Risk factors in software development projects: a systematic literature review

Risks are an inherent part of any software project. The presence of risks in environments of software development projects requires the perception so that the associated factors do not lead projects to failure. The correct identification and monitoring of these factors can be decisive for the success of software development projects and software quality. However, in practice, risk management in software development projects is still often neglected and one of the reasons is due to the lack of knowledge of risk factors that promoted a low perception of them in the environment. This paper aims to identify and to map risk factors in environments of software development projects. We conducted a systematic literature review through a database search, as well as we performed an assessment of quality of the selected studies. All this process was conducted through a research protocol. We identified 41 studies. In these works, we extracted and classified risk factors according to the software development taxonomy developed by Software Engineering Institute (SEI). In total, 148 different risk factors were categorized. The found evidences suggest that risk factors relating to software requirements are the most recurrent and cited. In addition, we highlight that the most mentioned risk factors were the lack of technical skills by the staff. Therefore, the results converged to the need for more studies on these factors as fundamental items for reduction of failure level of a software development project.

[1]  A. Shenhar,et al.  Risk Management, Project Success, and Technological Uncertainty , 2002 .

[2]  B. Boehm Software risk management: principles and practices , 1991, IEEE Software.

[3]  Mark Keil,et al.  Understanding software project risk: a cluster analysis , 2004, Inf. Manag..

[4]  J. Dasgupta,et al.  Estimating operational risk indices for software services outsourcing industry: a case , 2010, Int. J. Serv. Stand..

[5]  Mark Keil,et al.  How Software Project Risk Affects Project Performance: An Investigation of the Dimensions of Risk and an Exploratory Model , 2004, Decis. Sci..

[6]  J. March,et al.  Managerial perspectives on risk and risk taking , 1987 .

[7]  Abdelrafe Elzamly,et al.  Managing Software Project Risks (Design Phase) with Proposed Fuzzy Regression Analysis Techniques with Fuzzy Concepts , 2013 .

[8]  Paul L. Bannerman,et al.  A Reassessment of Risk Management in Software Projects , 2015 .

[9]  James A. McCall,et al.  Software Quality Measurement Manual. Volume 2 , 1980 .

[10]  Barry W. Boehm,et al.  Software Risk Management , 1989, ESEC.

[11]  Abdelrafe Elzamly,et al.  Managing Software Project Risks (Analysis Phase) with Proposed Fuzzy Regression Analysis Modelling Techniques with Fuzzy Concepts , 2014, J. Comput. Inf. Technol..

[12]  Mark Keil,et al.  Software project risks and their effect on outcomes , 2004, CACM.

[13]  Paul McMahon,et al.  Risk Management Guide for DoD Acquisition , 1998 .

[14]  Neil Thompson,et al.  Risk Based E-Business Testing , 2002 .

[15]  Robert K. Wysocki Effective Project Management: Traditional, Agile, Extreme, Hybrid , 2019 .

[16]  Arif Ali Khan,et al.  Communication risks in GSD during RCM: Results from SLR , 2014, 2014 International Conference on Computer and Information Sciences (ICCOINS).

[17]  Siba Sankar Mahapatra,et al.  Interpretive structural modelling of critical risk factors in software engineering project , 2016 .

[18]  Gary Klein,et al.  Software development risks to project effectiveness , 2000, J. Syst. Softw..

[19]  Aneirson Francisco da Silva,et al.  Risk management in software projects through Knowledge Management techniques: Cases in Brazilian Incubated Technology-Based Firms , 2014 .

[20]  Prodromos D. Chatzoglou,et al.  Quality vs risk: An investigation of their relationship in software development projects , 2014 .

[21]  Burairah Hussin,et al.  Top Fifty Software Risk Factors and the Best Thirty Risk Management Techniques in Software Development Lifecycle for Successful Software Projects , 2016 .

[22]  Noraini Che Pa,et al.  A review on decision making of risk mitigation for software management , 2015 .

[23]  Gary Klein,et al.  Software quality and IS project performance improvements from software development process maturity and IS implementation strategies , 2007, J. Syst. Softw..

[24]  Capers Jones,et al.  Why software fails , 1996 .

[25]  Suresh L. Konda,et al.  Taxonomy-Based Risk Identification , 1993 .

[26]  Siffat Ullah Khan,et al.  Knowledge Sharing Management Risks in Outsourcing from Various Continents Perspective: A Systematic Literature Review , 2012 .

[27]  Aayushi Gupta,et al.  Exploring Risk Dimensions in the Indian Software Industry , 2011 .

[28]  Gary Klein,et al.  Information system success as impacted by risks and development strategies , 2001, IEEE Trans. Engineering Management.

[29]  Azween Abdullah,et al.  Trivial model for mitigation of risks in software development life cycle , 2011 .

[30]  Shahryar Sarkani,et al.  Risk Identification Biases and Their Impact to Space System Development Project Performance , 2013 .

[31]  Richard E. Fairley,et al.  Risk management for software projects , 1994, IEEE Software.

[32]  Pang Qinghua A model of risk assessment of software project based on grey theory , 2009, 2009 4th International Conference on Computer Science & Education.

[33]  Akito Monden,et al.  Analyzing Risk Factors Affecting Project Cost Overrun , 2013 .

[34]  Christopher J. Alberts,et al.  Continuous Risk Management Guidebook. , 1996 .

[35]  Tianyu Zhang,et al.  Research on Project Development Key Risk Factors of Small and Medium-Sized Software Enterprises , 2012, AICI 2012.

[36]  Jyrki Kontio,et al.  Software engineering risk management : a method, improvement framework, and empirical evaluation , 2001 .

[37]  Linda V. Knight,et al.  Project Risk Differences between Virtual and Co-Located Teams , 2010, J. Comput. Inf. Syst..

[38]  Jarmo J. Ahonen,et al.  Software development project success and failure from the supplier's perspective: A systematic literature review , 2012 .

[39]  Geraldo Barbosa Landre,et al.  Approaches to strategic alignment of software process improvement: A systematic literature review , 2017, J. Syst. Softw..

[40]  Urvashi Rathod,et al.  Categorization of risk factors for distributed agile projects , 2015, Inf. Softw. Technol..

[41]  Tom DeMarco,et al.  The Deadline: A Novel About Project Management , 1997 .

[42]  H SubramanianGirish,et al.  Software quality and IS project performance improvements from software development process maturity and IS implementation strategies , 2007 .

[43]  Jose L. Salmeron,et al.  Forecasting Risk Impact on ERP Maintenance with Augmented Fuzzy Cognitive Maps , 2012, IEEE Transactions on Software Engineering.

[44]  Roger S. Pressman,et al.  Software Engineering: A Practitioner's Approach , 1982 .

[45]  Lili Marziana Abdullah,et al.  Exploratory case study research: Outsourced project failure , 2012, Inf. Softw. Technol..

[46]  Tony Gorschek,et al.  A method for evaluating rigor and industrial relevance of technology evaluations , 2011, Empirical Software Engineering.

[47]  Hasan Muaidi,et al.  Identifying Causality Relation between Software Projects Risk Factors , 2014 .

[48]  Shari Lawrence Pfleeger,et al.  Solid Software , 2001 .

[49]  A. M. Sharif,et al.  Risk assessment factors for SME software development companies in Malaysia , 2014, 2014 International Conference on Computer and Information Sciences (ICCOINS).

[50]  G. Stoneburner,et al.  Risk Management Guide for Information Technology Systems: Recommendations of the National Institute of Standards and Technology , 2002 .

[51]  Robert N. Charette,et al.  Software Engineering Risk Analysis and Management , 1989 .

[52]  A. Boonstra,et al.  Does risk management contribute to IT project success? A meta-analysis of empirical evidence , 2010 .

[53]  Minqiang Li,et al.  Impact propagation and risk assessment of requirement changes for software development projects based on design structure matrix , 2012 .

[54]  Han van Loon A Management Methodology to Reduce Risk and Improve Quality , 2007, IT Professional.

[55]  Chin-Feng Fan,et al.  BBN-based software project risk management , 2004, J. Syst. Softw..

[56]  Pei Yu Software Project Risk Assessment Model Based on Fuzzy Theory , 2011 .

[57]  Robert K. Wysocki,et al.  Effective Project Management: Traditional, Adaptive, Extreme , 2000 .

[58]  R.N. Charette,et al.  Why software fails [software failure] , 2005, IEEE Spectrum.

[59]  Cristina Lopez,et al.  Risks Response Strategies for Supporting Practitioners Decision-Making in Software Projects , 2012 .

[60]  Per Runeson,et al.  Open innovation in software engineering: a systematic mapping study , 2015, Empirical Software Engineering.

[61]  Daniela E. Damian,et al.  Risk Identification and Risk Mitigation Instruments for Global Software Development: Systematic Review and Survey Results , 2011, 2011 IEEE Sixth International Conference on Global Software Engineering Workshop.

[62]  Cristine Gusmão,et al.  CBR RISK - RISK IDENTIFICATION METHOD USING CASE BASEDREASONING , 2008 .

[63]  Abdelrafe Elzamly,et al.  Modelling and Evaluating Software Project Risks with Quantitative Analysis Techniques in Planning Software Development , 2015, J. Comput. Inf. Technol..

[64]  Muhammad Ali Babar,et al.  Identifying relevant studies in software engineering , 2011, Inf. Softw. Technol..

[65]  Philip Koopman,et al.  Risk areas in embedded software industry projects , 2010, WESE '10.

[66]  David Hillson THE RISK BREAKDOWN STRUCTURE (RBS) AS AN AID TO EFFECTIVE RISK MANAGEMENT , 2002 .

[67]  Jianping Li,et al.  A Bayesian Networks-Based Risk Identification Approach for Software Process Risk: The Context of Chinese Trustworthy Software , 2016, Int. J. Inf. Technol. Decis. Mak..

[68]  Sun-Jen Huang,et al.  An empirical analysis of risk components and performance on software projects , 2007, J. Syst. Softw..

[69]  Paula Gomes Mian,et al.  Systematic Review in Software Engineering , 2005 .

[70]  Mohd Naz'ri Mahrin,et al.  Identifying usability risk: A survey study , 2014, 2014 8th. Malaysian Software Engineering Conference (MySEC).

[71]  Elaine M. Hall,et al.  Managing Risk: Methods for Software Systems Development , 1998 .