160           PART TWO  MANAGING SOFTWARE PROJECTS


         FIGURE 6.5
                                            Risk information sheet
         Risk
         information
                         Risk ID:  P02-4-32  Date:  5/9/02  Prob:  80%  Impact: high
         sheet [WIL97]
                         Description:
                         Only 70 percent of the software components scheduled for reuse will, in fact, be
                         integrated into the application.  The remaining functionality will have to be custom
                         developed.
                         Refinement/context:
                         Subcondition 1: Certain reusable components were developed by a third party
                         with no knowledge of internal design standards.
                         Subcondition 2: The design standard for component interfaces has not been
                         solidified and may not conform to certain existing reusable components.
                         Subcondition 3:  Certain reusable components have been implemented in a
                         language that is not supported on the target environment.
                         Mitigation/monitoring:
                         1.  Contact third party to determine conformance with design standards.
                         2.  Press for interface standards completion; consider component structure when
                         deciding on interface protocol.
                         3.  Check to determine number of components in subcondition 3 category; check
                         to determine if language support can be acquired.
                         Management/contingency plan/trigger:
                         RE computed to be $20,200. Allocate this amount within project contingency cost.
                         Develop revised schedule assuming that 18 additional components will have to be
                         custom built; allocate staff accordingly.
                         Trigger:  Mitigation steps unproductive as of 7/1/02
                         Current status:
                         5/12/02: Mitigation steps initiated.
                         Originator:  D. Gagne          Assigned:  B. Laster





                          Risk analysis can absorb a significant amount of project planning effort. Identifi-
                       cation, projection, assessment, management, and monitoring all take time. But the
                       effort is worth it. To quote Sun Tzu, a Chinese general who lived 2500 years ago, "If
                       you know the enemy and know yourself, you need not fear the result of a hundred
                       battles." For the software project manager, the enemy is risk.


                       REFERENCES
                       [AFC88] Software Risk Abatement, AFCS/AFLC Pamphlet 800-45, U.S. Air Force, Sep-
                       tember 30, 1988.
                       [BOE89] Boehm, B.W., Software Risk Management, IEEE Computer Society Press,
                       1989.
                       [CHA89] Charette, R.N., Software Engineering Risk Analysis and Management, McGraw-
                       Hill/Intertext, 1989.