Thursday, November 12, 2009

All the Risk You Can Handle



[ Team LiB ]





All the Risk You Can Handle


My Ptolemaic seminar attendee said my approach ignored the dynamics of real projects, and other people have claimed that the SW-CMM makes organizations risk averse.[6] They become bureaucratic and conservative, the claim goes, which hurts their competitiveness. How does the industry experience bear this out?


In Level 1 organizations, fewer than half the respondents to one survey said their management was willing to take on "moderate" or "substantial" risk. In Level 3 organizations, almost 80 percent said they were willing to take on that much risk.[7]


This relationship between process effectiveness and ability to take on risk was demonstrated by the Cheyenne Mountain ATAMS project.[8] The ATAMS project team committed to complete the project for one-fifth the cost and in one-half the time of the best available estimate. In the end, they delivered the software one month ahead of schedule and within budget. Eighteen months after release, only two defects had been discovered in the software, and both were easily corrected. The project team's success on this high-risk project resulted from carefully managing requirements, using formal inspections on their designs and code, and practicing active risk management.


The effect of organizational improvement on risk taking is the opposite of what some people think. By reducing exposure to unnecessary risks�the kind of risks Fred Brooks might call "accidental" rather than "essential"�the process-sophisticated organization is in a better position to take on calculated, voluntary risks than less sophisticated organizations, which are overwhelmed by involuntary risks assaulting them from all sides. (Chapter 5 contains a more detailed discussion of Brooks's distinction between accidental and essential properties.)





    [ Team LiB ]



    No comments: