Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Control Systems
The important part is the feedback loop from the output to the input. This provides the ability
to control and correct. For project control, this usually means data collection, validation,
analysis, summarization, and reporting in a
timely manner.
Timely is important here. It has been said that running a project by reading the monthly or
quarterly reports is like trying to drive your car down the road by following the yellow stripe
in your rear-view mirror. You want data that
allows you to anticipate what is ahead and react accordingly. Advanced thermostats for homes
have an anticipation feature, which gradually adjusts the temperature to a new setting well in
advance of its programmed time. In your incoming data about project parameters, look for
indicators of outcomes that are reasonable predictors of what will occur before you have
complete data. An example indicator to look for in a software development project is inspection
metrics, the statistics about how much time was spent and how many defects were found in
formal inspection data-logging meetings.
Definitions
Planned Value (PV) or Budgeted Cost of Originally planned cost of the work that should
Work Scheduled (BCWS) have been done by this time
Actual Cost (AC) or Actual Cost of Work Actual cost expenses on this project up to this
Performed (ACWP) time
Example
Assume a project that has exactly one task. The task was baselined at 100 hours, but 110 hours
have been spent and the estimate to complete is 10 additional hours. The task was to have been
completed already. Assume an hourly rate of $100 per hour.
• Line of Balance (LOB) is a method of showing the repetitive work that may exist in a
project as a single line on a graph.
• A LOB Chart shows the rate at which the work that makes up all of the activities has to be
undertaken to stay on schedule.
• The relationship of one trade or process to the subsequent trade or process is defined by
the space between the lines.
A simple diagram in which line shows location and time at which a certain crew will be
working on a given operation is known as LOB. It is used on repetitive work such as
constructing multiple dwelling units, when used on linear work such as roads and railways the
technique is more accurately called Time/Location Charts
The purpose of the LOB method is to ensure that the many activities of a repetitive production
process stay “in balance” that is, they are producing at a pace which allows an even flow of the
items produced through a process and at a speed compatible with the goals set forth in a plan.
Advantages of LOB schedule
• Clearly shows the amount of work taking place in a certain area at a specific time of the
project.
• Has the ability to show and optimize the resources used for large number of repeated
activities, executed in several zones or locations.
• Easier cost and time optimization analysis because of all the information available for each
activity in the project.
• Ease of setup and its superior presentation and visualization.
• Easier to modify, update and change the schedule.
• Better managing of all the various sub-contractors in the project.
• Allows for simpler and clearer resource management and resource optimization functions.
• Visualization of productivity and location of crews.
• It allows project managers to see, in the middle of a project, whether they can meet the
schedule if they continue working as they have been.
3.4 Graphical Evaluation and Review Technique (GERT)
Graphical Evaluation and Review Technique, commonly known as GERT, is a network
analysis technique used in project management that allows probabilistic treatment of both
network logic and estimation of activity duration. The technique was first described in 1966 by
Dr. Alan B. Pritsker of Purdue University and W.W. Happ.
Advantages:
• GERT approach addresses the majority of the limitations associated with PERT/CPM
technique. GERT allows loops between tasks.
• Allows for conditional and probabilistic treatment of logical relationships
• GERT considers both deterministic and probabilistic branching unlike PERT. It
incorporates both in the network analysis.
• GERT allows additional branching features not provided by CPM or PERT.
Disadvantages:
• GERT technique is the complex programme (Monte Carlo simulation) required to model
the GERT system.
Scope Management
If a project is allowed to change freely, the rate of change will exceed the rate of progress.
Every project needs change control; otherwise, things will get out of control
rather quickly. One of the worst things that can happen to a project is "scope creep," where the
requirements seem to balloon out of control, usually slowly, until the balloon bursts and they
exceed the capacity of the team and the time available to satisfy them. So, you need a scope
control system to keep things under control. A scope control system is just a change control
system focused
on scope management. The basic elements of a change control system are:
• a means of identification and nomenclature figuring out a plan for naming things, to
avoid confusion;
• a process for managing baselines and processing changes, to keep versions straight and
owners identified;
• a way to report the current status of any or all items, for handling inquiries about items
or summaries; and
• a periodic audit or review process, to ensure integrity of the data you have.
Successful project control is good change control. Some guidelines to follow are listed here:
• All project contracts or agreements must include a description of how changes to it will
be handled.
• All change orders must be approved by the appropriate signature authority.
• All project artifacts must be amended with the impact of approved changes.
• Any change to a project artifact requires a captured change control request or change
order.
Flexibility Matrix
It is also useful for change management control to prepare a decision-making matrix
beforehand so that decisions can be made regarding trade-offs when they occur. This is often
called a flexibility matrix, and it helps the team choose more effectively. It is best to discuss
which of the three main items in the triple constraint are most flexible and least flexible with
regard to the conditions on this particular project.
A Sample Flexibility Matrix
matrix in the figure, the least flexible parameter is the schedule. The team must hold to the
schedule. However, the team can hold to it by increasing resources, if necessary, and possibly
by reducing scope. Deciding how to decide for the project at the beginning of the project can
make for fewer arguments later.
