Java , Jsp, J2Ee, Struts, Servlets And Jboss Ecommerce Web Hosting

Chapter 5: Planning for Software Project Risks 123 Figure 5-5: The V model uses a series of tests for each completed phase to move the project forward. Using the V model This model is called the V model because, well, because the progression of the project forms a V. Look at Figure 5-5; see the V? This is a risk-averse development model because the completion of each phase prompts a corresponding test phase. Before the project moves forward, the test must be passed. This model is technically an expansion of the waterfall model, with added verification and testing. Like the waterfall model, each phase creates documentation of what s been completed in the project. Here s a breakdown of the V model progression: 1. Set the project requirements. The project requirements are identified and agreed upon by the project manager, the project sponsor, and other key stakeholders. 2. Design the architecture. The requirements are decomposed into functions and system components, and the project estimates for time and costs are updated. The refined estimates must be approved by the customer or the project s management team before the project moves forward. Requirements Phase Architectural Design Phase Detailed Design Phase Implementation System Test Phase Integration Test Phase Unit Test Phase Requirements Functional Specs Design Specs Code Unit Test Records Integration Test Records System Test Records verifies verifies verifies
Note: In case you are looking for affordable and reliable webhost to host and run your j2ee application check Vision j2ee hosting services

122 Part II: Planning Your Software Project Here s the general approach: 1. Set a goal. In the goal-setting phase, all the stakeholders work together to determine the goals, constraints, and alternatives for the project completion. 2. Conduct alternative investigations. The purpose here is to investigate all of the possibilities to best achieve the project goals. In some organizations, you may create a feasibility study at this stage. 3. Conduct risk management. Remember all that business earlier in this chapter about qualitative and quantitative risk analysis? This is it. You and the stakeholders have to examine, rank, and score all the project risks. Examining and ranking risks is a key activity for the spiral model because this process helps you and the project team to arrange the subprojects. 4. Create the deliverables. Based on the goals, alternative identification, and risk management, the project team creates a deliverable for this subproject. Each subproject delivers something that enables the project to move to the next iteration of the process. When you re starting out, the first deliverable may just be the verification of the goals, feasibility, and risk assessment. 5. Plan the next iteration. As the project moves forward, you plan the next iteration of the software. This includes business like fixing bugs, adding new features, and making other improvements. 6. Determine what to do next. Based on the previous step, you determine what needs to happen next. After you make that determination, you move all the way back to step one and move through these steps with the next subproject. Although we readily admit that this approach is one of our favorites, we also acknowledge that it s tough to implement. Change- and process-averse project managers may find this model challenging. It s time consuming to implement, but it creates good software. Some companies use this approach for the first few iterations of a software release and then all future iterations move in the waterfall approach.
Note: In case you are looking for affordable and reliable webhost to host and run your business application check Vision php5 hosting services

Chapter 5: Planning for Software Project Risks 121 Figure 5-4: The spiral model uses iterations to move the project to completion. Using the spiral model The spiral model is the safest, or most risk adverse, model available. An organization that uses the spiral model examines the project as a whole and then breaks down the project into subprojects, each of which are categorized by risks. The subprojects are then organized from risk heavy to risk lean. With the spiral model, you tackle the areas of the project where most of the toughest risks are first. This approach, which is frankly our favorite, hits the project risks head-on and then moves on to the next risk-laden subproject. We like this approach so much because there s nothing more frustrating than investing months in a project only to have it roadblocked by giant risks in month seven. With this approach, everyone knows whether the project can succeed right away based on the team s ability to plow through the hardest risks first. This model builds confidence and gains momentum. The logic is simple: If these are the toughest risks, then the project will only get easier from here. And it usually does. So why s it called a spiral model? Take a look at Figure 5-4; see how the project starts at the center and spirals out like a cinnamon roll? The completion of each subproject enables the project to move on to the next subproject until the project spirals all the way out to the release. Start Requirements Conceptual Design Architectural Design Risk Analysis Risk Analysis Prototype Prototype Simulations Models Software Requirements Requirements Validation Development Plan Development Design Development Validation Progress to next iteration Costs Progress
Note: If you are looking for high quality webhost to host and run your jsp application check Vision jsp web hosting services

120 Part II: Planning Your Software Project With the completion of each phase comes a new stage, with the product of the phase transitioning (just like a waterfall) into the next phase. Here s the progression: 1. Come up with a concept. In phase one, you and the stakeholders build the concept document, which explains the goals and constraints (such as time and cost) of the project, and a rough order of magnitude estimate (ROM) is created. We discuss ROM in more detail in Chapter 9. 2. Determine the requirements. In phase two, using the concept document, the project team completes the document that details the requirements of the project deliverables. This document includes all of the systems, technologies, and technical interfaces for the deliverables. The requirements document is really the progressively elaborated version of the concept document. (How s that for jargon?) 3. Create a high-level design. You may hear the high-level design phase (phase three) referred to as the satellite point of view or the view from 20,000 feet. Whatever. The high-level phase consists of the big architectural building blocks of the software you re creating. The high-level design document defines how programmers will implement the requirements document. See an evolution here? 4. Narrow down the design to create a detailed design. Ah, now we re getting somewhere. In phase four, based on the high-level design document, you and the programmers can get into the details of how the application will be developed. The output of this phase? You guessed it: the detailed design document. 5. Code implementation phase. In phase five, it s time to follow the documents you ve created with your project team by actually coding. This phase usually includes unit testing to ensure that what s being built actually follows all the documents created up until now. 6. Testing phase. At this stage, you test the entire application to ensure that all the units are coded and working as expected before your customers see it. This is the quality control phase. If you find problems, then you ve got more work to do. The goal of this phase, of course, is to keep mistakes out of the customers hands. When all is well, the deliverable is released. At first glance this looks like a rock-solid model, and it can be. However, the risk with this model is that if changes trickle, or flood, into the project, you basically have to start over. This is because the project is founded on the original capture of the project vision, the requirements, and so on. Changes to the fundamentals can (and will) affect how the application is built. And then troubles ensue.
Note: If you are looking for best quality webspace to host and run your tomcat application check Vision shared web hosting services

Chapter 5: Planning for Software Project Risks 119 You can find dozens of software development models. Each of them has pros and cons, but one thing is always true: Whichever model you use must be accepted and followed by everyone, from the management team to the project team and the stakeholders. It doesn t do anyone much good to have a model and not follow it. The following sections describe the most popular software models on a continuum from risk-enriched models (high-risk approaches) to risk-averse models (relatively risk-free approaches). There s no such thing as an organization that doesn t have a software development model. Even if it s patched together and made up as the project moves along, it s a model. The point of any model is to reduce the risk of failure. Using the waterfall model If you ve ever taken a programming class, you ve encountered the classic waterfall approach to programming. In case you were lucky, and never had to take a programming class, here s the deal: The waterfall model uses a series of phases to move the project along. Each phase creates a deliverable, usually a document that captures what the phase has accomplished. Figure 5-3 shows the progression of the model. Concept Phase Requirements Phase High-Level Design Detailed Design Phase Implementation Phase Testing Phase Project Release Figure 5-3: The waterfall model follows a series of phases to reach completion.
Note: In case you are looking for affordable webhost to host and run your servlet application check Vision ecommerce web hosting services

118 Part II: Planning Your Software Project The impact of each risk is quantified by a negative dollar amount or by an assessment of time lost, though some organizations turn time into dollars. This negative dollar amount represents the cost the project will incur if the risk event occurs. Notice that the rebate from the manufacturer risk will actually save the project $1,000 if it comes to fruition. The sum of the risk event values, both positive and negative, is the amount of contingency funds that should be reserved for this project. Don t get too excited that the amount of the contingency reserve is less than the sum of all the risks. The probability for all of the risks occurring is not 100 percent, so you won t get 100 percent of the dollar amount associated with each risk. You re banking that some of the risk events will occur and some of the events won t. Using Software Models for Risk Management Within software project management, there are models that help the project manager alleviate the biggest risk of them all failure. Models are adapted from grandfather programs, serious thought and planning, or they evolve based on past experience. Whatever approach you or your organization takes, the model needs to be documented, and the rules need to be defined and then followed. Avoiding the code-and-fix model The code-and-fix model of risk management understand the operation, so they hack away is hardly a model at all, but we remain amazed until the cash and time dribbles away or light- at how often we discover its use when we ning strikes and they declare, It s alive! consult with various companies. The code-and- The code part comes first, and it s followed by fix model is reactionary and it s rubbish. rounds (and rounds) of fixing. This model, if you Basically, you start out with a dreamy set of really want to call it that, is weak, weak, weak. requirements and willing programmers. The It might be ideal for an afternoon of prototyping project manager and the project team meet, yak or playing what-ifs, but it s a risk-enriched about the software, and then coding begins. approach (that is an approach that is chock-full Everyone holds their breath like they re in of risks); in fact, it s the highest-risk model you the waiting room of the hospital. The program-can use in software development. Avoid it like, mers are the surgeons, but they really don t well, just avoid it.
Note: In case you are looking for affordable webhost to host and run your servlet application check Vision make web site services

