Sunday, January 08, 2017

Rekayasa Piranti Lunak - Risk Management

INTRODUCTION
- Risk: masalah potensial
- Karakteristik: ketidakpastian (may/may not happen); Loss (risk benar-benar terjadi dan menyebabkan loss / konsekuensi yang tdk diinginkan)

Macam-macam Risk:
1. Project Risks -> mengancam project plan; jika terjadi, kemungkinan project schedule dapat mengalami kemunduran dan meningkatkan costs

2. Technical Risk -> mengancam kualitas dan aktualitas (timeliness) software yg ingin diproduksil jika terjadi, implementation dapat menjadi sulit atau bahkan tdk mungkin

3. Business Risk -> mengancam viability (kelangsungan hidup) software yg sedang dibangun; jika terjadi, dapat membahayakan project atau product tsb
   Sub kategori Business Risks:
   1. Market Risk - membangun software yang tidak diinginkan orang
   2. Strategic Risk - membangun software yang tidak sesuai dengan keseluruhan strategi bisnis perusahaan
   3. Sales Risk - membangun software dimana tim sales tidak tahu cara memasarkannya
   4. Management Risk - kehilangan support dari senior management karena change in focus / change in people
   5. Budget Risk - kehilangan anggaran atau komitmen staf (pegawai)

4. Known Risk -> Risk yang mungkin belum ter-cover setelah dilakukan evaluasi terhadap project plan, business & technical environment tempat pengembangan software, ataupun sumber informasi terpercaya lainnya. (cth: unrealistic delivery date)

5. Predictable Risk -> risk yang dapat diramalkan berdasarkan past experience

6. Unpredictable Risk -> risk yang dapat dan sedang terjadi, namun sangat sulit untuk diidentifikasi terlebih dahulu

RISK STRATEGIES
1. Reactive: nothing is done about the risks until something goes wrong
2. Proactive: mengikuti langkah-langkah dari risk management; bertujuan untuk menghindari risk & memiliki contingency plan untuk menangani unavoidable risks secara terkontrol dan efektif

Langkah-langkah Risk Management:
1. Identifikasikan possible risks
2. Analisa tiap risk utk menentukan probabilitas terjadinya & impact yang akan diterima jika terjadi
3. Rank semua risk berdasarkan probability & impact
4. Develop sebuah contingency plan untuk menangani risk yang memiliki high probability & high impact

RISK IDENTIFICATION
-> systematic attempt to specify threats to the project plan
-> slh satu cara: Risk Item Checklist -> focused on known & predictable risk in specific subcategories

Known and Predictable Risk Categories:
1. Product Size - berkaitan dgn ukuran keseluruhan software yg ingin dibangun
2. Business Impact - berkaitan dgn constraint yang dikenakan oleh management atau marketplace
3. Customer Characteristics - berkaitan dgn kemampuan customer serta kemampuan developer untuk mengkomunikasikan kepada customer pada waktu yang tepat
4. Process Definition - berkaitan dgn ukuran software process mana yg sudah diikuti
5. Development Environment - berkaitan dgn availability & quality dr tools yg dipakai utk develop project
6. Technology to be built - berkaitan dgn kompleksitas software
7. Staff Size & Experience - berkaitan dgn pengalaman technical & project dr staff engineer yang akan membangun software

Risk Projection / Estimation Steps
1. Membuat skala persepsi kemungkinan dr sebuah risk (cth: 0-low, 10-high)
2. Menggambarkan konsekuensi dari risk
3. Estimasi impact dari risk terhadap project & product
4. Catat overall accuracy dari risk projection sehingga tidak ada kesalahpahaman

Risk Table
terdiri dari 5 kolom, yaitu:
1. Risk Summary - deskripsi singkat dari risk
2. Risk Category - slh 1 dari 7 known & predictable risk categories
3. Probability
4. Impact - (1) catastrophic (2) critical (3) marginal (4) neglectible
5. RMMM - Pointer to a paragraph in Risk Mitigation, Monitoring, & Management Plan

RMMM
Strategi efektif untuk menangani risk harus mencakup 3 hal:
1. Risk Mitigation
2. Risk Monitoring
3. Risk management & continency planning

- Risk mitigation (avoidance) is the primary strategy and is achieved through a plan
- During risk monitoring, the project manager monitors factors that may provide an indication of whether a risk is becoming more or less likely
- Risk monitoring has three objectives
  1. To assess whether predicted risks do, in fact, occur
  2. To ensure that risk aversion steps defined for the risk are being properly applied
  3. To collect information that can be used for future risk analysis

- Risk management and contingency planning assume that mitigation efforts have failed and that the risk has become a reality
- 7 Principles of Risk Management:
  1. Maintain a global perspective
     = View software risks within the context of a system and the business problem that is is intended to solve
  2. Take a forward-looking view
     = Think about risks that may arise in the future; establish contingency plans
  3. Encourage open communication
     = Encourage all stakeholders and users to point out risks at any time
  4. Integrate risk management
     = Integrate the consideration of risk into the software process
  5. Emphasize a continuous process of risk management
     = Modify identified risks as more becomes known and add new risks as better insight is achieved
  6. Develop a shared product vision
     = A shared vision by all stakeholders facilitates better risk identification and assessment
  7. Encourage teamwork when managing risk
     = Pool the skills and experience of all stakeholders when conducting risk management activities

0 comments: