Risk Factors and Risk Management Process Encountered in Software Project
Year 2015,
Volume: 27 Issue: 1, 1 - 13, 28.04.2016
Arş. Gör. M.Hanefi Calp
,
Prof. Dr. M. Ali Akcayol
Abstract
There are very important problems that occur nowdays in the field of software projects ever widespreading. The respective problems has influenced software being developed negatively. Therefore, “Software Risk Management” processes must be carried out successfully beyond a good coding in order to avoid or to minimize this situation. In this study, within the scope of the software project management, risk identification, risk factors, risk types, risk strategies and risk management process are discussed in details and comparative. By revealing the software risks and the methods of prevention of these risks, the necessasy actions has been clarified to eliminate or to reduce the risks resulting from any software. This study is aimed at being an important reference for the researches interested in this field
References
- Gürbüz, A. (2010) Yazılım Test Mühendisliği, Papatya Yayıncılık Eğitim, İstanbul, 31,34.
- Abak, A. T. (2012) Yazılım Proje yönetimi: Hızlı ve Kaliteli Yazılım Ürünü Gerçekleştirme Stratejileri, www.bilisimzirvesi.com.tr/01/dosyalar/yazilim-proje- yonetimi.pdf.
- Erdemir, U., Tekin, U., Buzluca, F. (2008) Nesneye Dayalı Yazılım Metrikleri ve Yazılım Kalitesi, Yazılım Kalitesi ve Yazılım Geliştirme Araçları Sempozyumu (YKGS08), İstanbul.
- ISO/IEC 9126-1: (1999) Information Technology - Software Product Quality - Part 1: Quality Model. ISO/ IEC JTC1/SC7/WG6.
- Younis, A. E. (2011) Yazılım Projelerinde Risk Yönetimi, Yüksek Lisans Tezi, Bilgisayar Bilimleri, Gazi Üniversitesi Bilişim Enstitüsü, Ankara, Mayıs.
- Sommervile, I. (2000) Software Engineering, New York: Addison-Wesley, Harlow, England.
- Dedolph, F.M. (2003) The neglected management activity: Software risk management, Bell Labs Technical Journal, Volume 8 Issue 3, (Dec), 91-95.
- Milli Eğitim Bakanlığı, (2011) Ulaştırma Hizmetleri, Risk, Rapor, Ankara.
- Yong. H., Xiangzhou. Z., Xin. S., Mei. L., Jianfeng . D. (2009) An Intelligent Model for Software Project Risk Prediction, International Conference on Information Management, Innovation Management and Industrial Engineering, ICIII, vol. 1, pp.629-632.
- Tang. A., Wang. R. (2010) Software Project Risk Assessment Model Based on FuzzyTheory, Computer and Communication Technologies in Agriculture Engineering (CCTAE), 2010 International Conference On 12-13 June 2010, pp 328-330.
- Robert. N. C. (1996) Large-Scale Project Management is Risk Management, IEEE Software.
- Tiftik, N., Öztarak, H., Ercek, G. ve Özgün, S., “Sistem/ yazılım geliştirme sürecinde doğrulama faaliyetleri”, III.Ulusal Yazılım Mühendisliği Sempozyumu, Ankara, 1-2 (2007).
- İnternet: Leman Türkoğlu, “Proje Yönetimi”, www. lemanturkoglu.com/cc/1002167/.../File/tbd_genc_ sunumu.ppt, 2012.
- Gülebağlan, S. (2006) Yazılım Geliştirmede Risk Yönetimi, Yüksek Lisans Tezi, Çanakkale Onsekiz Mart Üniversitesi, Fen Bilimleri Enstitüsü.
- Boehm, B.W. (1991) Software Risk Management: Principle and Practices, IEEE Software, Vol. 8, No. 1, January 1991.
- Abdelrafe, E., Burairah, H. (2011) Managing Software Project Risks with Proposed Regression Model Techniques and Effect Size Technique, International Review on Computers & Software, Mar2011, Vol. 6 Issue 2, p.250.
- Cao, X. (2006) A cross-culture study of risk management in software projects, ProQuest Dissertations and Theses; 2006; ProQuest Dissertations & Theses (PQDT), May 2006.
