Skip to main content
SpringerLink
Log in

A Study on Software Risk Management Strategies and Mapping with SDLC

  • Chapter
  • First Online:
Book cover Advanced Computing and Systems for Security

Part of the book series: Advances in Intelligent Systems and Computing ((AISC,volume 396))

Abstract

In recent years, despite several risk management models proposed by different researchers, software projects still have a high degree of failures. Improper risk assessment during software development was the major reason behind these unsuccessful projects as risk analysis was done on overall projects. This work attempts in identifying key risk factors and risk types for each of the development phases of SDLC, which would help in identifying the risks at a much early stage of development.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Stern, R., Arias, J.C.: Review of risk management methods. Bus. Intell. J. 4(1), 59–78 (2011)

    Google Scholar 

  2. Silva, P.S., Trigo, A., Varajão, J.: Collaborative risk management in software projects. In: Proceedings of the 8th International Conference on the Quality of Information and Communications Technology, pp. 157–160 (2012)

    Google Scholar 

  3. Guiling, L., Xiaojuan, Z.: Research on the risk management of IT project. In: Proceedings of International conference on E-Business and E -Government (ICEE), pp. 1–4, 6–8 May 2011

    Google Scholar 

  4. Tianyin, P.: Development of software project risk management model review. In: Proceedings of International Conference on AI, Management Science and Electronic Commerce, pp. 2979–2982 (2011)

    Google Scholar 

  5. Avdoshin, S.M., Pesotskaya, E.Y.: Software risk management. In: Proceedings of 7th Central and Eastern European Software Engineering Conference, Russia, pp. 1–6 (2011)

    Google Scholar 

  6. Westfall, L.: Software risk management. In: International Conference on Software Quality, San Diego, California, 8–10, February, 2011

    Google Scholar 

  7. Mofleh, H.M., Zahary, A.: A framework for software product risk management based on quality attributes and operational life cycle (SPRMQ). http://www.nauss.edu.sa/En/DigitalLibrary/Researches/Documents/2011/articles_2011_3102.pdf

  8. Sarigiannidis, L., Chatzoglou, P.D.: Software development project risk management: a new conceptual framework. J. Softw. Eng. Appl. (JSEA) 4, 293–305 (2011)

    Article  Google Scholar 

  9. Sathish Kumar, N., Vinay Sagar, A., Sudheer, Y.: Software risk management—an integrated approach. Global J. Comput. Sci. Technol. (GJCST) 10(15), 53–57 (2010)

    Google Scholar 

  10. Bohem, B.W.: Software risk management: principles and practices. IEEE Softw. 8, 32–41 (1991)

    Article  Google Scholar 

  11. Carr, M.: Taxonomy-based risk identification. Software Engineering Institute, CMU/SEI-93-TR-6 (1993)

    Google Scholar 

  12. Loutchkina, I., Jain, L.C., Nguyen, T., Nesterov, S.: Systems’ integration technical risks’ assessment model (SITRAM). IEEE Trans. Syst. Man Cybern. Syst. 44(3), 342–352 (2014)

    Article  Google Scholar 

  13. Higuera, R.P., Gluch, D.P., Murphy, R.L.: An introduction to team risk management. Special report CMU/SEI, SEI/CMU, Pittsburg, May 1994

    Google Scholar 

  14. Alge, B.J., Witheoff, C., Klein, H.J.: When does the medium matter? Knowledge building experiences and opportunities in decision making teams. Organ 91(1), 26–27 (2003)

    Google Scholar 

  15. Mead, N.R.: Measuring the software security requirements engineering process. In: Proceedings of 36th International Conference on Computer Software and Application Workshops, pp. 583–588 (2012)

    Google Scholar 

  16. Kontio, J., Basili, V.R.: Empirical evaluation of a risk management method. In: SEI Conference on Risk Management, Atlantic City (1997)

    Google Scholar 

  17. Greer, D.: SERUM: software engineering risk: understanding and management. J. Proj. Bus. Risk Manag. 1(4), 373–388 (1997)

    Google Scholar 

  18. Hillson, D.A.: Towards risk maturity model. Int. J. Proj. Bus. Risk Manag. 1(1), 35–45 (1997). ISSN:1366-2163 (Spring)

    Google Scholar 

  19. Foo, S.-W., Muruganatham, A., Software risk assessment model. ICMIT 2000, IEEE, pp. 536–544

    Google Scholar 

  20. Keshlaf, A.A., Hashim, K.: A model and prototype tool to manage software risks. In: Proceedings of the 1st Asia-Pacific Conference on Quality Software (APAQS’00), Washington, DC, USA (2000)

    Google Scholar 

  21. Armestrong, R., Adens, G.: Managing Software Project Risks. TASSC Technical paper, USA (2008). www.tassc-solutions.com. January 2008 Copyright 2001–2010, Tassc Limited

  22. Gupta, D., Sadiq, M.: Software risk assessment and estimation model. In: International Conference on Computer Science and International Technology, pp. 963–967. IEEE Computer Society, Singapore (2008)

    Google Scholar 

  23. Rabbi, M., Mannan, K.: A review of software risk management for selection of best tools and techniques. In: Proceedings of 9th ACIS International Conference on Software Engineering, Artificial Intelligence, Networking, and Parallel/Distributed Computing, pp. 773–778 (2008)

    Google Scholar 

  24. Sadiq, M., Rahmani, M.K.I., Ahmad, M.W., Jung, S.: Software risk assessment and evaluation process (SRAEP) using model based approach. In: International Conference on Networking and Information Technology (ICNIT), pp. 171−177 (2010)

