After the context has been established, the next step in the process of risk management i.e. the risk identification is carried out with the aim of catching all the potential risks. The risks that are to be identified are actually the events which on triggering cause issues and problems.
Ideally, the process of risk identification is said to start with the problem itself or with a source of problems. Two kinds of analysis are involved in the process of the risk identification as stated below:
1. Problem analysis and
2. Source analysis
Risk becomes risk when they are related to some threat that has already been identified. Some examples of such threats can be:
1. Threat of abuse of confidential information,
2. Threat of accidents
3. Threat of casualties
4. Threat of losing money and so on.
It is possible for these threats to exits in more than one entity and most importantly with the following:
1. Legislative bodies
3. Share holders and so on.
In the latter analysis i.e., source analysis involves risks that might be external and internal to the software system or application which is usually the target of the risk management process. Sources of risks falling in this category are:
1. Stake holders of a project
2. Employees of a company
3. Weather over an air port.
Events that can be triggered by a source that lead to a problem can be investigated if either of the two i.e., the problem or the source is known. It is possible for the information to be stolen by the employees in a closed network. This is just an example of such events.
There are various methods available for risk identification and they are chosen based up on 3 primary factors namely:
2. Problem and
Below we have listed some common methods:
1. Objective based risk identification: Objectives are common with organizations as well as the project teams. According to this method an even that hinders the achieving of an objective either partially or completely is identified as risk.
2. Scenario based risk identification: Scenario analysis involves creation of different scenarios where each of them might represent a different way in achievement of a particular objective. According to this method, any event which causes an undesired scenario alternative is termed as risk.
3. Taxonomy based risk identification: This method is related to the breakdown of all the possible sources of risks. It involves preparation of a questionnaire answer to which reveals all the possible risks.
4. Common risk checking: This method involves checking risks listed in a common risk list.
5. Risk charting: This is the most advance method of risk identification involving all of the above mentioned risk identification methods. It involves the following steps:
a) Listing resources at risk
b) Identifying threats to those resources
c) Modification of the factors
d) Creation of matrix under these headings
What is Schedule Risk?
1. Identification starts with resources and concerned threats along with their consequences.
2. Or, it can be done the other way round i.e., by starting with the threats and going down to the resources.
3. The information gathered in the phase of risk assessment should be used to make an inventory of relevant risks.
4. Risk is something that stops you from delivering what you intended to do.
5. If everything about the software project was certain, then there was absolutely no need for one to worry about the risk management.
6. Estimation of time for completion of a task is a part of every software project.
7. If things go well, you may complete your project within that duration and if the things go in the opposite way you could end up taking much time that what you estimated.
8. Usually, you go through the process of risk identification if you know well about how much time your project going to take.
9. Schedule risk helps you put this information in production of a much more realistic project.