Types of Risks in Software Projects

Are you developing any Test plan or test strategy for your project? Have you addressed all risks properly in your test plan or test strategy?

As testing is the last part of the project, it’s always under pressure and time constraint. To save time and money you should be able to prioritize your testing work. How will prioritize testing work? For this you should be able to judge more important and less important testing work. How will you decide which work is more or less important? Here comes need of risk-based testing.

What is Risk?
“Risk are future uncertain events with a probability of occurrence and a potential for loss”

Risk identification and management are the main concerns in every software project. Effective analysis of software risks will help to effective planning and assignments of work.

In this article I will cover what are the “types of risks”. In next articles I will try to focus on risk identification, risk management and mitigation.

Risks are identified, classified and managed before actual execution of program. These risks are classified in different categories.

Categories of risks:

Schedule Risk:
Project schedule get slip when project tasks and schedule release risks are not addressed properly.
Schedule risks mainly affect on project and finally on company economy and may lead to project failure.
Schedules often slip due to following reasons:

  • Wrong time estimation
  •  Resources are not tracked properly. All resources like staff, systems, skills of individuals etc.
  •  Failure to identify complex functionalities and time required to develop those functionalities.
  •  Unexpected project scope expansions.

Budget Risk:

  •  Wrong budget estimation.
  •  Cost overruns
  •  Project scope expansion

Operational Risks:
Risks of loss due to improper process implementation, failed system or some external events risks.
Causes of Operational risks:

  •  Failure to address priority conflicts
  •  Failure to resolve the responsibilities
  •  Insufficient resources
  •  No proper subject training
  •  No resource planning
  •  No communication in team.

Technical risks:
Technical risks generally leads to failure of functionality and performance.
Causes of technical risks are:

------------

  •  Continuous changing requirements
  •  No advanced technology available or the existing technology is in initial stages.
  •  Product is complex to implement.
  •  Difficult project modules integration.

Programmatic Risks:
These are the external risks beyond the operational limits. These are all uncertain risks are outside the control of the program.
These external events can be:

  •   Running out of fund.
  •   Market development
  •   Changing customer product strategy and priority
  •   Government rule changes.

These are all common categories in which software project risks can be classified. I will cover in detail “How to identify and manage risks” in next article.



Get FREE eBook + Blog Updates By Email!

Subscribe to get software testing awesome articles and free resources. Enter your email address and click 'SIGN UP NOW' button.


78 comments ↓

#1 vami k on 12.18.07 at 6:04 am

Should we consider and risks as problems while analsing risks?
More on how to address the risks associsted with resources, mainly human resources like if a tester is leaving the team in between then how to analyse the effect of this on project performance and how to minimise such risks?

#2 Veronica on 12.19.07 at 8:06 am

Hi, my name’s Veronica.I’m beginner in the knowledge of software testing. May I talk with someone, who can help me understand this process. My english is not so good, but I undestand what you’ll can to say. I read many information about sofware testing, but I nor undestand the essential of this. May I talk with somebody by ICQ who know how it work, who can give me the sample which I try to do the test. In theory I undestand , but in practical I’m zero.
Please help me somebody!
Send your IQ address on my e-mail.
Thanck you very much.

#3 Veronica on 12.19.07 at 8:09 am

my e-mail address: vercic@gmail.com

#4 hari on 12.20.07 at 11:43 am

Hi,
Is these risks taken care by testers.What are responsibilities if we found such type of risks.Mainly Operational risks.

#5 Gatari Mishra on 12.21.07 at 12:10 pm

can some body please give the best bug report formart..
or else give some tips to prepare a effective bug report.

regards

gayatri

#6 Mruga on 12.27.07 at 7:14 am

Hi,

I have a question that how the testers can incorporate these risks in their testing cycle?Is this only be used at the time of creting Test Plan?

#7 rahul on 12.29.07 at 7:36 am

Hi,

Can you elaborate on Programmatic Risks,
Does it depends on the coding? you have not mentioned anything about coding…..

#8 chanchal on 01.02.08 at 12:22 pm

I am a fresher I am going to complete my diploma in IT
in feb month .I have good knowledge of manual testing as well as automated testing such as winrunner,testdirector.load runner and QTP.i have worked in live project. so Ple advice me how to get into company as fresher my Ph no is 9902280190 .