- Higuera, RP and YY Haimes (1996). Software risk management (CMU/SEI-96-TR-012, ESC-TR-96-012). Pittsburgh: Software Engineering Institute, Carnegie Mellon University.
- Conrow, EH and PS Shishido (1997). Implementing risk management on software intensive projects. IEE Software, 14(3), 83–89.
- Kansala, K (1997). Integrating risk assessment with cost estimation. IEEE Software, 61–67.
- Natarajan, K. V. (2004) Efficient software development, Proceedings of MASPLAS’04, Mid-Atlantic Student Workshop on Programming Languages and Systems, Seton Hall University.
- Westfall, L. (2001) Software Risk Management, The Westfall Team, PMB 383, 3000 Custer Road, Suite 270, http://westfallteam.com/Papers/risk_management_ paper.pdf, [17 Mayıs 2014].
- Bodea, C. & Dascalu, M. (2009) Modeling Research Project Risks with Fuzzy Maps. JAQM – Journal of Applied Quantitative Methods, 4(2).
- Hoodat, H., Rashidi, H. (2009) Classification and Analysis of Risks in Software Engineering, World Academy of Science, Engineering and Technology, 56.
- Erdem, O.A. ve Younis, A. E. (2012) Yazılım Projelerinde Risk Yönetimi, Gazi Üniversitesi Bilişim Teknolojileri Dergisi, Cilt: 5, Sayı: 1.
- Pressman, R. S. (2005) Software Engineering: A Practitioner’s Approach, 6th Ed., Mc Graw Hill, Singapore, 480-481, 492.
- Wiegers, K.E. (2000) Know Your Enemy: Software Risk Management, http://www.process impact.com [12 Ocak 2005].
- Şenyurt, H. (2006) ISO/IEC Yazılım Yasam Döngüsü Süreçleri - Risk Yönetimi Standartları: ISO/IEC Software Life Cycle Processes - Risk Management Standards, TÜBİTAK UEKAE / İLTAREN.
- Richard, F. (1994) Risk Management for Software Projects, IEEE Software.
- Chittister, C., Haimes, Y.Y. (1993) IEEE Transactions on Systems, Man, and Cybernetics, Vol.23 No 3.
- Rockwell (1995) Risk Management, Rockwell Job Aid.
- IEEE 1540, (2001) IEEE 1540 Standard for Lifecycle Processes-Risk Management. IEEE, New York, NY.
- Institute of Risk Management (2002) Association of Insurance and Risk Managers, National Forum for Risk Management in the Public Sector, A Risk Management Standard. IRM, UK.
- Project Management Institute (2004) A Guide to the Project Management Body of Knowledge (PMBoK), 3rd Ed. ANSI/PMI 99-001-2004, PMI, Newton Square, PA.
- Standards Australia and New Zealand, Australian/New Zealand Standard (2004) Risk Management AS/NZS 4360:2004. 3rd Ed., Stds Australia/New Zealand.
- Boehm, B.W. (1988) A spiral model of software development and enhancement. IEEE Computer 21 (5), 61–72.
- ISO/IEC 15.504-5 (1999) Information Technology— Software Process Assessment— Part 5: An Assessment Model and Indicator Guidance. International Standard Organization.
- MSF—Microsoft (2002) Microsoft Solutions Framework: MSF Risk Management Discipline v. 1.1: Microsoft. Available in: http://www.microsoft.com/ msf.
- RUP—Rational Software Corporation (2003) Rational unified process: best practices for software development teams. Rational Software White Paper,TP026B, Rev 11/01: IBM. Available in: http://www.ibm.com.
- ISO—International Organization for Standardization (2003) ISO 10.006:2003— Quality Management Systems—Guidelines for Quality Management in Projects. International Standard Organization.
- AS/NZS 4360 (2004) Standards Australia and standards New Zealand. Risk Management. Sydney, NSW.0 7337 5904 1.
- SEI, Software Engineering Institute (2006) CMMI® for Development. Staged Representation, Version 1.2, Technical Report (06tr008).Software Engineering Institute, Carnegie Mellon University, Pittsburgh, PA (Available in: http://www.sei.cmu.edu/reports/06tr008. pdf.
