DEPARTMENT OF COMPUTER SCIENCE

UBIT – UNIVERSITY OF KARACHI

COURSEWORK HANDOUT
Course Code: SE 610
Course Title: Management Risks and Decision Support Systems
Course Instructor: Ms Farzeen Ashfaq

Handout Date: 18th October 2019

Submission Date: 25th November 2019

This assignment contributes 30 % marks (including the final presentation) towards your final
grade in the course. This coursework is a group work (only 3-4 students per group)

In this assignment task you are required to answer a number of questions in order to evaluate
the risk Management process you completed in relation to the case study given.

You are required to set up the Risk Management Report and record all the documents you
have created for the risk assessment and risk control phase.

For the completion of few tasks you may are allowed to make few assumptions but should
mention the assumed scenarios.

QUESTIONS [ RELATED TO CASESTUDY]

Q1. Why is it important for the department to carry out risk management?

Q2. Identify the potential opportunities (positive risks) and threats (negative risks) that the
department may face during the project development phase
.
Q3. State in your opinion would be the potential owners for the identified risks.

Q4. Explain, by means of specific examples, how the management of (any) 2 negative risk
events could help to optimize achievement of project objectives.

Q5. Explain why it is important for a risk management process to cover both threat and
opportunity. Make sure that you justify your reasons

Q6. Prepare a draft risk management plan, completing all sections with information obtained
from the case study.
The report should include following as major portions (in relation to the risk management for the
attached case study):

State the main objective and success criteria for 2 marks

the project
Purpose and scope of the risk management 2 marks
Risk management organization 3 marks
Risk management methodology adopted 3 marks
List 10 stakeholders (internal and external) in the 5 marks
project.
An analysis of the Strengths and weaknesses of 3 marks
the project in the form of SWOT analysis matrix.
Identify at least 10 risks (both positive and 10 marks
negative) that may occur on this project. Ensure
that the risks are noted in the proper risk register
format.
For each risk design the risk-event-effect table. 2 marks
Calculate the risk exposure for each risk and 3 marks
record it in the risk register.
Draw the Risk Analysis/Probability-Impact Matrix 5 marks
Identify risk response for each risk and reason for 5 marks
selecting that response.
Record the risk contingency/mitigation actions in 5 marks
the risk register.
Indicators and triggers that will be monitored and 5 marks
treated as the early warning signs for each risk in
risk register.
Select appropriate risk model (FMEA, risk 5 marks
simulation) and write the reason for adopting
model(s).
Complete the risk action plan 5 marks
Recommendations & Conclusions 2 marks
Total 65 marks

IMPORTANT There are no marks to be gained by simply copying material from the internet. Marks are only
awarded for the candidates demonstrating understanding what should be in Risk Management Plan for this
specific case study.
Marks will be awarded on the following criteria
A. Inclusion of • Inclusion of • EXCEPTIONAL: if all
Required Content
elements and required elements and topics
required topics in are covered with a fully
the assignment complete, correct, and well-
description. worded presentation.
• Quality and • INADEQUATE: if the
correctness of majority of content is missing
description and and description is not
presentation of complete or correct.
topics. • MINIMALLY ADEQUATE to
• Innovative ideas to VERY GOOD: for lack of
address risks that inclusion of content and/or
are specific to the quality/correctness
project and the deficiencies between the
client. “Exceptional” and
“Inadequate” categories
described above.

B. Overall Document • Effectiveness of • EXCEPTIONAL: for an

Organization
document extremely well-organized and
organization presented document, that
including section easily conveys meaning and
and subsection message to reader.
arrangement. • INADEQUATE: if organization
• Logical and logical progression, is so
progression of deficient that content and
content allowing message is significantly lost
reader to easily on the reader.
follow discussion. • MINIMALLY ADEQUATE to
• Integration of Risk VERY GOOD: for
Management Plan organization and/or logical
with other progression deficiencies
assignments such between the “Exceptional”
as WBS, PERT and “Inadequate” categories
etc. described above

C. Quality/Clarity of • Writing quality and • EXCEPTIONAL: for a very

Writing
clarity refers to clear, extremely well-written
how well and document, with no or
effectively words insignificant problems in word
and sentences to choice, grammar, etc.
 convey meaning to • INADEQUATE: with
the reader significant, frequent problems
including the in introduction, word choice,
following: sentence construction,
• Statement of grammar, and length
purpose and • MINIMALLY ADEQUATE to
introduction that VERY GOOD: for deficiencies
sets context for in writing quality of clarity
rest of document between the “Exceptional”
• Good, appropriate and “Inadequate” categories
choice of words. described above.

• Sentence
construction and
lack of grammar
and syntax
problems.
• Concise and to the
point without
redundancy.
• Length
appropriate to the
stated
requirements
without
significantly
exceeding stated
word count

D. Format Quality • Well-formatted • EXCEPTIONAL: for an

document helps extremely well-formatted
convey content document which is attractive;
and meaning to uses very effective text, table,
the reading. and graphic formatting; format
Important format rules are applied consistently
parameters throughout; and overall
include: presentation makes it easy for
• Inclusion of cover the reader to navigate and
page. grasp content.

• Use of numbering • INADEQUATE: with

for sections and significant and frequent
subsections. problems in multiple format
parameters to the point where
• Choice of fonts
(type, style, size
 for headings and the document is distracting
body). and very hard to understand.
• Table and figure • MINIMALLY ADEQUATE to
format (consistent VERY GOOD: for deficiencies
and easy to read in selection of format rules and
and digest). their consistent application
• Tables and figures between the “Exceptional”
are numbered and and “Inadequate” categories
referenced in the described above
body of document.
• Table column
width and row
height setting and
effective use of
table borders and
shading,
• Bullet point list
spacing consistent
and easy to
interpret bulleted
entries.
• Overall vertical
and horizontal
spacing (line
spacing, indents,
etc.).
• Page breaking in
manner that
avoids disruption
of content.
• Spelling
• Overall
consistency of
format throughout
document.
CASE STUDY
The UBIT would like to launch online student’s portal for their Computer Science Department called
as UBIT Information System (UBITIS). The new database for students records and courses
handles all the processes previously managed independently by the admissions, examinations and
other department. The information system will integrate all the sub-departments within the main
department like library, laboratories, administration, admissions, examinations and accounts.

The UBITIS will increase efficiency with single entry of data into one database, greater consistency
of practice across the department, newly automated processes, better data management and
reporting, and improvements to the student experience. Previously there had been limited
functionality and the IS will allow UBIT to be much more flexible and thorough in its work.

The UBIT Information systems board will oversees the implementation of the IS project. The board
is a committee of the Information Systems Board and is chaired by the Department’s Chairman.

The University no doubt requires to develop state-of-the-art infrastructure to meet the academic
and administrative needs such as computer networks to connect all offices and laboratories
together, computer servers, PCs, high-speed internet connection, and software tools.

But currently the department has several key challenges which might generate potential risks
during the implementation and the deployment phase. Few of the challenges include;

1) University of Karachi is a government organization. The key issue is that, given pre-
existing functionality, the university need to make significant strategic and tactical
decisions about whether to change the current processes to fit the system or whether to
change the system to fit in the university processes.
2) The IS projects are mostly at risk of time, budge and cost.
3) The project is planned to be implemented using the traditional waterfall model.
4) The lack of proper infrastructure i.e. poor equipment and not enough resources for training
of the university staff to the new equipment and software system.
5) There is communication gap between the university’s various departments
6) The key decisions need approval from University’s vice chancellor and board of directors,
which frequently delayed
7) Vulnerability of information system security, software deficiency, data security, network
security, operating system security. Also, there is no formal policy on information
technology security.
8) There is an overall resistance on automated system implementation and the old staff is
against this change

Keeping in mind the need of the time the higher management has decided to hire your team as
consultants to facilitate them in performing the risk management’s processes.