How To Identify and Manage Risks In Software Projects

How To Identify and Manage Risks In Software Projects

Robert Wenner
Robert Wenner

June 30, 2022

The 8th Light University Archives Series features engaging, innovative talks featuring 8th Light designers and developers sharing their insights and knowledge. Join as we cultivate a culture of continuous learning.

Every software project worth doing comes with risks. Your ability to respond to those risks depends on how prepared you are. Different risks warrant different strategies, and while teams can avoid or evade risks that are not core to the project, other risks require teams to contain or mitigate them.

The containing strategy requires having the resources to handle the risk when it materializes — including new team members, new server capacity, or new tools. Not all risks can be solved by increasing scale, some require more thoughtful mitigation strategies.

So, how can teams approach project risks and mitigation strategies in a systematic way? In this 8th Light University talk, I discuss how to find risks, what to do about them, and how Agile development practices help us manage risks.

Risks Inherent to All Software Projects

Schedule Flaws

Missed deadlines are risks dependent on planning and estimation of work. All that happens before any code is written. Teams notoriously engage in wishful thinking and make overly optimistic estimates. This makes it important to follow a project plan that adds a buffer, to accommodate inevitable delays.

Plans should also allow for easily overlooked tasks such as spikes, cleanup, andtech debt, which is a risk that starts small, then grows larger the longer it waits.

Agile helps mitigate these risks with regular planning meetings and retros. These intervals allow the team to check their assumptions and change estimates as they learn. They also accommodate regular backlog grooming, helping the team keep eyes on technical debt.

Requirements Inflation

As a project moves along and the system comes to life, teams can lose focus on specific project goals. Project stakeholders will say things like, “But we also need this and that,” or “This looks great, but I meant …” This kind of scope creep is a natural byproduct as a product evolves, but the team must be aware of the tradeoffs that come with adding to requirements.

Agile helps reduce inflation by specifying requirements up front with acceptance criteria and acceptance tests. By holding regular check ins and demos with stakeholders, teams can take control of the system’s evolutions and velocity.

Employee Turnover

Employee turnover is inevitable. People on your team will get pulled onto other teams, other projects, or even other companies. Even much-deserved vacations can disrupt a product’s timeline.

Agile practices like pair programming and frequent release cycles can help developers maximize shared knowledge so progress doesn’t stop when one team member is away. By keeping a “ship anytime” mentality and breaking large features into smaller chunks of work, agile also makes it easier for a new team member to contribute while getting up to speed.

Poor Productivity

Productivity depends on more than motivation. Does your team have the tools, access, and skills needed to do the job? Do you have a subject matter expert who can help remove technical blockers? Is the customer available for questions?

Productivity can change throughout the course of a project, especially if tech debt accumulates. Yesterday’s problem is today’s risk, and poor code quality can derail progress quickly.

Agile practices such as post-mortems (on the project level), and retros (at the iteration level), can help create a culture of knowledge sharing, continual learning, and collaboration, to keep morale, motivation, and code quality high.

How To Prepare For When Risks Become Reality

For each risk your team discovers, write down:

  • Name
  • Indicators of risk materializing
  • Estimated impact of the materialized risk and probability of it materializing
  • Consequences
  • Mitigation actions and contingency actions (both in advance)

These write-ups will help your team think through risks and possible solutions, giving you options in the event of a crisis. They cannot be left to stagnate over time though, and must be continually reviewed and updated throughout the project lifecycle. A project manager can help monitor risks and iterate on risk discovery to catch late-apparent risks.

Even the best plans will run into roadblocks and unexpected delays, so it remains important to follow agile practices that generate quick feedback.

And finally, it is important to stay curious. Ask your peers in other projects, colleagues, and the community at large for their experiences and insights, and use short iterations to fold this wisdom into your product.

Resources for Additional Learning

About 8th Light University

8th Light University (8LU) is a virtual event series curated by 8th Light, a global software consultancy that partners with clients in creating software solutions. Topics focus on improving the craft of software product, design, and development. Software professionals of all skill levels are welcome! Watch past event videos on YouTube, join us at our next 8LU event, or sign up for our newsletter to to find out about upcoming events.