International Journal of System & Software Engineering

Open Access Open Access  Restricted Access Subscription Access
Open Access Open Access Open Access  Restricted Access Restricted Access Subscription Access

Perceptions on Risk Management Strategies in Software Development


Affiliations
1 Bhagwant University, Ajmer, Rajasthan, India
2 Jaypee University of Engineering & Technology, Guna, Madhya Pradesh, India
     

   Subscribe/Renew Journal


According to CHAOS 2004, maximum projects were finished with overtime and overbudget, which cause project failure. Therefore this risk should be analyzed to understand software risk. Many authors have identified different risk factors like team risk, organisational and environmental risk, requirements risks, plan and control risk, etc. Solutions are not many, but simulation and case studies are some of the solutions to reduce risk. In this paper, open source architecture is discussed and also a solution is proposed, which makes the development more easy and secure towards risk.
Subscription Login to verify subscription
User
Notifications
Font Size


  • Alter, S. & Ginzberg, M. (1978). Managing uncertainty in MIS implementation. Sloan Management Review, 20(1), 23-31.

  • Bruno, V., Tam, A. & Thom, J. (2005). Characteristics of Web Applications that Affect Usability: A Review. In Proceedings of the 17th Australia conference on Computer-Human Interaction: Citizens Online: Considerations for Today and the Future (OZCHI 05), (vol. 122, pp. 1-4).Canberra, Australia.

  • CA/Wily. (2008). White Paper: Application Performance Management, Effectively Managing High- Performing Business- Critical Web Application. Business-Critical Web Applications.

  • Callegari, D. & Bastos, R. (2007). Project Management and Software Development Processes: Integrating RUP and PMBOK. In Proceedings of the 2007 International Conference on Systems Engineering and Modeling. (pp. 1-8).

  • Chowdhury, A. A. M. & Arefeen, S. (2011). Software Risk Management: Importance and Practices. 2(1),49-54.

  • Curphey, M. (2004). Software Security Testing: Let's Get Back to Basics. Retrieved from SoftwareMAG.com

  • Ebert, C., Murthy, B. K. & Jha, N. N. (2008). Managing Risks in Global Software Engineering: Principles and Practices. 2008 IEEE International Conference on Global Software Engineering. (pp.131-140)

  • ENISA (2009).Ebios Product Identity Card. ENISA Retrieved from http://www.enisa.europa.eu/rmra/methods_tools/m_ebios.html (accessed on June 17, 2009).

  • Erdogmus H. (2002). Aligning Software Development Investment Decisions with the Markets. National Research Council of Canada.

  • Futcher, L. & von Solms, R. (2008). Guidelines for Secure Software Development.

  • Ge, X., Paige, R., Polack, F., Chivers, H. & Brooke, P. (2006). Agile Development of Secure Web Applications. In Proceedings of the 6th International Conference on Web Engineering (ICWE'06) (pp. 305-312).

  • Glisson, W. & Welland, R. (2005). Web Development Evolution: The Assimilation of Web Engineering Security. In Proceedings of the Third Latin American Web Congress (LA-WEB'05), IEEE Computer Scociety. (pp. 5).

  • Hartmann, D. (2006). Interview: Jim Johnson of the Standish Group. Retrieved from http://www.infoq.com/articles/Interview-Johnson-Standish-CHAOS (accessed on March 8, 2009).

  • Heemstra, F. J. & Kusters, R. J. (1996). Dealing with risk: A practical approach. Journal of Information Technology, 11(4), 333-346.

  • Hillegersberg, J. V. & Herrera, M. (2007). Tool Support for Distributed Software Development: The past - present - and future of gaps between user requirements and tool functionalities. In Tools for Managing Globally Distributed Software Development, Munich, Germany, 2007.

  • Huang, Y., Tsai, C., Lee, D. & Kuo, S. (2004). Non- Detrimental Web Application Security Scanning. In Proceedings of the 15th International Symposium on Software Reliability Engineering (ISSRE'04): IEEE Computer Society. (pp. 219-239).

  • Hussey, J. M. & Hall, S. E. (2008). Managing Global Development Risk. USA, Florida: Auerbach Publications.

  • ISO. (2005). ISO/IEC 27002: Information Technology - Code of Practice for Information Security Management.

  • ISO. (2004). ISO/IEC 13335-1: Information Technology- Security Techniques- Management of Information and Communications Technology Security. Part 1: Concepts and models for information and communications technology security management.

  • ISO. (1998). ISO/IEC TR 13335-3: Information Technology - Guidelines for the Management of IT Security. Part 3 : Techniques for the management of IT security.

