Attack Major Risks Early and Continuously. , or They Will Attack YouAs Tom Gilb said, "If you don't actively attack the risks, they will actively attack you." [1] As Figure 2.1 shows, one of the prime benefits of the iterative approach is that it allows you to identify and address major risks early in the project.
Figure 2.1. Risk Reduction Profiles for Waterfall and Iterative Developments. A major goal with iterative development is to reduce risk early on. This is done by analyzing, prioritizing, and attacking top risks in each iteration.
Why address top risks early on? Unaddressed risks mean that you are potentially investing in a faulty architecture or a nonoptimal set of requirements. This is bad software economics. In addition, the amount of risk is directly correlated to the difference between the upper and lower estimates of how long it will take to complete a project. To come up with accurate estimations, you need to identify and address risks up front. How do you deal with risks early on? At the beginning of each iteration, the RUP advises you to make, or revise , a list of top risks. Prioritize the risk list; then decide what you need to do to address, typically, the top three to five risks. For example, the risks may look as follows :
Now, how will this risk list be used? Addressing risks should be a priority for everyone throughout the project. Look at what you would "normally" do for the iteration at hand, then slightly modify the plan to make sure that you deal with your risks. Typically, risks need to be addressed from multiple perspectives, such as requirements, design, and testing. For each of these perspectives, start with a coarse solution and successively detail it to diminish the risk. You may, for example, add the following actions to address the earlier-identified risks:
Many project risks are associated with the architecture. This is why the RUP's primary objective in the Elaboration phase is getting the architecture right. To do this you not only design the architecture, but you also implement and test it. (Find out more about this in the section Baseline an Executable Architecture Early On.) One thing to keep in mind is that the risk list continuously changes. Attacking risk is a constant battle. In each iteration you will be able to reduce or remove some risks, while others grow and new ones appear. SummaryThe RUP provides a structured approach to addressing top risks early, which decreases overall costs and allows you to make earlier, more realistic, and more accurate estimations of how much time it will take to complete the project. Remember that risk management is a dynamic and ongoing process. |