Components of software development risk: How to address them? A project manager survey

Software risk management can be defined as an attempt to formalize risk ori ented correlates of development success into a readily applicable set of pr inciples and practices. By using a survey instrument we investigate this cl aim further. The investigation addresses the following questions: 1) What a re the components of software development risk? 2) how does risk management mitigate risk components, and 3) what environmental factors ii any influen ce them? Using principal component analysis we identify six software risk c omponents: 1) scheduling and timing risks, 2) functionality risks, 3) subco ntracting risks. 4) requirements management, 5) resource usage and performa nce risks, and 6) personnel management risks. By using one-way ANOVA with m ultiple comparisons we examine how risk management (or the lack of it) and environmental factors (such as development methods, manager's experience) i nfluence each risk component. The analysis shows that awareness of the impo rtance of risk management and systematic practices to manage risks have an effect on scheduling risks, requirements management risks, and personnel ma nagement risks. Environmental contingencies were observed to affect all ris k components. This suggests that software risks can be best managed by comb ining specific risk management considerations with a detailed understanding of the environmental context and with sound managerial practices, such as relying on experienced and well-educated project managers and launching cor rectly sized projects.