  • ISO. (2000). ISO/IEC TR 13335-4: Information Technology - Guidelines for the Management of IT Security. Part 4: Selection of safeguards.

  • Johnson, D. L. (2009). Risk Management and the Small Software Project. Retrieved from http://www.sei.cmu.edu/iprc/sepg2006/johnson.pdf(accessed on May 4, 2009)

  • Jurjens, J. (2002). Using UMLSec and Goal Trees for Secure Systems Development. Communications of the ACM, 48(5), 1026-1030.

  • Kappel, G., Proll, B., Reich, S. & Retschitzegger, W. (2006). Web Engineering the Discipline of Systematic Development of Web Application. John Wiley & Sons, Ltd.

  • Keshlaf, A. A. & Riddle, S. (2010). Risk Management for Web and Distributed Software Development Projects. The 5th International Conference on Internet Monitoring and Protection.

  • Kontio,J. (1997). The Riskit Method for Software Risk Management. Maryland:University of Maryland.

  • Kumar,R. (2002). Managing risks in IT projects: An options perspective. Information and Management, 40(1), 63-74.

  • Lanowitz,T. (2005). Now is the Time for Security at the Application Level.

  • Lima,A. M. (2010). Risk Assessment on Distributed Software Projects. Cape Town, South Africa.

  • MacCrimmon, K. R. & Wehrung, D. A. (1984). The risk in-basket. Journal of Business, 57(3), 67-387.

  • March, J. G. & Shapira, Z. (1987). Managerial perspectives on risk and risk taking. Management Science, 33 (11), 1404-1418.

  • Mendes, E. & Mosley, N. (2006). Web Engineering. Berlin Heidelberg: Springer-Verlag.

  • Microsoft Security Intelligence Report (2008). Based on data from the DHS NVD & CERT

  • Miler, J. & Gorski, J. (2002a). Towards an Integrated Environment for Risk Management in Distributed Software Projects. 7th European Conference on Software Quality, Finland.

  • Miler J. & Gorski J. (2002b). Supporting Team Risk Management in Software Procurement and Development Projects. Proceedings of 4th National Conference on Software Engineering, Poland, 2002

  • Moynihan, T. (1997).How Experienced Project Managers Assess Risk. IEEE Software, 14(3), 35-41.

  • Osmundson, J. S., Michael, J. B., Machniak, M. J. & Gross, M. A. (2003). Quality management metrics for software development. Information and Management, 40(8), 799-812.

  • Presson, J., Mathiassen, L., Jesper, B., Madsen, T. &Steinson, F. (2009). Managing Risks in Distributed Software Projects: An Integrative Framework.IEEE Transaction on Software Engineering. (vol. 56, pp. 1-25).

  • Prikladnicki, R. & Yamaguti, M. H. (2004). Risk Management in Global Software Development: A Position Paper. In Third International Workshop on Global Software Development (GSD 2004), Edinburgh, Scotland, UK.

  • Roger,V. S. L. (1992). Software Development Risk: Opportunity, Not Problem. SEI, CMU/SEI-92-TR-30, ADA258743.

  • Romero, B., Villegas, M. & Meza, M. (2008). Simon's Intelligence Phase for Security Risk Assessment in Web Applications. In Proceedings of the Fifth International Conference on Information Technology, IEEE Computer Society. (pp. 622-627).

  • Schmidt, R., Lyytinen, K., Keil, M. & Cule, P. (2001). Identifying software project risks: An international Delphi study. Journal of Management Information Systems, 17(4),5-36.

  • Wallacea, L., Keilb, M. & Raic, A. (2004). Understanding software project risk: A cluster analysis. Information & Management, 42(1), 115-125.

  • Williams, R. (2006). The CMMI RSKM Process Area as a Risk Management Standard. In Proceedings of Sixteenth Annual International Symposium of the International Council On Systems Engineering (INCOSE).

  • www.codeigniter.com, MVC framework

  • www.cakephp.org, MVC framework


Abstract Views: 232

PDF Views: 2




  • Perceptions on Risk Management Strategies in Software Development

Abstract Views: 232  |  PDF Views: 2

Authors

Nitin Deepak
Bhagwant University, Ajmer, Rajasthan, India
Shishir Kumar
Jaypee University of Engineering & Technology, Guna, Madhya Pradesh, India

Abstract


According to CHAOS 2004, maximum projects were finished with overtime and overbudget, which cause project failure. Therefore this risk should be analyzed to understand software risk. Many authors have identified different risk factors like team risk, organisational and environmental risk, requirements risks, plan and control risk, etc. Solutions are not many, but simulation and case studies are some of the solutions to reduce risk. In this paper, open source architecture is discussed and also a solution is proposed, which makes the development more easy and secure towards risk.

References