#9 Vijay on 01.02.08 at 2:36 pm

@Vami – Problem is different than risk. Risks are future uncertain events those may or may not occur. Problems are events that are actually occurred.
Handling the resource risks is fairly depend on management. Project management should have contingency plan if any human resource is not available in between the project. Such contingency plan include backup resources, training approach to new resources. Also fair work distribution and involvement of each project member in every project activity can minimize resource risks.

@ Hari and Mruga- Ideally each and every risk should be identified in advance and contingency plan should be available in project risk management strategy. Individuals may be testers related to each risks are responsible for implementation of risk response action based on risk occurrence.

@Rahul – Risks related to coding are Technical risks and not come under Programmatic Risks.

Guys, in coming post I will cover risk identification, Analysis and management in detail. So all your queries will get addressed in detail.

#10 dhana on 01.10.08 at 11:15 am

plz anybody send me manual testcase documents.

#11 Priya.K on 01.11.08 at 5:06 am

I need different types of test cases writing.
for Eg: for login screen wht are the types or in what all ways we can write.

#12 Thulasi Suresh on 01.11.08 at 8:42 am

@Vijay
I agree what you stated is right. QA is nothing but Planned and systematic set of activities. Before risk occurs we need to state that what are the possible ways it may occur and also the preventive action plan.

@Priya.K (Login Screen)
1. As of Unit Testing – Validation of Username and Password
2. Integration – On click of Login whether server validates the authenticated user or not
3. System – Recovery Testing, Performance Testing, Regression, Security Testing, Compatability Testing (OS and Browsers).

#13 NadeemAhmd Junaidi on 01.19.08 at 5:18 pm

How to begin in an interview wen a question is posed explain ur current project?wat n all things to b covered while answerin for this wat not to mention to play safer

#14 motiranjan on 01.21.08 at 9:43 am

hai
can u give some information about test data and how to generate test data

#15 Prasad on 01.24.08 at 5:34 pm

According to adhoc testing, when we test without specifications, if any changes occurs in ur build… whether this test case should be added in the specification or not…

Can u reply this question…

#16 Seethapathik on 02.01.08 at 11:03 am

I want to know the terms 1. Test Strategy,Test case,Use case,Test plan,Test Suite?

#17 Vishal on 02.20.08 at 9:09 am

I am working as Software Test Engg. Till now I have not appeared for any of the Testing certification Exam. So can you please suggest me for which exam Should I appear first…..?

#18 Kiran kumar on 03.25.08 at 5:16 am

Hai Everybody…i am silent member to this community….i am a entry level testing professional ….can anyone suggest good testing books for basic software testing ?

#19 lalit on 03.28.08 at 7:28 am

hi vijay or anyone can you mail me the “How to identify and manage risks” material to lalitd@indiatimes.com its urgent

#20 nandini on 04.11.08 at 9:46 am

could u tel me the how to design and write the testcases.

#21 salim on 04.17.08 at 10:47 am

hi first of all you should write the fields like testid,test description,test steps,expected result and actual result,test status for further contact my gmail jobssalim@gmail.com

#22 Munikrishna on 04.17.08 at 1:20 pm

I am working as a Soft Ware Test Engineer .Anybody can tell How to prepare Test plan

#23 Munikrishna on 04.17.08 at 1:21 pm

I am working as a Soft Ware Test Engineer.Anybody can tell how to prepare Test Plan

#24 Ekta on 05.02.08 at 9:14 pm

I am attending interviews to get job as software tester. For short duration projects companies expect me to have full knowledge of TEST PLAN,TEST METHODOLGY , TEST STARTEGY and TEST DELIVERABLE.Many times i face problem to answer these questions properly.Can anybody tell me how to prepare test plan. Please help me with these questions.

#25 madhav on 05.05.08 at 5:15 am

what is the difference between version and Build?

#26 madhav on 05.05.08 at 5:33 am

Build means which is released to testing team for testing.
whereas version means which is released to end users for use or may be for acceptance testing.
correct me if am wrong.

#27 Tiger2K on 05.05.08 at 6:32 am

BUID is process of converting sourece code in to executable code (.exe) and giving it to the testers for testing.
Version is number of release made during the life cycle of a product.

#28 madhav on 05.05.08 at 6:53 am

thank a lot Tiger

#29 vinodini on 05.28.08 at 4:52 am

HI,

Could please let me what kind of Risks/Contingencies are expected to be written in a test plan.

