The purpose of the risk descriptions study is to explore the risk predilection on the effectiveness of project software.

The purpose of the risk descriptions study is to explore the risk predilection on the effectiveness of project software.


The delivery of comprehensive web software designing projects within the desired financial and quality attributes can be delayed on time due to the organizational problems, high rate of complexity and variable risks impacts in software project. The supervision and development process of web software designing is more difficult. So, it is important that to specify and investigate these software risks within the proper assessment and management. In this paper, the analysis and assessment of these risks should be done by the using of probabilistic measurements. This analysis should be useful for the qualitative and quantitative measurements of risk in the web designing and implementation of effective risk management process.

Risk Recognitions

Risks are future unsure tasks with a likelihood of incidents and a prospective for failure. Risk classification and management are the major anxiety in every software project. The effectual analysis of software risks assessment will be helpful for the competent planning and tasks of effort to classify risk attributes. There are aspects of risks in web software designing project, internal and external risks. The internal risks should be related to the risk issues within the organization and external risks are out of the organization and these are complicated to handle in project. A web software projects also have a high degree of uncertainty due to the explicit requirements from end users side and modified technical qualities. So, the critical factors or risks that’s could affect the change of project phases and establishment area are as follows, Inappropriate designing, Impracticable scheduling and budgetary planning, Impracticable scheduling and budgetary planning and Inadequate quality attributes verification and user satisfaction. The flow diagram of web software risks are given below

Risk Descriptions

The purpose of the risk descriptions study is to explore the risk predilection on the effectiveness of project software. The different level of risks planning and strategy is an important parameter that’s having a variable affects on project establishment/firm. So, the low level of risk strategies affects the expected outcomes due to unpredicted events. While high level of risk strategies should provide higher profitable outcomes. The different aspects and methodologies of risk specifications/Descriptions are as follows

Problems/Events of web software designing risks:

The following events or problems of the web designing risks are as follows

1)Inappropriate Designing:
Incessant varying constraints
A lack use of advanced technology
Complexity in Implementation section
Complicated project modules assimilation
Failure to address priority inconsistency
Failure to admit the responsibilities
Inappropriate instructions, scheduling and communication between team members
2)Impracticable scheduling and budgetary planning:
Inadequate information of software tools
A lack of project estimations
Sluggish management life cycle
Lack of budgetary resources
Inadequate knowledge about technical equipments
Inappropriate security plans
Inadequate documentation of designing methodology
3)Inadequate quality attributes verification and user satisfaction:
Lack of observation and unrealistic changing
Inadequate budgetary plans
Wrong time changing in technology and management process
Failure in financial planning
A lack of commitment between end users and software developer
Lack of project definitions and attributes
Varying customer invention policies and priorities

Risk Impact and Probability Ranking:

The probability and impact array shows a risk rating task for the identification of risks. Then each risk is rated according to its probability of incidence and impact upon purposes. The overall assessment of risk impact ranking show that the appropriate services level within the project is affected or stable.

Risk: It is the product of probability and impact factor

Risk=Likelihood Impact influence

Probability: The chance of the risks/events occurring or not

Impact: The outcomes/end result if the risk should be occurred

The risk impact matrix definitions are

Impact Criteria





If the risk actions is occurred then project will collapse


If the risk actions is occurred then project will be encounter, main portion of expenditure is increases


If the risk events is happened then the project will be encounter, a modest portion of project expenditure is increases


If the risk actions is occurred then the project will be encounter, a minute portion of project cost is increases


If the risk actions is occurred then nothing will be changed in project expenditure


The probability chart/array definitions are

Probability Criteria





Rare chances that risk will occur


Improbable the risk will occur


Even Probably the risk will occur


To be expected that risk will occur


Extremely that risk will occur


The table of risk awareness area and risk conditions of the project gives the impact of risk occurrence which is useful to decide the overall efficiency of working. The table of risk impact in different dimensions is given below

Risk Severity Table

Risk Numbering


Probability (%)




Poor mission strategy and Targets





Poor decision-making Management Support





Lack of Customers Participation





Lack of Technical Knowledge





Unclear statement of requirements & objectives





Lack of project scheduling & estimating





Lack of advanced Technology use





Lack of Managerial Experience





Lack of communication gap b/w staff members, stakeholders and end users





Lack of budgetary Supply & Planning





Lack of key Stakeholders involvement





Customers unconvinced at project deliverance





The risk impact and probability ranking graph/chart is based on the two fundamental dimensions of risk. In this graph, the risk that will be occurring is plotted on the abscissa (x-axis) and impact of risk on ordinate (y-axis).

By the using of these two measures, risks are plotted on the graph. This scenario provides a swift and apparent vision of the priorities that should be needed in each stage. Then we decided that what contingency plans should be needed to handle and managed the meticulous risk areas.

The fundamental structure of the risk impact and probability ranking graph is shown below

Risk impact and Probability Ranking Graph


= Low

= Medium

= High

Extenuation and Eventuality Plans
Risk Extenuation/Mitigation Planning:

The risk extenuation is the technical strategic/sub process of risk management to address the risks that occurred in an organization/project. The purpose of risk mitigation is to identify the risk factors in the organization and operational system, measure their effects and reduce these risk factors before the implementation of project. The risk mitigation is the systematic technique that used by the management team to minimize the risk factors and stabilized the project strategy and plans. The risk extenuation planning can be achieved by the using of following methodology options:

Risk Postulation:
In this, accept the risk with the consideration of eventuality planning

and continue operating system of development to minimize the risk up to standard intensity.

Risk Evading:

In this, avoid the risk by the eradicating of risk factors and use alternative approaches to reduce the risk at lower level.

Risk Mitigation:

Reducing the probability and impact factors by the using of different methodologies and continually check the circumstances of risk conditions. It includes the appraisals, surveys, risk avoidance milestones etc.

Risk Transference:

In this, transfer the risk to other party when an opportunity of risk reduction is available.

Risk Rescheduling:

In this stage, rescheduling all portion of project strategy. So that risk level is less likely to take place.

Eventuality/Contingency Planning:

The eventuality planning is logical approaches of risk management to identify the risk impacts that take place in project. The contingency strategy can be used before and after the occurrence of risks. The contingency planning should be reliable when the following aspects should be considered:

Analyze which key risks are potential and jeopardize the project.
Prioritize the risks in the conditions of their intensity.
Analyze which risk events are under control and which ones are out of control.
Evaluate the contingency planning on those risk events that are under the supervision of management team.

The risk extenuation and eventuality planning flowchart is shown below



Therefore the proposed extenuation and eventuality strategies of the selected risks within the project is as follow

Inappropriate Required Statements:

This type of risk is a major factor that affects the project scheduling, quality attributes and budgetary plans. Such type of risk is preventable if the proper mitigation tasks should be utilized and these are

1) Control the comprehensible understanding of stakeholder’s requirements.

2) Built up the communication system and reduce the gap between customers and project members.

3) Split up the end users into different categories according to their field of interest.

4) Deliver clear feasibility requirements to end users and stakeholders throughout project.

5) Provide a workshop of group based requirements and design technique to the end users, stakeholders and project members.

Wrong Cost Estimation:

Adequate cost estimation is the major problem in the web software planning process. The precise cost estimation is the valuable success factor in the software planning as well as in risk development cycle. The cost estimation of software planning depends upon three factors

a) Individual exertion

b) Time interval

c)Budgetary resources

The mitigation and contingency strategies of such type risk are as follows

1) Reduce the wrong cost estimation risk by the suitable selection of best cost estimation model in earlier time.

2) Use Empirical Cost Estimation (ECE) and Analytical model to minimize and control the inappropriate investment.

3) Provide an appropriate size method of conclusion b/w current and past projects.

4) The selected cost estimation model and complexity of projects should be explained to the stakeholders.

5) Hire experienced cost estimators that avoid the complexity of project cost before starting.

6) When the duration of the project unknown then squeezed down the project activities into significant path.

7) The project manager should visualize the cause of delay and discussed with stakeholders and team members for alternative route.

High stress of users than expectation:

Such type of the risk impact is avoidable and having a less impact intensity on overall progress. The behavior of end users in sometimes is variable and creates problems in the development of project. Their mitigation strategies are as follows

1) Built up the generous level of communication and understanding b/w customers and deliver clear features of requirements. Then the unrealistic stress b/w users and staff members are controlled.

2) Provide a non serviceable prototype to end users if they are overexcited in the progress of project.

Lack of use of Advanced Technology:

This type of the risk factor create a difficulties in operation section and such type of factor is occurred due to the following technical issues

1) Inadequate sources of skilled equipments for explicit technology.

2) Supplementary funding is required.

3) Failure to evaluate the maintainability.

4) Client conflicts for the technology.

The mitigation strategy of such type of situations is as follows

1) Select the appropriate use of technology according to the condition of project in the starting time so that all issues should be considers in mean time.

2) The association of best technology use should be carried out through the project. The association of best technology use should be carried out through the project.

3) The key stakeholders of the project should be familiar to the use unambiguous technology.

Lack of use of training on Equipments & Inexperienced Staff:

The impact of such type of risk is minor and remunerated by the using of different techniques. The impact of such type of risk factor is not transferred to the next stages. But develop a short duration of delay. Their mitigation strategies are as follows

1)If an appropriate funding is not available then project manager should negotiate with less experienced staff with supplementary training.

2) The slack activities can be used in the next stage of training.

3)Select a careful consideration of staff member’s selection. consideration of staff member’s selection.

4)The experienced staff should be selected for significant task and they make sure that no delay is probable during the project process.

Budgetary Prepositions of Mitigation and Contingency Plans:

In this process, the budgetary analysis of all resources, implementation control of project aspects and possible mitigation & contingency feasibility reports should be conducted for the purpose and establishment of financial circumstances. The budgetary prepositions analysis can be qualitative/quantitative and utilized for the purpose of risk reduction in different level of project stages. So, the Expected Monetary Vale (EMV) can be used for the measurements of budgetary prepositions of mitigation and contingency plans.

