Methods for Identifying Risks

Identifying risk is one of most important or essential and initial steps in risk management process. By chance, if failure occurs in identifying any specific or particular risk, then all other steps that are involved in risk management will not be implemented for that particular risk. For identifying risk, project team should review scope of program, estimate cost, schedule, technical maturity, parameters of key performance, etc. To manage risk, project team or organization are needed to know about what risks it faces, and then to evaluate them. Generally, identification of risk is an iterative process. It basically includes generating or creating comprehensive list of threats and opportunities that are based on events that can enhance, prevent, degrade, accelerate, or might delay successful achievement of objectives. In simple words, if you don’t find or identify risk, you won’t be able to manage it. 

The organizer of project needs to expect some of the risk in the project as early as possible so that the performance of risk may be reduced. This could be only possible by making effective risk management planning.

A project may contain large variety of risk. To know the specific amount of risk, there may be chance of affecting a project.  So, this is necessary to make categories into different class of risk.

There are many different types of risks which affects the software project:

1. Technology risks
2. Tools risks 
3. Estimation risks 
4. People risks
5. Requirement risks
6. Organizational risks

Methods for Identifying Risks : Earlier, there were no easy methods available that will surely identify all risks. But nowadays, there are some additional approaches available for identifying risks. Some of approaches for risk identification are given below:

1. Checklist Analysis – Checklist Analysis is type of technique generally used to identify or find risks and manage it. The checklist is basically developed by listing items, steps, or even tasks and is then further analyzed against criteria to just identify and determine if procedure is completed correctly or not. It is list of risk that is just found to occur regularly in development of software project. Below is the list of software development risk by Barry Boehm- modified version.

2. Brainstorming – This technique provides and gives free and open approach that usually encourages each and everyone on project team to participate. It also results in greater sense of ownership of project risk, and team generally committed to managing risk for given time period of project. It is creative and unique technique to gather risks spontaneously by team members. The team members identify and determine risks in ‘no wrong answer’ environment. This technique also provides opportunity for team members to always develop on each other’s ideas. This technique is also used to determine best possible solution to problems and issue that arises and emerge.

3. Casual Mapping – Causal mapping is method that builds or develops on reflection and review of failure factors in cause and effect of the diagrams. It is very useful for facilitating learning with an organization or system simply as method of project-post evaluation. It is also key tool for risk assessment.

4. SWOT Analysis – Strengths-Weaknesses-Opportunities-Threat (SWOT) is very technique and helpful for identifying risks within greater organization context. It is generally used as planning tool for analyzing business, its resources, and also its environment simply by looking at internal strengths and weaknesses and opportunities and threats in external environment. It is technique often used in formulation of strategy. The appropriate time and effort should be spent on thinking seriously about weaknesses and threats of organization for SWOT analysis to more effective and successful in risk identification.

5. Flowchart Method – This method allows for dynamic process to be diagrammatically represented in paper. This method is generally used to represent activities of process graphically and sequentially to simply identify the risk.