#30 Rajatha on 05.29.08 at 7:08 am

@vinodini,
i will one u one ex for this.
assume there r 3 modules ‘A’,’B’,and ‘C’ and 3 Test Engineers 1, 2, 3.
1. Assumption: every person who all involved in project will remain till the end of product life cycle.

2. Risk: some person may quit the job in the middle, who has been assigned to handle module ‘B’.

3. contingency plan :
person1 : primary module -> ‘A’
secondary module ->’B’
person2 : primary module -> ‘B’
secondary module ->’C’
person3 : primary module -> ‘C’
secondary module ->’A’

so in this ex, person2 has left job, so person1 has to continue with this module. so v can save time of training new engineer.

suggestions would be accepted.
thanx,

#31 Suresh Balakrishnan on 06.04.08 at 12:39 pm

Hi Vinodini,

This is Suresh Working as a Test Engineer. I have mentioned about Risk and Contingency as follows:

Risks and Contingencies
Specify any potential risks and plans for mitigating, addressing and/or resolving those risks.

Thanks,
Suresh
bsuresh7282@gmail.com

#32 Chhaya chaudhari on 06.16.08 at 5:09 am

hi
can u tell me how to write test strategy?

#33 Manya on 07.08.08 at 5:15 am

Hi , I’m currently doing my master’s thesis on risk based testing . I was wondering if anybody in this group has anything to say about “Risk Based Test Prioritization in Agile processes” .. I haven’t personally worked in an agile environment , so , do you think if risk based priotization of testcases in an agile process maes any sense at all? or are is it a contradiction of terms

#34 Shivakumar on 08.12.08 at 9:22 am

@manya –Hi agile testing is development driven by testing … Risk based prioritization would be for any testing process and it will also be in agile testing

#35 Akathingo on 10.14.08 at 2:49 pm

This is quiet an interesting site i can say. i would love to know how risk management plans are to be gone about as far as project planning is concerned.

#36 revathi on 02.16.09 at 4:21 am

about insurance

#37 lucy on 03.10.09 at 8:24 am

please explain to me types of maintainance that can be carried out on a software product?

#38 lucy on 03.10.09 at 8:34 am

pliz help me;am working on a project tha should be related to IT.my choice is to createv a system for a library.pli give me a sample of a library system project.

#39 Manjula on 04.14.09 at 5:29 am

Hi ,

I want the information on how to identify risks when our tool is replaced with third paty tool.
How to identify risks when the third party product is interacting with so many interfaces( we dont ahev any documents like BRS.Only when we have arche tech diagrams and small description abotu the interfaces and product)

#40 Safia on 05.13.09 at 3:47 pm

Hi,
I need to know RMMM. How can I reference any RMMM plan for a particular list of risks. Can you send me few links related to finding Risk Mitigation, Monitoring and Management Plan asap?

#41 godfrey on 12.30.09 at 10:51 pm

i need help! have a report on the misinterpretation of risk management in software project management….could u give me some links where i could source of materials to help me. i need every advice or material

#42 Aishwarya on 03.11.10 at 11:24 am

Hello,

looking for a change with following profile

Exp – 5 Years
Skill- Manual testing, sql, Unix, agile, knowledge of QTP
Notice- 15 days
Location- Pune
email- aishwarya.koche@gmail.com

Thanks in advance

#43 Roel on 03.22.10 at 9:22 am

Hi,

I need to create a Risk Management Plan, I came upon your site while searching the net for some references. Do you mind if I use this a reference? I would like to request for your permission so I could include the information here to my document.

Thanks,
Roel

#44 Ritu on 06.20.10 at 7:28 am

Hi..
Am testing a web application.in tat application OS has been upgraded.I need a sample TEST STRATEGY and TEST PLAN for OS upgrade.kindly send me these 2 docs to my mail performanz87@yahoo.com

#45 Swati on 08.17.10 at 5:17 am

You mention the ‘next article’ How to identify and manage risks- where can I find it?

#46 Phyo thu maung on 08.26.10 at 6:20 am

I am a IADCS student, and I want to know about the risks faced by project manager. Please explain me about the summary of risks faced by project manager taking over an existing project, which has a cirtical deadline

#47 SASIDHAR on 09.07.10 at 9:38 am

Hi…
please tell me which test shold be efficient if code below ten thousand line?

#48 G.Chaitanya on 09.07.10 at 9:44 am

Hi…
which software model can be used if we have limited number of requirements?

