Professional Documents
Culture Documents
Lesson 2 Economics of Risk
Lesson 2 Economics of Risk
Lesson 2 Economics of Risk
Uncertainty
The Art of War
“The purpose of war is peace.”
“To fight and conquer is not supreme
excellence; supreme excellence is to
subdue the enemy without fighting.”
“In peace prepare for war,
in war prepare for peace.”
Sun Tsû, The Art of War, ~496BCE, Translated by Lionel Giles, 1910
Murphy’s Law in Software
Murphy
1. If anything can go wrong, it will
2. Things go wrong at the worst possible time
3. Everything takes longer than it should
Risk Management
Risk management is concerned with identifying
risks and drawing up plans to minimise their effect
on a project.
A risk is a probability that some adverse
circumstance will occur
– Project risks affect schedule or resources;
– Product risks affect the quality or performance of the
software being developed;
– Business risks affect the organisation developing or
procuring the software.
– Sommerville 2004
Risk defined
• A risk is any threat to the achievement of one or
more of the cardinal aims of the project Ould, 1999
Risk Management:
Identify and Assess the risks and then control
them
Risk management Process
Risk Management Tasks
Risk Assessment
• Risk Identification
• Risk Analysis
• Risk Prioritisation
Risk Control
• Risk Management Planning
• Risk Resolution
• Risk Monitoring
Risk Assessment
First step Identify the risks
Either by
–Source of risk (source analysis)
–Type of Threat (problem analysis)
Risk Identification
Identifying risks may depend on culture, industry practice and compliance.
Common risk identification methods are:
Objectives-based Risk Identification
Any event that may endanger achieving an objective partly or completely is
identified as risk. Objective-based risk identification is at the basis of COSO's
Enterprise Risk Management - Integrated Framework
Scenario-based Risk Identification
Different/Alternative scenarios are created and analysed. Any event that
triggers an undesired scenario alternative is identified as risk.
Taxonomy-based Risk Identification
The taxonomy in taxonomy-based risk identification is a breakdown of
possible risk sources. Taxonomy-based risk identification in software industry
can be found in CMU/SEI-93-TR-6.
Common-risk Checking
Each risk in a predefined list can be checked for application to a particular
situation. An example of known risks in the software industry is the Common
Vulnerability and Exposures list found at http://cve.mitre.org.
Risk Identification
Generic Risks
Common to all projects, covered by standard
development plan techniques
Project-specific Risks
Reflect a particular aspect of a given project.
Addressed by project specific management plans.
The most common project specific risks are
personnel shortfalls, unrealistic schedules and
budgets, inappropriate requirements, shortfalls in
external components and tasks, and technology
shortfalls or unknowns
Major Risks and Uncertainties of
System Development
• Technology risks.
• Development risks
• Requirements risks.
• Estimation risks.
• People risks.
• Organisational risks.
Risks and Risk types
Risk type Possible risks
Technology The database used in the system cannot process as many transactions per second as
expected.
Software components that should be reused contain defects that limit their functionality.
People It is impossible to recruit staff with the skills required.
Key staff are ill and unavailable at critical times.
Required training for staff is not available.
Organisational The organisation is restructured so that different management are responsible for the
project.
Organisational financial problems force reductions in the project budget.
Tools The code generated by CASE tools is inefficient.
CASE tools cannot be integrated.
Requirements Changes to requirements that require major design rework are proposed.
Customers fail to understand the impact of requirements changes.
Estimation The time required to develop the software is underestimated.
The rate of defect repair is underestimated.
The size of the software is underestimated.
Risk Identification- Threats
ITSEC Security Components:
• Loss of Availability (security)
unauthorised withholding of information or resources
• Loss of Integrity (accuracy)
unauthorised modification of information
• Loss of Confidentiality (privacy)
unauthorised disclosure of information
Oversimple? - consider security aspects of:
• Utility - focusing on usefulness of information
• Authenticity - Focusing on information being real and genuine for
intended purpose
• Possession - Focusing on the ownership or control of information
Primary Threats
Threats
Speculative Pure
Deliberate
Accidental
Social
Hardware Software
Secondary Threats
classified by effects
Secondary Threat Type of Breach
Modification Integrity
Interruption
Removal Availability
Destruction
Disclosure Confidentiality
(of resources)
All Primary threats affect the assets in one or more of the above ways (secondary threats),
causing the indicated security breaches.
Sources of Risk
Source Risks Source Risks
Hardware Not installed when needed Group Key person(s) quit, are promoted
Cannot do the job elsewhere, go on jury duty,
Does not work as advertised have long-term illness
Installation not prepared in time Skills level inadequate
Installation requirements (e.g. air Training not in time to benefit the
conditioning, room-size, or project
electrical) insufficient Project
Wiring not correct Management Schedule not accurate
Hardware delivered incorrectly Budget not sufficient
Hardware delivered with damage Manager change
User
Quits, transfers, is replaced
Software Not installed when needed
Not co-operative
Cannot do the job Not supportive
Does not work as advertised Does not spend as much time as
Contains ‘undocumented features’ original commitment requested
that cause compromise on Computer
application requirements Resources Test time insufficient
Vendor support inadequate Test time not same as commitment
Resource requirements are over Inadequate disk space
budgeted, allocated amounts Insufficient logon Ids
Insufficient interactive time