In this era, There are a lot of companies that outsource products/software to third parties. And as a matter of fact, it has become quite popular in this mainstream IT field. With this exponential growth of software outsourcing, the possibility of risk and challenges is never too low. This may potentially affect the end result and cost of the software. However, there are several methods and new risk management models that fail to address human factors like skills and emotions. This paper claims to collect, analyze and identify the possible software risk factors and provide a new approach that would guide organizations in implementing software risk management.
Over the course of time, there have been several works, studies, and research based on risk management that have described the risk as "possibility of suffering loss", "basis of probability". The paper emphasizes the fact that despite many definitions, all these implicitly include two characteristics: Uncertainty and Loss.
While collecting and analyzing the dataset from the survey the paper also highlights answering two questions:
What are the major factors that contribute to risk in software projects?
How are risks taken into account for risk estimation purposes?
Similarly, The methodology focused on this research was to take a survey from the software engineers in Nepal and conduct qualitative analysis to identify the major key risks involved in software projects and quantitative analysis to develop a mathematical model to predict the risk associated with software projects.
Survey Methodology
With Self selection sampling technique, Recommendations, and listings of top 10 IT companies in Nepal to selectively choose and finalize the software organization the survey was conducted among all levels of software developers from enterprise solution based systems, mobile applications, digital commerce, big data, and business intelligence and many others.
The paper collected responses from 18 different companies inside Kathmandu city to qualitatively analyze for identification of key risk factors. The paper identified 6 major key risk factors including Human, Software, Planning & Control, Resources, Cost, and Schedule.
These factors were detailed analyzed by cause and effect of the factors using a fishbone diagram. Keeping in mind that the cause of the risk factor (which is an effect) is given by the 77 respondents of the survey.
Risk Estimation Model
The paper also discusses the ranking model of R. Bista, D. Dongol.(2015), "A Model for Software Risk Management, TECHNICA" to quantitatively classify these 6 factors in a scale ranging from 1,2,3,4,5 from Low, Medium-low, Medium, Medium-high and High respectively.
Additionally, linear regression with an equation:
y = β₀ + β₁x₁ + β₂x₂ + ⋯ + βₙxₙ
where β is Regression coefficients or parameters, y is = Dependent variable and x₁x₂..xₙ are the independent variable that risk factor discussed earlier.
A linear regression model was developed using the data and the matrix table from the model of 17 other papers on risk management.
Risk estimation model:
Y = -0.605 – 0.324 x₁ +0.301 x₂ + 0.187 x₃ + 0.586 x₄+ 0.136 x₅ +0.492 x₆
where:
x₁ is the cost factor
x₂ is the schedule factor
x₃ is the human factor
x₄ is the resources factor
x₅ is the planning & control factor
x₆ is the software factor
To verify a hypothesis was tested to validate the significance & suitability of the model which was confirmed to be true. Similarly, The paper also tests the model equation to verify the hypothesis/assumption of multiple regression using Normality, Linearity, Homoscedasticity, and Independence of error which was mathematically validated and verified.
Limitations & Future Work
With the rising growth of Software industries, the paper has limited itself to certain regional companies under a fixed survey radius that constrains the generality of the model at wider/international levels and fields of IT.
The paper deals with a great amount of mathematical verification but fails to provide facts on how it can be implemented in a real-world scenario where there are more than 6 independent variables and by projecting its outcome.
The collection of more data from different regions can improve the credibility of research followed by including data mining techniques. Exploring the field of neural networks to learn and process complex models may result in relatively accurate results.
References
R. Bista, S. Karki, and D. Dongol (2017). A New Approach for Software Risk Estimation (Research paper). Retrieved 2021, from https://drive.google.com/file/d/1hDpuhe0WHGLUUTeIDmrGs8RYokeCjMqG/view