#49 Ramani chandra on 09.17.10 at 10:25 am

HI

I am ramani chandra

Last week I attended tcs interview.They asked one question about severity and priority.question is if i am having the bug wiht low priority and high severity which one will i test first? I said high severity i ll test first is it correct? this is my email id :rchandra06@gmail.com

please send me some real time interview questions and how to answer

#50 Ramani chandra on 09.17.10 at 10:27 am

Can u please send me sample document s of test plan to this mail id rchandra06@gmail.com

#51 jagan on 10.20.10 at 6:31 am

explain a risk factor with a practical example in daytoday life…………………….

#52 Vamsi on 10.22.10 at 10:21 am

I had dropped a mail to chandra..regd severity and priority justfication..u can check and reply me the comments..

Best Regards,
vamsi Krishna

#53 AbuHashem on 10.28.10 at 8:27 am

greeting
i’d like to know if any one have a general risk list for the IT projects.

thanks

#54 Vanitha on 11.13.10 at 7:52 am

Hi
I am Vanitha

I have done B.E(ISE) passed out in 2009. Now i am working in small company handling CRM project(sending sms to customer) . I am working as sofware developer. Actually it is a small company, they dont have any testing tool. so i have coded form. Now i am looking job on software testing.

So How do get prepare???
Which Testing Method is good for CRM??

If HR Asks me….. why i am looking job in software testing field..
Then How do i Convice him???

Please help me……

#55 swapna on 03.11.11 at 6:48 am

can you anybody tell me what testing we are use in software projects commonly. how to find the differences .

thanking you

#56 rikitiki on 03.22.11 at 7:29 pm

Since you mention your next article, it would help to have a link to that article. I don’t see one anywhere obvious.

#57 vennelacnu on 04.14.11 at 9:29 am

Hi Vanitha,
Testing methods are common for every tool if you have domain knoledge means enough.
now a days in market having SAP testing,.net testing and Mainframe Testing etc..but the testing methodologies are common in software testing what ever the application is your going to apply common proceedure so dont bother about it you concentrate on concepts of testing and in which time we are going to appy these tests in application.
And the HR asking you why you choose testing ?
comparing to my Engineering degree and skills it is suitable to me and i have such politeness to work on it.

#58 Sanu Jos on 04.14.11 at 4:10 pm

Hi Ramani ,

Please find the answer for
Query: 49 Ramani chandra on 09.17.10 at 10:25 am

for me it seems, we should test High priority and low severity bug if there is strict time line.(Delivery time is very near and you cannot focus on Major bug fixes)

Justifications :
# We can easily make the fixed code on board with minimal time .
#most probably , the test effort and bug fix effort will be less for low severity bug. for example : A spelling mistake on the home page .Developer can easily fix the issue and deploy the bug fixed code on board with in minimal time.
#If developer tries to fix the high severity issue , QA needs to do a regression test to ensure previously working functionalities are not breaking.

Please let me know other’s comments/ thoughts .

#59 Sanu Jos on 04.14.11 at 4:15 pm

Hi Veronica

Please find the answer for your query :
Veronica on 12.19.07 at 8:06 am

When you say you need to know Testing Process..
i would like to know where you want to pitch in ..

1)Test Requirement Analysis
2)Test Scenario specification
3)Test case/Script preparations
4)Test Execution
5)Test Reporting
6)Test Report Analysis & Review

#60 ritika on 05.02.11 at 7:48 am

Hi
I am Sr. Software engineer with an experince of 8 years in manual testign and in Managing projects (As acting team lead). could any one mail me the type questions that can be asked to an 8 yrs experinced tester.

Thanks in advance

Regards
Ritika

#61 ritika on 05.02.11 at 7:49 am

Hi
I am Sr. Software engineer with an experince of 8 years in manual testign and in Managing projects (As acting team lead). could any one mail me the type questions that can be asked to an 8 yrs experinced tester.

My email id is : ritika102011@gmail.com

Thanks in advance.

Regards
Ritika

#62 yusuf on 06.29.11 at 1:13 pm

i am a student from informatics computer school running my Bsc in computing. as part of my assignment i was assigned to identify 10 possible risks that can occur in an examination system for a school. and i have no idea how to identify these risks. can someone pls help me..thanks.

#63 Viplav Anand on 07.01.11 at 9:10 am

Risk is nothing but minimizing of the budget to test without compromising on losing the biz due to missed defects.

