0000000000434707
AUTHOR
Lars Mathiassen
A Framework for Software Risk Management
We present a simple, but powerful framework for software risk management. The framework synthesizes, refines, and extends current approaches to managing software risks. We illustrate its usefulness through an empirical analysis of two software development episodes involving high risks. The framework can be used as an analytical device to evaluate and improve risk management approaches and as a practical tool to shape the attention and guide the actions of risk managers.
Attention Shaping and Software Risk—A Categorical Analysis of Four Classical Risk Management Approaches
This paper examines software risk management in a novel way, emphasizing the ways in which managers address software risks through sequential attention shaping and intervention. Software risks are interpreted as incongruent states within a socio-technical model of organizational change that includes task, structure, technology, and actors. Such incongruence can lead to failures in developing or implementing the system and thus to major losses. Based on this model we synthesize a set of software risk factors and risk resolution techniques, which cover the socio-technical components and their interactions. We use the model to analyze how four classical risk management approaches—McFarlan's p…