A risk taxonomy proposal for software maintenance

There can be no doubt that risk management is an important activity in the software engineering area. One proof of this is the large body of work existing in this area. However, when one takes a closer look at it, one perceives that almost all this work is concerned with risk management for software development projects. The literature on risk management for software maintenance is much scarcer. On the other hand, software maintenance projects do present specificities that imply they offer different risks than development. This suggests that maintenance projects could greatly benefit from better risk management tools. One step in this direction would be to help identifying potential risk factors at the beginning of a maintenance project. For this, we propose taxonomy of possible risks for software management projects. The ontology was created from: i) an extensive survey of risk management literature, to list known risk factors for software development; and, ii) an extensive survey of maintenance literature, to list known problems that may occur during maintenance.

[1]  Mary Beth Chrissis,et al.  CMMI(R): Guidelines for Process Integration and Product Improvement (2nd Edition) (The SEI Series in Software Engineering) , 2006 .

[2]  Suresh L. Konda,et al.  Taxonomy-Based Risk Identification , 1993 .

[3]  Ken Rose Book Review: A Guide to the Project Management Body of Knowledge (PMBOK® Guide) - 2000 Edition , 2001 .

[4]  Cláudio Bezerra Leopoldino Avaliação de riscos em desenvolvimento de software , 2004 .

[5]  Christopher J. Alberts,et al.  Continuous Risk Management Guidebook. , 1996 .

[6]  Y. Kwak,et al.  Project risk management: lessons learned from software development environment , 2004 .

[7]  Yacov Y. Haimes,et al.  An Acquisition Process for the Management of Nontechnical Risks Associated with Software Development , 1995 .

[8]  Pankaj Jalote,et al.  CMM in Practice: Processes for Executing Software Projects at Infosys , 1999 .

[9]  S. Rao Vallabhaneni Auditing the Maintenance of Software , 1986 .

[10]  Mario Piattini,et al.  Advances in Software Maintenance Management: Technologies and Solutions , 2002 .

[11]  Paul McMahon,et al.  Risk Management Guide for DoD Acquisition , 1998 .

[12]  Will Venters,et al.  Software engineering: theory and practice , 2006 .

[13]  Gordon H. McNeil,et al.  The mind of Napoleon : a selection from his written and sopken words , 1956 .

[14]  Elaine M. Hall,et al.  Managing Risk: Methods for Software Systems Development , 1998 .

[15]  Robert N. Charette,et al.  Software Engineering Risk Analysis and Management , 1989 .

[16]  Audrey J. Dorofee,et al.  Team Risk Management: A New Model for Customer- Supplier Relationships , 1994 .

[17]  Grace A. Lewis,et al.  Modernizing Legacy Systems - Software Technologies, Engineering Processes, and Business Practices , 2003, SEI series in software engineering.

[18]  Edmund H. Conrow,et al.  Implementing Risk Management on Software Intensive Projects , 1997, IEEE Softw..

[19]  John McManus Risk Management in Software Development Projects , 2003 .

[20]  Tim Lister Point: Risk Management Is Project Management for Adults , 1997, IEEE Softw..

[21]  Pankaj Jalote,et al.  Software Project Management in Practice , 2002 .

[22]  T.C. Lethbridge,et al.  Guide to the Software Engineering Body of Knowledge (SWEBOK) and the Software Engineering Education Knowledge (SEEK) - a preliminary mapping , 2001, 10th International Workshop on Software Technology and Engineering Practice.

[23]  Scott L. Schneberger,et al.  Software maintenance in distributed computer environments: system complexity versus component simplicity , 1995, Proceedings of International Conference on Software Maintenance.

[24]  Roger S. Pressman,et al.  Software Engineering: A Practitioner's Approach , 1982 .

[25]  Bruce I. Blum,et al.  Software engineering - a holistic view , 1992 .

[26]  Rodolfo Alfredo Bertone,et al.  Software engineering: Theory and practice, 2nd Edition. Shari Lawrence Pfleeger. Prentice Hall, 2001 , 2005 .

[27]  R. N. Charette,et al.  Managing Risk in Software Maintenance , 1997, IEEE Softw..

[28]  T. Addison,et al.  Controlling software project risks: an empirical study of methods used by experienced project managers , 2002 .

[29]  Tom DeMarco,et al.  Waltzing with Bears: Managing Risk on Software Projects , 2003 .

[30]  Terry R. Adler,et al.  Improving Risk Management: Moving from Risk Elimination to Risk Avoidance , 1999, Inf. Softw. Technol..

[31]  Carolyn B. Seaman Advances in Software Maintenance Management: Technologies and Solutions , 2003, J. Softw. Maintenance Res. Pract..

[32]  Norm Brown,et al.  Industrial-Strength Management Strategies , 1996, IEEE Softw..

[33]  Gerald T. Mackulak,et al.  Stochastic simulation of risk factor potential effects for software development risk management , 2001, J. Syst. Softw..

[34]  E. Burton Swanson,et al.  Problems in application software maintenance , 1981, CACM.

[35]  B. Boehm Software risk management: principles and practices , 1991, IEEE Software.

[36]  Kathy Schwalbe,et al.  Information Technology Project Management , 1999 .

[37]  Thomas M. Pigoski Practical Software Maintenance: Best Practices for Managing Your Software Investment , 1996 .

[38]  Yasunari Takagi,et al.  Characterization of risky projects based on project managers evaluation , 2000, Proceedings of the 2000 International Conference on Software Engineering. ICSE 2000 the New Millennium.

[39]  Marvin J. Carr Risk management may not be for everyone , 1997, IEEE Software.

[40]  A Straw,et al.  Guide to the Software Engineering Body of Knowledge , 1998 .

[41]  Audrey J. Dorofee,et al.  Putting Risk Management Into Practice , 1997, IEEE Softw..

[42]  Andrew P. Gabb,et al.  Using Evolutionary Acquisition for the Procurement of Complex Systems. , 1997 .

[43]  William H. Roetzheim Structured Computer Project Management , 1988 .

[44]  Penny Grubb,et al.  Software Maintenance: Concepts and Practice , 2003 .

[45]  Kalle Lyytinen,et al.  A framework for identifying software project risks , 1998, CACM.

[46]  Frank J. Sisti,et al.  Software Risk Evaluation Method Version 1.0. , 1994 .

[47]  Roger S. Pressman,et al.  Software Engineering: A Practitioner's Approach (McGraw-Hill Series in Computer Science) , 2004 .

[48]  M.M. Lehman,et al.  Programs, life cycles, and laws of software evolution , 1980, Proceedings of the IEEE.

[49]  G. Travassos,et al.  Planejamento de Riscos em Ambientes de Desenvolvimento de Software Orientados à Organização , 2003, Anais do II Simpósio Brasileiro de Qualidade de Software (SBQS 2003).

[50]  Ian Sommerville,et al.  Software Engineering, 6. Auflage , 2001 .