• As projects continue over time, they consume indirect costs, including the cost of
facilities, equipment, and machinery, interest on investment, utilities, labor, personnel
costs, and the loss of skills and labor from members of the project team who are not
working at their regular jobs.
• Financial penalties for not completing a project on time were also incurred. For example,
many construction contracts and government contracts have penalty clauses for exceeding
the project completion date.
• Project crashing costs and indirect costs have an inverse relationship; crashing costs are
highest when the project is shortened, whereas indirect costs increase as the project
duration increases. This time-cost relationship is illustrated in the above figure. The best,
or optimal, project time is at the minimum point on the total cost curve.
Project crashing Example:
Critical path for the house building network in following figure is activities 1-2-3-4-6-7 and
the project duration was 9 months, or 36 weeks. Suppose the home builder needed the house
in 30 weeks and wanted to know how much extra cost would be incurred to complete the house
by this time.
Following table represents the time and costs before and after project crashing
The total cost of crashing the project to 30 weeks is 2,500. The contractor could inform the
customer that an additional cost of only 2,500 would be incurred to finish the house in 30
weeks.
Risk
The word risk originates from the Italian term risicare. Risicare means to dare. It is a science
based on theory of probability. The risk is understood as the possibility of loss. Risk is
identified, its possibility of occurrence is expressed in probability, and consequence of the
risk is measured in loss.
The monetary impact of the loss is a quantitative measure of risk impact. The risk is
perceived as high or low in terms of its exposure, defined as the product of the probability of
its occurrence multiplied by the potential loss.
Risk is handled by different people in different ways based on their preferences and attitude
towards risk. People differ in their tolerance to risk. The difference occurs due to the different
utility functions on which exposure is measured.
A person’s utility function reveals whether he or she is risk adverse, risk seeking, or risk
neutral. Risk is managed through strategies. The strategies are of two types, one ‘reactive’
and the other ‘proactive’. Reactive strategies are the ones that are applied when risk occurs,
whereas proactive strategies are the ones that are applied in anticipation of risk. Like any
other business function risk also needs to be managed properly through a process called risk
management.
Risk Management(CRM)
RM is a process made up of the following steps: risk identification, risk analysis, risk
assessment, risk planning, risk monitoring and risk mitigation. RM resolves the risk scenario
through these steps.
RM is a scientific process based on the application of game theory, decision theory, probability
theory and utility theory. Risk scenarios may emerge out of management challenges and
technical challenges in achieving specific goals and objectives.
RM must be performed regularly throughout the achievement life cycle. Risks are dynamic, as
they change over time. RM should not be regarded as an activity integral to the main process
of achieving specific goals and objectives. Risk and its management should not be treated as
an activity outside the main process of achievement. Risk is managed best when RM is
implemented as a mainstream function in the software development and goal achievement
process.
Introduction to Software Risk(SR)
Software risk is a measure of the probability of its occurrence and the loss due to its exposure.
The SR affects the process of development, project development, and software product itself.
The SR is possible in software process, project and product management.
Software risk arises due to uncertainties in management and the ineffectiveness of technical
procedures.
Types of Risks
Software Project Risk mainly concerns the quality characteristics of the software product.
This originates from the conditions such as unstable requirement specifications, not being
able to meet the design specifications affecting software performance and uncertain test
specifications. In view of the software product risk, there is a risk of losing the business and
facing strained customer relations.
Though these risks are identified and put into three classes, they have a close relationship
with each other. For example, if there is an uncertainty in requirement specification, it gives
rise to software product risk of not meeting the customer acceptance standards. Further, it
affects the resource estimation, as requirements are not known completely in clear terms
giving rise to project management risk. Once there is uncertainty about requirement, there is
also uncertainty about the process of development affecting the schedule. The risk of not able
to deliver the product on time sets in.
The nature of risk and its class are, however, fixed, and they are stated below:
Technology Risks
(Unpredictable) These risks fall in the domain of hardware, software and network
communication technology, which are subject to continuous
improvement and may lead to obsolescence.
People Risks
(Known) These risks are associated with persons in the teams and risk
concerns availability, capability, skills, maturity and so on.
Organizational Risks
(Predictable) These are in the area of development organization and customer
organization. The environment in both the organizations is a matter
of concern.
Requirement Risks
(Known) This is about clarity, completeness and confirmation of the
requirement by the end users and customer. It is about the volatility
of the requirement.
Estimation Risks
(Known) Not being able to judge in precise terms the component of the
software, reusability and system characteristics affecting the size,
effort and schedule.
Predictable risks are the ones that can be identified based on past experience in development.
The examples are people, organizational and technology risks.
The unpredictable risks are the ones that appear suddenly and out of the blue. They are
technology, obsolescence, business and management change.
The objective of viewing the risk by nature, type or category is to identify all of them and deal
with them effectively. Experience reveals that risk incidence is spread over the entire life cycle
of software development. Due to the complex nature of software risks operating throughout the
life cycle of development, Software Risk Management (SRM) becomes an essential and
integral component of the software development.
Software Risk Management(SRM)
plan, risk
Identify the risk analyze resolution
startegy
Risk Analysis b (RA) is a process that defines activities and methods to estimate and evaluate
risk. In estimation, the probability of occurrence is estimated and its consequence. In
evaluation, the risk options against certain criteria are discussed.
The risk analysis process begin with list of risks obtained from the earlier process of risk
identification. Each risk from this list is taken for estimation and evaluation. To act on this
step, the organization needs an evaluation criteria and the risk database. First, the probability
and consequence is estimated and then the risk Exposure (RE) determined.
The risk analysis process begins with list of risks obtained from the earlier process of risk
identification. Each risk from this list is taken for estimation and evaluation. To act on this
step, the organization needs an evaluation criteria and the risk database. First, the probability
and consequence is estimated and then the Risk Exposure (RE) determined.
For example, the customer environment suggests that the stability of requirement
specification is very low.
This is also the experience of the project team with this particular customer. Hence, identified
risk, a critical requirement may be missing or may change radically .Based on the risk
database and customer experience, probability is 0.50. The loss due to this risk occurrence is
a waste of three man-month effort, amounting to a loss of Rs. 1.5 lakhs. Hence, risk exposure
is
Based on this criterion of risk exposure, it is determined whether it is low, Moderate or high
and considered against the time frame as short, medium and long term. Both these attributes
are evaluated on common criteria known as risk severity. The following table shows the
index of risk severity.
timeframe Risk exposure
LOW Moderate High
short 5 2 1
Medium 7 4 3
long 9 8 6
Based on the risk severity criteria, the risks are prioritized for action Index “1” for a short-term
time frame and high risk exposure is considered the highest risk severity. Index ‘9’ is termed
as the lowest because of the low exposure and long-term time frame. When you evaluate all
risks by these criteria, they come under a common platform, irrespective of whether the risk is
of project, product or process.
At the end of risk analysis, you get a prioritized risk list with probability, risk exposure, and
risk severity. This forms the basis for constructing a risk action plan for resolution.
The risk plan proposes various actions to deal with the risks identified and analyzed in the
earlier processes. The output of the process is the Risk Action Plan (RAP).
RAP takes as input the Prioritized Risk List based on risk severity, and determines resolution
strategies for each one on the list. The risk resolution strategies suggested by Ellan H. Hall a
researcher and author of the book on Risk management are:
• Risk Acceptance
• Risk Protection
• Risk Reduction
• Risk Transfer
• Risk Reserves
• Risk Avoidance
• Risk Research
Risk Acceptance: this strategy is chosen when you have no choice but to live with risk and
face the consequences.
Risk Protection: This strategy is chosen when there is a possibility to reduce the probability
of occurrence and the consequential loss. For example, you may hire a temporary consultant
to provide domain knowledge support or the skills required to reduce process delay and
product risk.
Risk Reduction: This strategy is chosen over and above risk protection. Based on a cost
benefit analysis, the organization may take such actions that risk incidence is reduced, giving
rise to major reduction in the consequential loss.
Risk Transfer: This strategy is chosen when it is possible to transfer the risk to somebody
else. You may choose outstanding, subcontracting, buying a resource or tool, taking
insurance as a risk transfer strategy.
Risk Avoidance: This strategy is chosen to eliminate risk altogether or by pass it altogether.
This strategy is chosen when you are in lose lose situation. You will deal with the sources of
risk to avoid or eliminate them by management actions.
Risk Research: This strategy is chosen to reduce the risk by seeking more information about
it for better evaluation, and also to deal with it effectively. The firm may, for example,
conduct a proof of concept exercise or experiment to reduce the volatility of the requirement
specifications. Another example is that the organization may seek more information from
genuine resources on new products or the introduction of new technology. Based on this
information, the index of severity will be reduced, and the action plan changed accordingly.
The process has an input on risk status from the project team and from various MIS reports
on software development addressing the issues of schedule, cost, delivery and quality. Thee
output of the tracking process is evaluation of exposure, severity and triggers to act where
necessary.
For example, risk of delay in delivery is a high severity risk. Assume that over 100 activities
are involved which affects the delivery. So threshold for these activities is a delay of 15% in
completion. If delay exceeds 15% it should be reported through MIS for action.
It is important to note that risk occurrence is a possibility at any time. The original estimates
and forecasts on occurrence, exposure, timing may change during the life cycle, and tracking
risk becomes an essential activity in risk management system, and has to be made integrated
activity in software development plan.
SRM handles each risk based on its severity and suggests resolution strategy. Organization
needs a SRM plan for all identified to track, measure, monitor and trigger action to contain the
risk impact. This is known as Risk Mitigation, Monitoring and Management (RMMM) plan.
Risk Mitigation Planning
Risk mitigation or reducing the impact of risk is done through an RMMM plan. An RMMM
plan deals with mitigation, monitoring and management of risks in a systematic manner. The
steps in an RMMM plan are as under.
• Prepare a prioritized risk list based on risk exposure and its severity index
• Determine risk resolution strategy for each risk
• Design an action plan based on resolution strategy to deal with risk
• Institute a monitoring plan through systematic review , and MIS reports on risks integrated
into software development MIS reports
• Take corrective measures to control the impact.