- SOFTEX—Associação para Promoção da Excelência do Software Brasileiro (2006) MPS.BR – Melhoria de processo do software brasileiro, versão 1.1, maio 2006: Softex. Available in: www.softex.br.
- PMBOK (2008) Proje yönetimi bilgi birikimi klavuzu, 4. Baskı, PMI.
- Barros, M.O., Werner, C.M.L., Travassos, G.H. (2004) Supporting risks in software project management. Journal of Systems and Software. 70, 21-35.
- Carr, M.J., Konda, S.L., Monarch, I.A., Ulrich, F.C. and Walker, C.F. (1993) Taxonomy- BasedRisk Identification, SEI Technical Report SEI-93-TR-006, Pittsburgh, PA: Software Engineering Institute.
- Kajko-Mattsson, M., Nyfjord, J. (2008) State of software risk management practice, LAENG International Journal of Computer Science, November.
- Eskiyörük, D. (2007) BGYS – Risk Yönetim Süreci Klavuzu, Sürüm1.00, Ulusal, Elektronik ve Kriptoloji Araştırma Enstitüsü.
- Moeinzadeh, P. ve Hajfathaliha, A. (2009) A combined fuzzy decision making approach to supply chain risk assessment”, World Academy of Science, Engineering and Technology, No.60, ss.519-535.
- Bannerman, L. P. (2008) Risk and risk management in software projects: A reassessment, The Journal of Systems and Software, 81, 2118 - 2133.
- Boehm, B., Turner, R. (2003) Using risk to balance agile and plan-driven methods.Computer 36 (6), 57–66.
- PMBOK (2012) Proje yönetimi bilgi birikimi klavuzu, 5. Baskı, PMI.
Yazılım Projelerinde Karşılaşılan Risk Faktörleri ve Risk Yönetim Süreci
Year 2015,
Volume: 27 Issue: 1, 1 - 13, 28.04.2016
Arş. Gör. M.Hanefi Calp
,
Prof. Dr. M. Ali Akcayol
Abstract
Günümüzde giderek yaygınlaşan yazılım projelerinde çok önemli hatalar meydana gelmektedir. Sözkonusu hatalar, geliştirilen yazılımları olumsuz yönde etkilemektedir. Dolayısıyla, bu durumu önlemek veya en aza indirmek için iyi kodlama yapmanın ötesinde "Yazılım Risk Yönetimi" süreçlerinin başarıyla gerçekleştirilmesi gerekmektedir. Bu çalışmada, yazılım proje yönetimi kapsamında, risk tanımı, risk faktörleri, risk türleri, risk stratejileri ve risk yönetim süreci ayrıntılı ve karşılaştırmalı bir şekilde ele alınmıştır. Böylece, yazılım riskleri ve bu riskleri önleme yöntemleri bilimsel olarak ortaya koymak suretiyle herhangi bir yazılımda oluşabilecek risklerin ortadan kaldırılması veya en azından azaltılması yönünde atılması gereken adımlar açıklığa kavuşturulmuştur. Çalışmanın bu alanla ilgilenen araştırmacılara önemli bir kaynak olması amaçlanmaktadır.
References
- Gürbüz, A. (2010) Yazılım Test Mühendisliği, Papatya Yayıncılık Eğitim, İstanbul, 31,34.
- Abak, A. T. (2012) Yazılım Proje yönetimi: Hızlı ve Kaliteli Yazılım Ürünü Gerçekleştirme Stratejileri, www.bilisimzirvesi.com.tr/01/dosyalar/yazilim-proje- yonetimi.pdf.
- Erdemir, U., Tekin, U., Buzluca, F. (2008) Nesneye Dayalı Yazılım Metrikleri ve Yazılım Kalitesi, Yazılım Kalitesi ve Yazılım Geliştirme Araçları Sempozyumu (YKGS08), İstanbul.
- ISO/IEC 9126-1: (1999) Information Technology - Software Product Quality - Part 1: Quality Model. ISO/ IEC JTC1/SC7/WG6.
- Younis, A. E. (2011) Yazılım Projelerinde Risk Yönetimi, Yüksek Lisans Tezi, Bilgisayar Bilimleri, Gazi Üniversitesi Bilişim Enstitüsü, Ankara, Mayıs.
- Sommervile, I. (2000) Software Engineering, New York: Addison-Wesley, Harlow, England.
- Dedolph, F.M. (2003) The neglected management activity: Software risk management, Bell Labs Technical Journal, Volume 8 Issue 3, (Dec), 91-95.
- Milli Eğitim Bakanlığı, (2011) Ulaştırma Hizmetleri, Risk, Rapor, Ankara.
- Yong. H., Xiangzhou. Z., Xin. S., Mei. L., Jianfeng . D. (2009) An Intelligent Model for Software Project Risk Prediction, International Conference on Information Management, Innovation Management and Industrial Engineering, ICIII, vol. 1, pp.629-632.
- Tang. A., Wang. R. (2010) Software Project Risk Assessment Model Based on FuzzyTheory, Computer and Communication Technologies in Agriculture Engineering (CCTAE), 2010 International Conference On 12-13 June 2010, pp 328-330.
- Robert. N. C. (1996) Large-Scale Project Management is Risk Management, IEEE Software.
- Tiftik, N., Öztarak, H., Ercek, G. ve Özgün, S., “Sistem/ yazılım geliştirme sürecinde doğrulama faaliyetleri”, III.Ulusal Yazılım Mühendisliği Sempozyumu, Ankara, 1-2 (2007).
- İnternet: Leman Türkoğlu, “Proje Yönetimi”, www. lemanturkoglu.com/cc/1002167/.../File/tbd_genc_ sunumu.ppt, 2012.
- Gülebağlan, S. (2006) Yazılım Geliştirmede Risk Yönetimi, Yüksek Lisans Tezi, Çanakkale Onsekiz Mart Üniversitesi, Fen Bilimleri Enstitüsü.
- Boehm, B.W. (1991) Software Risk Management: Principle and Practices, IEEE Software, Vol. 8, No. 1, January 1991.
- Abdelrafe, E., Burairah, H. (2011) Managing Software Project Risks with Proposed Regression Model Techniques and Effect Size Technique, International Review on Computers & Software, Mar2011, Vol. 6 Issue 2, p.250.
- Cao, X. (2006) A cross-culture study of risk management in software projects, ProQuest Dissertations and Theses; 2006; ProQuest Dissertations & Theses (PQDT), May 2006.
- Higuera, RP and YY Haimes (1996). Software risk management (CMU/SEI-96-TR-012, ESC-TR-96-012). Pittsburgh: Software Engineering Institute, Carnegie Mellon University.
- Conrow, EH and PS Shishido (1997). Implementing risk management on software intensive projects. IEE Software, 14(3), 83–89.
- Kansala, K (1997). Integrating risk assessment with cost estimation. IEEE Software, 61–67.
- Natarajan, K. V. (2004) Efficient software development, Proceedings of MASPLAS’04, Mid-Atlantic Student Workshop on Programming Languages and Systems, Seton Hall University.
- Westfall, L. (2001) Software Risk Management, The Westfall Team, PMB 383, 3000 Custer Road, Suite 270, http://westfallteam.com/Papers/risk_management_ paper.pdf, [17 Mayıs 2014].
- Bodea, C. & Dascalu, M. (2009) Modeling Research Project Risks with Fuzzy Maps. JAQM – Journal of Applied Quantitative Methods, 4(2).
- Hoodat, H., Rashidi, H. (2009) Classification and Analysis of Risks in Software Engineering, World Academy of Science, Engineering and Technology, 56.
- Erdem, O.A. ve Younis, A. E. (2012) Yazılım Projelerinde Risk Yönetimi, Gazi Üniversitesi Bilişim Teknolojileri Dergisi, Cilt: 5, Sayı: 1.
- Pressman, R. S. (2005) Software Engineering: A Practitioner’s Approach, 6th Ed., Mc Graw Hill, Singapore, 480-481, 492.
- Wiegers, K.E. (2000) Know Your Enemy: Software Risk Management, http://www.process impact.com [12 Ocak 2005].
- Şenyurt, H. (2006) ISO/IEC Yazılım Yasam Döngüsü Süreçleri - Risk Yönetimi Standartları: ISO/IEC Software Life Cycle Processes - Risk Management Standards, TÜBİTAK UEKAE / İLTAREN.
- Richard, F. (1994) Risk Management for Software Projects, IEEE Software.
- Chittister, C., Haimes, Y.Y. (1993) IEEE Transactions on Systems, Man, and Cybernetics, Vol.23 No 3.
- Rockwell (1995) Risk Management, Rockwell Job Aid.
- IEEE 1540, (2001) IEEE 1540 Standard for Lifecycle Processes-Risk Management. IEEE, New York, NY.
- Institute of Risk Management (2002) Association of Insurance and Risk Managers, National Forum for Risk Management in the Public Sector, A Risk Management Standard. IRM, UK.
- Project Management Institute (2004) A Guide to the Project Management Body of Knowledge (PMBoK), 3rd Ed. ANSI/PMI 99-001-2004, PMI, Newton Square, PA.
- Standards Australia and New Zealand, Australian/New Zealand Standard (2004) Risk Management AS/NZS 4360:2004. 3rd Ed., Stds Australia/New Zealand.
- Boehm, B.W. (1988) A spiral model of software development and enhancement. IEEE Computer 21 (5), 61–72.
- ISO/IEC 15.504-5 (1999) Information Technology— Software Process Assessment— Part 5: An Assessment Model and Indicator Guidance. International Standard Organization.
- MSF—Microsoft (2002) Microsoft Solutions Framework: MSF Risk Management Discipline v. 1.1: Microsoft. Available in: http://www.microsoft.com/ msf.
- RUP—Rational Software Corporation (2003) Rational unified process: best practices for software development teams. Rational Software White Paper,TP026B, Rev 11/01: IBM. Available in: http://www.ibm.com.
- ISO—International Organization for Standardization (2003) ISO 10.006:2003— Quality Management Systems—Guidelines for Quality Management in Projects. International Standard Organization.
- AS/NZS 4360 (2004) Standards Australia and standards New Zealand. Risk Management. Sydney, NSW.0 7337 5904 1.
- SEI, Software Engineering Institute (2006) CMMI® for Development. Staged Representation, Version 1.2, Technical Report (06tr008).Software Engineering Institute, Carnegie Mellon University, Pittsburgh, PA (Available in: http://www.sei.cmu.edu/reports/06tr008. pdf.
- SOFTEX—Associação para Promoção da Excelência do Software Brasileiro (2006) MPS.BR – Melhoria de processo do software brasileiro, versão 1.1, maio 2006: Softex. Available in: www.softex.br.
- PMBOK (2008) Proje yönetimi bilgi birikimi klavuzu, 4. Baskı, PMI.
- Barros, M.O., Werner, C.M.L., Travassos, G.H. (2004) Supporting risks in software project management. Journal of Systems and Software. 70, 21-35.
- Carr, M.J., Konda, S.L., Monarch, I.A., Ulrich, F.C. and Walker, C.F. (1993) Taxonomy- BasedRisk Identification, SEI Technical Report SEI-93-TR-006, Pittsburgh, PA: Software Engineering Institute.
- Kajko-Mattsson, M., Nyfjord, J. (2008) State of software risk management practice, LAENG International Journal of Computer Science, November.
- Eskiyörük, D. (2007) BGYS – Risk Yönetim Süreci Klavuzu, Sürüm1.00, Ulusal, Elektronik ve Kriptoloji Araştırma Enstitüsü.
- Moeinzadeh, P. ve Hajfathaliha, A. (2009) A combined fuzzy decision making approach to supply chain risk assessment”, World Academy of Science, Engineering and Technology, No.60, ss.519-535.
- Bannerman, L. P. (2008) Risk and risk management in software projects: A reassessment, The Journal of Systems and Software, 81, 2118 - 2133.
- Boehm, B., Turner, R. (2003) Using risk to balance agile and plan-driven methods.Computer 36 (6), 57–66.
- PMBOK (2012) Proje yönetimi bilgi birikimi klavuzu, 5. Baskı, PMI.