Applicability of risk process in software projects in accordance with ISO 31.000:2009

Abstract

In a progressively competitive global market, software development companies, under the pressure for conquering new market shares, subject themselves to business demands where the inherent risks to these operations are diversified and of exposure not always calculated. Given that a minority of such companies adopt risk management into their business processes, such exposure may affect the participation and success of these projects. To assure the quality of the software risk analysis and risk assessments are required. Among the uncertainties of software design, some risk factors should be treated: timeline, estimated costs and compliance to business requirements, among others, can be mentioned. Through a bibliographical review it was possible to produce a risk roadmap to provide to the professional in the field the understanding of risks process in a friendly way. To contribute to these software projects, this work presents the activities of a risk management process, in order to insert the culture and capacity of professionals who work in such projects, can objectively target to the mitigation of risks into which such projects are exposed. In addition, the adopted approach is in accordance to ISO 31000 standard. © IFIP International Federation for Information Processing 2013.