Now that you've analyzed the risks inherent to your project and come up with a plan to tackle them, it's time to put your risk management plan into practice. In this concluding article, examine the processes of implementing, monitoring and auditing a software risk management plan, together with a case study that demonstrates how it works in the real world.
The auditing phase involves taking measures to enhance the risk management process, on a periodic basis. This involves:
- ensuring that risk data is available to the project and business management teams;
- recognizing the fact that risk attributes - probability, impact and frequency - are subject to change over a period of time;
- responding promptly to trigger values;
- transferring risks to other groups;
- selecting what approach has the best return on investment;
- conducting regular project reviews;
- comparing results of current reviews with past risk records to ensure that timely corrective action has been taken;
- reassessing risks at key milestones;
- performing periodic review of the risk items;
It is imperative that the risk management system be updated on a constant basis in the face of emerging technologies. Additionally, a strict vigil should be maintained to ensure that the acceptable tolerance levels established for the various risk factors do not exceed their limits.