Risk management for IT and software projects

Risk management can be defined as a systematic process for identifying, analyzing and controlling risks in projects or organizations. Definitions and illustrations of risks are given; in particular, a list of ten risk factors which occur most frequently in IT and software projects is given. For complex, high-risk projects it is very useful to implement a formal risk-management process, supported by effective methods in the individual process steps. As variants, risk-management processes proposed by Barry Boehm, Ernest Wallmuller and Jyrki Kontio are presented. The importance of a sound operational preparation for each step of the risk-management process is emphasized and illustrated by examples.