowledge, are those that can be discovered after careful preparation of the project plan.

Predictable Risk - Risks that are extrapolated from previous experience of programmes.

Unpredictable Risk - Risks that are incredibly hard to recognise in advance

Q. 3) What do you understand by risk identification ?

Ans. Risk Identification

Risk identification is a systematic attempt to specify threats to the project plan (estimates, schedule, resource loading, etc.). By identifying known and predictable risks, the project manager takes a first step toward avoiding them when possible and controlling them when necessary.

One method for identifying risks is to create a risk item checklist. The checklist can be used for risk identification and focuses on some subset of known and predictable risks in the following generic categories:

● Product size—risks associated with the overall size of the software to be built or modified.

● Business impact—risks associated with constraints imposed by management or the marketplace.

● Customer characteristics—risks associated with the sophistication of the customer and the developer's ability to communicate with the customer in a timely manner.

● Process definition—risks associated with the degree to which the software process has been defined and is followed by the development organization.

● Development environment—risks associated with the availability and quality of the tools to be used to build the product.

● Technology to be built—risks associated with the complexity of the system to be built and the "newness" of the technology that is packaged by the system.

● Staff size and experience—risks associated with the overall technical and project experience of the software engineers who will do the work.

Q.4) Explain Risk Projection ?

Ans. Risk projection -

Risk projection, also called risk estimation, attempts to rate each risk in two ways—the likelihood or probability that the risk is real and the consequences of the problems associated with the risk, should it occur. The project planner, along with other managers and technical staff, performs four risk projection activities:

● Establish a scale that reflects the perceived likelihood of a risk,

● Delineate the consequences of the risk,

● Estimate the impact of the risk on the project and the product, and

● Note the overall accuracy of the risk projection so that there will be no misunderstandings.

Risk prediction seeks two ways to score each risk -

- a possibility that the danger is true.

- the result, should it occur, of the problems associated with the risk.

Four risk projection measures are undertaken by the project planner, manager, and technical personnel.

These measures are intended to consider risks in a way that contributes to prioritisation.

Q. 5) Explain risk Mitigation, monitoring and management ?

Ans. Risk Mitigation :

● Risk reduction means avoiding the incidence of the risk (Risk Avoidance). The steps to be taken for risk reduction are as follows.

● To find a probable danger, interact with the employees concerned.

● Before the project begins, find out and remove all those triggers that can generate risk.

● In an organisation, create a strategy that will help to continue the project even if certain workers leave the company.

● The present development activity should be acknowledged to everyone in the project team.

● Maintain the necessary records in a timely manner. This report should be strictly consistent with the organization's standards.

● Conduct timely evaluations to accelerate the work.

● Provide additional personnel if necessary to perform any essential task during software development.

Risk Monitoring :

● The project manager must control the following things in the risk tracking process.

● The approach of the team members varies as the project pressure varies.

● The type of collaboration between the members of the team. The kinds of issues that arise. Work availability inside and outside the company.

● Certain mitigation measures should be monitored by the project manager. For instance, if the current development activity is constantly monitored, everyone in the team can become familiar with the current development activity.

Risk Monitoring

● When risk becomes a reality, the project manager performs this role. If the project manager is efficient in successfully applying project reduction, risk management becomes very straightforward.

● For example, consider a situation where several individuals leave the company, if adequate additional workers are available, if current development activity is known to anyone in the team, if current and systematic documentation is available, then every 'new comer' will easily understand current development activity. Eventually, this would assist in continuing the work without any interval.

Q. 6) What do you mean by Software configuration management ?

Ans. Software Configuration Management -

Software configuration management (SCM) is an umbrella activity that is applied throughout the software process, because change can occur at any time.

SCM activities are developed to

● Identify change,

● Control change,

● Ensure that change is being properly implemented, and

● Report changes to others who may have an interest.

It is important to make a clear distinction between software support and software configuration management. Support is a set of software engineering activities that occur after software has been delivered to the customer and put into operation.

A primary goal of software engineering is to improve the ease with which changes can be accommodated and reduce the amount of effort expended when changes must be made.

