Heys guys,
as we are working hard on our university app, we need to recover everything we did so far. Check out our re-specification by another blog post summarized by Isi Reitler that is coming up soon.
Also, it is about time checking out our risk management as we proceed further and further and we do not want to get into trouble while or after working on this project.
As we already have some experience in making risk management sheets, we will use our own methods to present our analysis, prevention, and actions to make our project as safe as possible for us, for the grade and, especially, for you here. We want you to use our app with peace of mind in terms of security and risks that may occur in your daily life at DHBW.
So, let’s start with some explanations! Let’s go!
Risk Matrix
As we already mentioned, we use a different scale for our risk analysis. We like to use steps instead of percentages because we have problems in defining these precisely. We go back to some more terms and scales like “impossible”, “probably” or “common”.
In the case of probability, we determine between 6 different grades which you can see in the picture on the right.
What you can see there is our grading regarding the impact of risks or issues. Those follow the same idea as the probability ones but only reach from one (no impact) to four (catastrophic).
If you now look at the matrix and the map legend you can see the total risk in combining those two categories graded by colors.
Green means that there are no actions necessary – the impact is either too low or the risk won’t occur at all.
Yellow means that there are risks that either may occur often or will impact the project or people around it slightly. Those risks are named “mid risks” and already need some preventing actions, so-called ALARP-actions.
ALARP means As Low As Reasonably Practicable and brings us into the situation of evaluating measurements. The goal is to reduce the risk as far as reasonably justifiable if the risk can’t be closed (fully prevented) at all. The actions here are completely risk-specific and require a very detailed risk analysis beforehand.
Red means that those risks are severe and unacceptable and need proper solving in both preventing and handling.These risks usually either jeopardize the project or the people heavily.
Risk Analysis
We thought of some risks that may either harm our project or have already happened and analyzed them with our methods above:
We also made up categories for every risk issue and added preventive measures and actions to make our project as safe as possible.
That’s it from us this week. Let us know if you have any questions or risks that you want us to analyze. We also appreciate your suggestions.
Many thanks, have a good one, see you next time.
Cheers,
Imke “FlyingBabYpsilon” & Robin “RawBean”
Edit
We attached our time tracking sheet for all the use cases we already worked on. We were surprised, that we had so much more effort in handling the requirements of the course than our actual project. But we are still on time so we can look ahead confidently.
6 replies on “A Primer into Risk Management”
Hey guys,
I must admit I am quite jealous (the highest form of flattery!) of the content quality on this blog post. You put in a lot of effort and refreshed my knowledge of the content we already had in class. Great job!
We have quite similar risks, however there were some ones that we missed, e.g. we do not expect the DHBW to close for good.
One thing I might have missed though, is the amount of time you spent in each use case. This was specified in the grading criteria and you might want to add that 🙂
Best regards,
Jonas from unitasks (B2)
Hi Jonas and unitasks,
thanks for your feedback, we already attached our time tracking. We really missed that out. Thanks for your attentive reading.
Also thanks for your feedback on our risk management post. It was quite fun creating it and we maybe will extend the list in the future.
We really made up every extreme or not extreme risk we could imagine during a short period of time and analyzed them afterwards. Well, it’s most unlikely that the DHBW will close for good, but it’s is generally possible. So we just keep it in the list.
Cya around and thanks again,
Cheers,
-RawBean-
Hello there!
Good to see you back on track, let’s hope for some great progress. As Jonas already pointed out, the use case time sheet is missing, please add that.
We think, you switched up the two pics in your post (the matrix is where you say the explanation should be and vice versa), you probably want to fix that.
We like the risks you figured out and how weighed and rated them (although we think a pandemic isn’t “most unlikely” by now). For a better overview of what is actually most important to focus on, sorting them could help. There’s one question we’re wondering on: who of you is responsible to keep track of what risk? Especially who is responsible for the DHBW shutting down (unclear choice of words intended).
See you in the next weeks, stay home, stay safe and
Stay classy,
Ted’s Team
Hi Ted’s Team,
thanks for your detailled feedback.
The pictures are where we wanted them but I can see where your confusion comes from. We should have packed the legend into the matrix picture maybe. We will keep that in mind for our future posts. Thanks.
In our opinion we think that no risk has a higher prio than others because all of the risks shall not occur. So we just want all the risks to be kept in eye.
Also, we do not have one responsible for one risk as we manage our risk by the whole team. If we take “loss of data” as an example, it’s not the owner or the user, who is responsible not to lose their data but everyone has the responsibility to keep everything straight. Even if the git-server may crash at least two members have the code locally. And that’s our way handling it with every risk.
I hope, I could satisfy you with my answers.
Thanks for your feedback and cya around,
Cheers,
-RawBean-
Hey guys,
you did a great job by creating this blog post. I really liked the way you introduced your article. I also like the Idea to take a unique color for each risk level in your table.
The only things I could complain about are already mentioned by Jonas and Ted’s Team.
Kind regards
Tower Defense
Hi TowerShooterz ;),
thanks for your feedback.
We really had fun creating our post this week. If you are interested in more, we published another post this week, so if you want to check out what we are about to change, take a look at our “Reconnected” blog.
Have a nice one, thanks,
Cheers,
-RawBean-