(EMV) is the product of likelihood risk occurrence and monetary outcome of risk occurrence.


It can be expressed as

EMV=Probability (P) Monetary Outcome (O)

The EMV of the project can be calculated by using this expression

P (EMV) =Project expenditure + Risk Impact cost – Occasion probable cost


Project expenditure: Preliminary estimated cost of the project

Risk Impact cost: The cost for the reduction of probability/Impact of project risks

Occasion probable cost: The cost cover risk that occur during the project

In this process, risk is directly proportional to cost and inversely proportional to profit. On other hand, the probable occasion is directly proportional to profit and inversely proportional to the cost.

According to web designing process of project InterLinc, the budget descriptions for web server, internet services, client training, networking server, information support centre, quality assertion etc are given below

Budget Summary


Estimated Budget for Services ($)

Quality Assurance


Web Server & Web Training


Network Server


Web Browser Access


Telecommunication Services


Customer Training Services


Miscellaneous Services


Total Cost


(Fig -7)

Now, the expected (EMV) of mitigation and contingency plans for the avoidance of risks from web software project is shown below

EMV Budgetary Summary

Risks No.

Risk Conditions

P (%)

O ($)

EMV ($)


Lack of use of Advanced Technology





Lack of training on equipment & Inexperience staff





Wrong Cost estimation





End users dissatisfaction





Inappropriate Supply requirements







Risk Management Techniques

The main objective of risk management techniques is to identify the potential/hazard risk factors on the point of view of their technical management aspects before they take place in the project. There is lots of techniques methodology that manage the risk factors within the project but we have to discuss only two of them.

Ishikawa/Fishbone Diagram:

Fishbone diagram is also called cause and effect diagram. This diagram are use to explain/analyze the causes and effects of risks that occur in the organization/project. The fishbone diagram for the effects and causes of risks within the project are given below

1)Web designing risk:


2)Scheduling and budgetary planning risk:

3) Quality and User Satisfaction Risk:

RISKIT Analysis Graph:

The RISKIT Analysis Graph is a diagrammatical formulation that can be used to identify the different features of risk factors that are more officially. This method is look like a tool that provides a link of communication during risk mitigation and contingency planning. The RISKIT Analysis Graph is useful for the decomposing of potential risks process into well defined elements. The diagram of their different elements are shown below

The RISKIT Analysis Graph for the selected risk factors, causes and effects within the project are given below

1)Web Designing Strategy:

2) Scheduling and Budgetary Planning :

3) Quality attributes & Customer Satisfaction:

Valuable Risk Management Lifecycle:

The risk management life cycle is designed for the quick response of risk in the organization/project. So, the valuable management lifecycle of the RISKIT Analysis Graph is given below

Appendix A: Table of Figures

Figure 1: Risk Classification

Figure 2: Impact Criteria

Figure 3: Probability Criteria

Figure 4: Risk Severity

Figure 5: Risk Impact and Probability ranking graph

Figure 6: Risk Mitigation Plan

Figure 7 & 8: EMV Budgetary Summary

Figure 9 to 11: Fishbone Diagram

Figure 12 to 15: RISKIT Analysis Graph

Figure 16: Risk Management Lifecycle

Appendix B: References

Kwak, Y & Stoddard, J 2004, Project Risk Management,5th ed. Technovation: 915-920.

Boehm, B.W 1991, Software Risk Management, New York: McGraw-Hill, Vol.41 pp. 32-41.

Han, W & Huang, S. 2007, An Empirical Analysis of Risk Components and Performance on Software Projects. Systems and Software, Vol.80, pp.42-50

Sengupta, B & Chandra, S 2006, A Research Agenda for Distributed Software Development. Shanghai: ACM. pp. 731 – 740

Offut, J 2009: Quality Attributes of Web Software Applications, IEEE Software, vol19, pp. 25-32.

Keshlaf, A & Hashim, K 2000, A Model and Prototype Tool to Manage Software Risks, IEEE Computer Society. pp. 297–305.

Charette, R 1989,Software Engineering Risk Analysis and Management, New York, McGraw-Hill. pp. 10-15.

Sommerville, I 2004: Mitigating Risk with effective requirements, New Jersey, pp 12-28.

Boehm, Barry W. 1997, Introduction to Software Risk & Risk Management, viewed on 20 April 2011,


Booker, G.2003, Software Project Risk Management & Organization, INFO 638, Lecture #2, Drexel Univ., viewed on 25April 2011,


Hashemian, V.2003, The Riskit Method for Software Risk Management, Univ. of Waterloo, viewed on 6 May 2011,


Hall, Elaine M 1998, Managing risk: methods for software systems development, Addison-Wesley, Reading, Mass.

Joyce Statz, Don Oxley & Patrick O’Toole 1997, Identifying and Managing Risks for Software Process Improvement, Crosstalk, pp. 13-18.