In more simple terms if you take it,

suppose you have to test an application, and you can do 100% Test coverage and it takes suppose 25 man days,

Now do some analysis,

First : if you reduce the man days available to 22 and check for the coverage how much you can target, whihc in some statistical analysis comes to 90.3%

Second : if you reduce the man days available to 20 and check for the coverage how much you can target, whihc in some statistical analysis comes to 90.2%

Third : if you reduce the man days available to 18 and check for the coverage how much you can target, whihc in some statistical analysis comes to 90.1%

Fourth : if you reduce the man days available to 16 and check for the coverage how much you can target, whihc in some statistical analysis comes to 85.1%

then it is obvious that bringing the testing time to 18 days gives a test coverage to 90.1 % but any further reduction results some drastic change, however with 22 man days of effort it is not making much of a variation from teh one at 18.

Hence proceed with 18 man days .

But there are some tools which big organisation develop for their projects and proceed with a Risk Based Testing, which is more statistical to help the client be in synch with what is the risk.

#64 Srinivas on 07.07.11 at 4:59 pm

hi can you please send the testing premier book to srinivaspatro@gmail.com? i tried to download from the given link, but its not working.

#65 anusha on 08.04.11 at 9:47 am

i want learn s/w testing tool…but i don,t have any idea about this…..if i learn with in 30day…r not?..it easy r not?if i learn this i’ll get a job easly?

#66 mania on 08.20.11 at 9:39 am

hi
I need help about this,I wanna know about generic risk in ITs projects plaese mail me about it.
thanks
sahere_mania2004@yahoo.com

#67 manjunath on 08.22.11 at 10:30 am

hi anusha
Testing is easy when u like to do.
1. u should be done BSC or BE or MSC IT or MCA, then it is easy to understand the tool
2. manual testing is easy to learn no programming skill required
3. for automation u should know vb or c# pgm languages
u can learn with in 30 days manual testing

if u want any help regarding books or tool free feel to contact me
manjurock.n@gmail.com

#68 Shah H on 12.19.11 at 5:06 am

Does anybody know what Risk aging is and how do we monitor it ?

#69 John on 01.24.12 at 8:19 am

Frankly I’m a little saddened by the blasé nature of the attitiude towards testing as a profession on here.
I’ve been a professional test consultant to some of the UK’s and the world’s largest IT programmes over the last 15 years and would say that the information being disseminated BY POSTERS on here is largely innaccurate and misleading to those wishing to start a career in testing.

If you have any sense at all you’ll already know that taking you knowledge from others on internet forums is definitely no way to learn in the long run. Read, pay to study for an ISQTB or similar, most of all, go out and get a role with a group of test professionals who will pay very little but give you great experience on projects.

Don’t waste your time trying to cut corners by getting ‘tips’ in forums, trust me, though the information presented by the website is GOOD, the information given by other posters is weak at best.

So I repeat, and I’m sure the site owner would agree, there’s no substitute for real experience and proper study, but sites like this can be an excellent supplement and a great help whilst you’re working (I came here to read a little regarding representation of risk in test planning and got distracted by the terrible posts of some people).

Good luck all

#70 issa on 04.30.12 at 3:58 pm

how to evaluate the potential risk and to justify plan for risk management in deployement and implementation of software

#71 kyebambe saleh on 05.05.12 at 9:01 am

i appreciate ur stand as in helping us.but i need to understand more about risks under project recruitment

#72 kyebambe saleh on 05.05.12 at 9:03 am

hi,
thanks for dat

#73 alifat on 08.08.12 at 4:51 pm

hae.
1 luv.. tnxs alot..

#74 vikas mathur on 09.15.12 at 7:53 pm

what is the main difference between qa and qc?

#75 madhu on 12.25.12 at 12:47 pm

thanku.

#76 Mahalaxmi on 09.12.13 at 7:14 pm

Hi

How to handle and mitigate these technical risks and Programmatic Risks? i am not finding contusion link.
if any where i am missing plz mail me.

The test strategy is provides the steps tobe taken under while testing and the efforts, time and
resourcess required for the testing. am i rite.

#77 jaya on 01.12.14 at 8:23 am

How to handle and mitigate these technical risks and Programmatic Risks? i am not finding contusion link.
if any where i am missing plz mail me

#78 Failure Mode and Effects Analysis (FMEA) – How to Analyze Risks for Better Software Quality & Satisfied Customers! — Software Testing Help on 01.22.14 at 8:55 pm

[…] See Also => Types of Risks in Software Projects. […]