    Google Scholar 

  25. Hoodat, H., Rashidi, H.: Classification and analysis of risks in software engineering. In: WASET-2009, pp. 446–452

    Google Scholar 

  26. Danny, L.: Reducing operational risk by improving production software quality. Softw. Risk Reduction Rev. 13, 1–15 (2013)

    Google Scholar 

  27. Suebkuna, B., Ramingwong, S.: Towards a complete project oriented risk management model: a refinement of PRORISK. In: Eighth International Joint Conference on Computer Science and Software Engineering (JCSSE), pp. 349–354, 11–13 May 2011

    Google Scholar 

  28. Shahzad, B., Al-Ohali, Y., Abdullah, A.: Trivial model for mitigation of risks in software development life cycle. Int. J. Phys. Sci. 6(8), 2072–2082 (2011)

    Google Scholar 

  29. Roy, G.G.: A risk management framework for software engineering practice. In: Proceedings of the Australian Software Engineering Conference (AAWEC’04) (2014)

    Google Scholar 

  30. Amber, S., Shawoo, N., Begum, S.: Determination of risk during requirement engineering process. Int. J. Emerg. Trends Comput. Inform. Sci. 3(3), 358–364 (2012)

    Google Scholar 

  31. Pandey, D., Suman, U., Ramani, A.K.: Security requirement engineering issues in risk management. Int. J. Comput. Appl. 17(5), 11–14 (2011)

    Google Scholar 

  32. Islam, S., Houmb, S.H.: Integrating risk management activities into requirements engineering. RCIS-2010, Nice, France, May 2010, pp. 299–310

    Google Scholar 

  33. Drs. Erik, P.W.M.: Practical risk-based testing—product risk management: the PRISMA method, EuroSTAR-2011, Manchester, UK, pp. 1–24, 21–24 November 2011

    Google Scholar 

  34. Kwan, T.W., Leung, H.K.N.: A risk management methodology for project risk dependencies. IEEE Trans. Softw. Eng. 37(5), 635–648 (2011)

    Article  Google Scholar 

  35. Lobato, L.L., Neto, S., da Mota, P.A., do Carmo Machado, I.: A study on risk management for software engineering. In: Proceedings of the EASE, pp. 47–51 (2012)

    Google Scholar 

  36. Lobato, L.L., da Mota, P.A., Neto, S., do Carmo Machado, I., de Almeida, E.S., de Lemos Meira, S.R.: Evidence from risk management in software product lines development: a cross-case analysis. In: Proceedings of 6th Brazilian Symposium on Software Components, Architectures and Reuse (2012)

    Google Scholar 

  37. Nolan, A.J., Abrahão, S., Clements, P.C., Pickard, A.: Requirements uncertainty in a software product line. In: Proceedings of 15th International Software Product Line Conference, pp. 223–231 (2011)

    Google Scholar 

  38. Lobato, L.L. et al.: Risk management in software product lines: an industrial case study. In: Proceedings of ICSSP, Switzerland, pp. 180–189 (2012)

    Google Scholar 

  39. Gonzalo, E., Gallardo, E.: Using configuration management and product line software paradigms to support the experimentation process in software engineering. RCIS-2012, Valencia, May 2012. pp. 1–6

    Google Scholar 

  40. Khoo, Y.B., Zhou, M., Kayis, B., Savci, S., Ahmed, A., Kusumo, R.: An agent-based risk management tool for concurrent engineering projects. Complex. Int. 12, 1–11 (2008)

    Google Scholar 

  41. Sharif, A.M., Rozan, M.Z.A.: Design and implementation of project time management risk assessment tool for SME projects using oracle application express. In: World Academy of Science, Engineering, and Technology (WASET), vol. 65, pp. 1221–1226 (2010)

    Google Scholar 

  42. Snekir, W.G., Walker, P.L.: Enterprise risk management: tools and techniques for effective implementation. Institute of management Accounts, pp. 1–31 (2007)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Tripura Institute of Technology, Tripura, India

    Bibhash Roy

  2. National Institute of Technical Teachers’ Training and Research, Kolkata, India

    Ranjan Dasgupta

  3. University of Calcutta, Kolkata, India

    Nabendu Chaki

Authors
  1. Bibhash Roy
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ranjan Dasgupta
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Nabendu Chaki
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Bibhash Roy .

Editor information

Editors and Affiliations

  1. A.K. Choudhury School of Information Technology, University of Calcutta, Kolkata, West Bengal, India

    Rituparna Chaki

  2. Computer Science, DAIS—Università Ca’ Foscari, Venice, Italy

    Agostino Cortesi

  3. Faculty of Computer Science, Bialystok University of Technology, Białystok, Poland

    Khalid Saeed

  4. Computer Science & Engineering, University of Calcutta, Kolkata, West Bengal, India

    Nabendu Chaki

Rights and permissions

Reprints and permissions

Copyright information

© 2016 Springer India

About this chapter

Cite this chapter

Roy, B., Dasgupta, R., Chaki, N. (2016). A Study on Software Risk Management Strategies and Mapping with SDLC. In: Chaki, R., Cortesi, A., Saeed, K., Chaki, N. (eds) Advanced Computing and Systems for Security. Advances in Intelligent Systems and Computing, vol 396. Springer, New Delhi. https://doi.org/10.1007/978-81-322-2653-6_9

Download citation

  • DOI: https://doi.org/10.1007/978-81-322-2653-6_9

  • Published:

  • Publisher Name: Springer, New Delhi

  • Print ISBN: 978-81-322-2651-2

  • Online ISBN: 978-81-322-2653-6

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation