Risk Assessment & Mitigation Planning
DSA's method for Risk Assessment & Mitigation Planning is derived from the extensive work done at the Software Engineering Institute at Carnegie Melon University on Taxonomy-based Risk Assessment. This foundational method is High Value-adding as it creates a Framework of Risk Categoreis and Types and provides a method for understanding and managing the cascading effects of risks.
 
The Risk  Mitigation & Planning Process
  1. Identify Risks by Type (within each risk category)
  2. Identify the Risk Trigger(s) - what will trigger the risk
  3. Identify all other risks which my be triggered by any given risk - the Taxonomy
  4. Quantify Probability
  5. Quantify Cost
  6. Weigh the Criticality of each Risk against its probability
  7. Establish Proactive Risk Mitigation Tactics for High Probability/High Criticality Risks
  8. Fold Risk Mitigation Tactics into your execution plan to enable tracking & reporting
  
Risk Categories & Types
Product Engineering      
  1. Requirements
      a. Stability
      b. Completeness
      c. Clarity
      d. Validity
      e. Feasibility
      f. Precedent
      g. Scale
  2. Design
      a. Functionality
      b. Difficulty
      c. Interfaces
      d. Performance
      e. Testability Constraints
      f. Non-Development
      g. Software
  3. Code and Unit Test
      a. Feasibility
      b. Testing
      c. Coding/Implementation
  4. Integration and Test
      a. Environment
      b. Product
      c. System
  5. Engineering Specialties
      a. Maintainability
      b. Reliability
      c. Safety
      d. Security
      e. Human Factors
      f. Specifications
Development Environment
  1. Development Process
      a. Formality
      b. Suitability
      c. Process Control
      d. Familiarity
      e. Product Control
  2. Development System
      a. Capacity
      b. Suitability
      c. Usability
      d. Familiarity
      e. Reliability
      f. System Support
      g. Deliverability
  3. Management Process
      a. Planning
      b. Project Organization
      c. Management Experience
      d. Program Interfaces
  4. Management Methods
      a. Monitoring
      b. Personnel Management
      c. Quality Assurance
      d. Configuration Management
  5. Work Environment
      a. Quality Attitude
      b. Cooperation
      c. Communication
      d. Morale
Program Constraints
  1. Resources
      a. Schedule
      b. Staff
      c. Budget
      d. Facilities
  2. Contract
      a. Type of Contract
      b. Restrictions
      c. Dependencies
  3. Program Interfaces
      a. Customer
      b.  Associate Contractors
      c. Subcontractors
      d. Prime Contractor
      e. Corporate Management
      f. Vendors
      g.  Politics