Chapter 5: Planning for Software Project Risks 117 quantitative analysis because of the time and cost involved to do it correctly. It s up to you to convince them that it s worth the extra effort. The investment in completing the interviews, prototypes, and simulations is generally much smaller than responding to the crushing effects on a project s time and cost baselines if a risk is realized. Here s a trick to remember the difference between qualitative and quantitative analyses: Qualitative analysis means that you re describing the qualities of the risks; quantitative analysis gives a quantity, usually a number, and often with a dollar sign next to it, of the impacts of those risks. Qualitative analysis is better for smaller projects (under $100,000 and shorter than three months). Larger projects, with more money at stake and longer durations, require more quantitative analysis. Creating a Contingency Reserve Quantitative analysis also uses a risk impact matrix, like qualitative analysis, though a cardinal scale is mostly used here (see Ranking risks, earlier in this chapter). This risk impact matrix also quantifies the dollars or time the project stands to lose, or gain, because of the risk. What the project needs is a contingency reserve that will alleviate the expenses of the risks should they come into fruition. You know how much to set aside for this contingency reserve by using the quantitative risk impact matrix. Table 5-2 gives you an idea of what a matrix might reveal. Table 5-2 Sample Quantitative Risk Impact Matrix Risk Probability Impact Risk Score Server crashes .10 ($5,000) ($500) Lack of developers .90 ($80,000) ($72,000) Firmware changes .20 (10 days) (2 days) Requirement to install service packs .70 ($2,000) ($1,400) Rebate from Manufacturer (risk opportunity) .80 $1,000 $800 Contingency reserve needed $73,100
Note: In case you are looking for affordable and reliable webhost to host and run your j2ee application check Vision j2ee hosting services

116 Part II: Planning Your Software Project Table 5-1 Sample Qualitative Risk Impact Matrix Risk Probability Impact Risk Score Server crashes Low Medium Low Lack of developers High Medium High Firmware changes Low Medium Low Requirement to install service packs High Medium Medium Meteorites strike company Low Low Low headquarters As you can probably guess, rating impact can be a subjective process, but as long as you re not doing your risk assessment in a vacuum, the subjectivity isn t likely to bring your project down. Calm down; you re probably safe. With the help of your team members to assign the probability and impact, you can apply multiple perspectives in your rankings. There s not a ton of proof that any of these risks are more or less likely to occur, but don t underestimate the experience of project team members and stakeholders. Prepare for some heated discussions on why a risk is rated Medium instead of High. Remind the participants that this is only the first round of risk analysis and that scores can change. When everyone agrees on the ranking of each of the risks, you must determine which risks are small enough to accept and which risks need more analysis. Usually risks with a medium or greater ranking qualify for quantitative analysis. Relying on Quantitative Analysis Quantitative analysis is the process of measuring your risk exposure. Quantification requires more than going with your gut feeling; you need to conduct interviews, set up prototypes, do expert analysis, and set up simulations. As you can guess, quantitative analysis takes time and usually some investment. Someone has to interview the stakeholders. Someone has to create the prototype, the simulations, and complete the analysis. Some stakeholders, customers, and project managers are likely to argue against completing a
Note: In case you are looking for affordable webhost to host and run your servlet application check Vision mysql5 web hosting services

Chapter 5: Planning for Software Project Risks 115 Eight risks every software project has Every project has risks, but software projects Feasibility. Some projects are unrealistic. are special. You face several risks in every soft-Expectations for the project scope, schedware project endeavor you manage. Here are ule, and budget may be completely flawed. the biggies: It s the project manager s job to identify the unfeasible aspects of a project or face the Time. You need to be realistic about time consequences. estimates. Making an overly eager time estimate is a risk that could haunt you Quality. What good is a project if it s comthroughout the project. As the project team pleted on time and on budget but the soft- struggles to meet the deadlines, quality ware is full of bugs, errors, and crashes could suffer, which means work may need all the time? Quality is the successful comto be redone and more delays. We discuss pletion of the project scope, not just the time management in Chapter 8. consumption of the project budget and schedule. We discuss quality in Chapter 6. Costs. In software development your largest expense is usually tied to the developers Stakeholder expectations. Managing time. If the time estimates are invalid, so stakeholder expectations is an ongoing then will be the cost estimates. As costs process you ll do this through your combegin to pile up, stakeholders, primarily munication (see Chapter 4). From the management, begin to lose faith in you, moment of the project launch, you must putting pressure on you to push the project work alongside the stakeholders to capture team harder to complete the project. The their vision for the project deliverable and result can be more errors, lost time, and lost then document that vision into requirements, dollars. We discuss cost management in architecture, and execution. Throughout the Chapter 9. project, constant communication ensures that the project is moving in alignment with Scope. Scope is the agreed body of work the expectations of the stakeholders. that the project will capture. Scope creep, often also called mission creep, is project Human Resources. Knowledgeable tech- poison. When stakeholders begin to sneak nical resources are in great demand. You in little change requests that circumvent run the risk of your top developers being the identified change request system, both recruited by other firms. What steps are you time and cost are affected. Scope changes taking toward employee retention? can also stem from the project team not Technical accuracy. If your project team having a clear understanding of what s con doesn t know how to create the deliverable sidered in scope and what s out of scope. that the stakeholder is expecting, this is a As a rule, you should decline any changes risk. The project team must be trained and to scope unless they are absolutely neces developed in order to reach the project con sary. Changes to scope must be reflected in clusion that you and the stakeholder are the time and cost estimates. We discuss expecting. Team development is discussed scope changes in Chapter 13. in Chapter 7.
Note: If you are looking for high quality webhost to host and run your jsp application check Vision florida web design services

114 Part II: Planning Your Software Project The method you use to gather information and identify risks is not as important as the fact that you are obtaining as much information as possible. For these risk identification exercises, put the emphasis on quantity. More is better. If a risk is not identified, it is accepted by default. Brainstorming During the first stage of risk identification, you should brainstorm. The crucial element of a brainstorm is spontaneity. Anything goes; no risk is too far out there. Include any conceivable risk that could threaten the project s success: server crashes, software failures, lost backup, weather, travel delays, meteorites, and so on. Ideally, your brainstorming session should be done in a big meeting with all the key stakeholders present. Trying to handle such an assessment via e-mail can really be a pain. Besides, the synergy of one identified risk can spur another team member to think of another risk. The qualitative risk party is a blast, especially if you have a whiteboard and lots of colorful dry erase markers. Following the Delphi method Another method of identifying project risks is to use the Delphi method. This allows stakeholders to anonymously offer their input into identifying risks. They can send their suggestions via e-mail to one person who will then consolidate the information into one document without naming the source of the information. Ranking risks After you and the key stakeholders identify all the risks you can think of, you need to rank them. We suggest ranking project risks by using a risk impact matrix. You can use two different approaches to risk ranking: Ordinal: This assessment simply ranks risks as high, medium, or low. Most folks use ordinal for the first round of risk analysis. Cardinal: When you use this ranking system, you assign scores with hard numbers, like .67 or .99. With each risk, you and your project team, and sometimes the key stakeholders, need to follow these steps: 1. Evaluate the probability of the risk actually happening and assign that risk a score. 2. Score the impact of each risk. 3. Multiply the probability and the impact to get a risk score. Table 5-1 gives you a quick example of a risk rating matrix. In this example, we used an ordinal scoring method because it s a bit more tangible.
Note: If you are looking for best quality webspace to host and run your tomcat application check Vision personal web hosting services