There are four fundamental sources of change:

New business or market conditions dictate changes in product requirements or business rules.

New customer needs demand modification of data produced by information systems, functionality delivered by products, or services delivered by a computer-based system.

Reorganization or business growth/downsizing causes changes in project priorities or software engineering team structure.

Budgetary or scheduling constraints cause a redefinition of the system or product.

Software configuration management is a set of activities that have been developed to manage change throughout the life cycle of computer software. SCM can be viewed as a software quality assurance activity that is applied throughout the software process.

Q. 7) Note down the role of SCM repository ?

Ans : Role of SCM repository -

Data Integrity

Entries are validated, accuracy ensured, cascades changed.

Information Sharing

Shares data, manages and controls multi-user access between production and tools.

Tool Integration

Establishes a data model that several software engineering tools can use, restricting access to the data.

Data Integration

It enables different SCM tasks to be performed on one or more CSCMs.

Methodology enforcement

Defines an object - relationship model for the repository that suggests a particular software engineering process model

Document standardization

Defines structures in the repository to guarantee a typical software engineering document creation approach

Q. 8) Explain the SCM process ?

Ans : SCM process -

A disciplined framework for smooth control of work items is provided by configuration management. It requires the following operations:

Identification and Establishment –

Identification of configuration elements from goods composing baselines in time at given points (a baseline is a set of mutually consistent Configuration Items, which has been formally reviewed and agreed upon, and serves as the basis of further development).

Establishing relationships between objects, establishing a framework for managing multiple levels of control and change management system processes.

Version control –

Using the SCM framework to construct versions/specifications of an existing product to develop new products.

Suppose the configuration object's version moves from 1.0 to 1.1 after some changes. Minor corrections and adjustments occur in the 1.1.1 and 1.1.2 versions, which are followed by a significant update to 1.2.

Object 1.0's growth continues through 1.3 and 1.4, but a notable update to the object ultimately results in a new evolutionary direction, version 2.0.0. It currently supports both models.

Change control –

Controlling changes to Configuration items (CI).

In order to determine technical merit, possible side effects, overall impact on other configuration artefacts and device functions, and the estimated cost of the update, a change request (CR) is submitted and assessed.

The assessment results are viewed as a change report used by a change control board (CCB)-a individual or body that makes a final decision on the change's status and priority. For each approved change, an engineering change Request (ECR) is created.

Configuration auditing –

Complementing the structured technical analysis of the process and product is a programme configuration audit. It focuses on the functional correctness of the configuration object that has been modified

The audit checks the completeness, accuracy and continuity of items from audit to closure in the SCM framework and monitors action items.

Reporting –

Providing developers, testers, end users, customers and stakeholders with accurate status and current configuration information through admin guides, user guides, FAQs, release notes, memos, installation guide, setup guide, etc.

Q. 9) What are the RMMM plan ?

Ans : The RMMM plan -

The software project plan may include a risk management approach or organise the risk management measures into a separate Risk Reduction, Tracking and Management Plan. As part of risk analysis, the RMMM plan documents all work done and is used as part of the overall project plan by the project manager.

A structured RMMM document is not established by such software teams. Instead, using a risk information sheet, each risk is personally reported. In most cases, using a database system, the RIS is retained, so that development and entry of information, priority ordering, searches, and other analysis can be done easily.

Risk reduction and monitoring measures begin once RMMM has been recorded and the project has begun. Risk reduction is an operation for problem avoidance, as we have already discussed. Danger monitoring is a project tracking operation with three main goals:

● Assessing whether expected risks actually occur;

● Ensuring that the risk aversion measures identified for the risk are properly implemented; and

● To gather information that can be used for the prediction of potential risks.

Q. 10) What do you mean by Risk Refinement ?

Ans : Risk Refinement -

A possibility may be indicated very commonly during the early stages of project planning. As time passes and more about danger is understood, it could be possible to simplify the risk into a collection of more detailed hazards that are easy to track and handle everywhere.

One way to do this is to reflect the risk in the format of the condition transition effect:

Given that <condition> then there is concern that <consequence>

Refining allows the underlying threats to be isolated and leads to easier analysis and response.

Sign Up