Niwot Ridge Resources

A Source of Information for Mission Critical Systems, Management Processes, and Strategies

Risk Management

Risk management is project management for adults. 

The following reading list is my "working" materials for risk management. Risk management comes and goes in the literature, but some form of risk management is needed on every project.

  • Managing Risk: Methods for Software Systems Development, Elaine Hall, Addison Wesley. This is the best small volume risk management book. Hall is associated with the SEI and presents an SEI oriented view of risk management. There are other views, but this is a good start.

  • Software Risk Management, Barry Boehm, IEEE Computer Society. This is the big volume risk management book. It contains many seminal papers on risk management. It is a bit dated, with courier type faces and facsimiles of documents, but still a good resource book.

  • Project and Program Risk Management: A Guide to Managing Project Risks and Opportunities, Max Wideman, 1998.

  • Making Hard Decisions with Decision Tools, by Robert T. Clemen and Terence Reilly, Duxbury Press, 2001.
  • Risk Management: Concepts and Guidance, 2nd edition, by Carl Pritchard, ESI International, 2001.
  • Practical Risk Assessment for Project Management, by Stephen Grey, John Wiley&Sons, 1995.
  • Project Risk Management: Processes, Techniques and Insights, by Chris Chapman and Stephen Ward, John Wiley & Sons, 1997.
  • Managing Risk: Critical issue for survival and success into the 21st century, Alan Waring and A. Ian Glendon, Thompson Learning, 1998.
  • Stop IT project failures through risk management, by Dan Remenyi, Butterworth Heinemann, 1999.
  • Managing the Software Process, Watts Humphrey, Addison Wesley. This is the foundation of the process improvement process. Humphery is the Chairman of the Software Engineering Institute and along with Barry Boehm are the fathers of the software engineering professional as practiced at TRW both in the height of the aerospace business and today. Other Humphrey books are worth reading as well.

  • Continuous Risk Management Guidebook. This is a bound version of the materials found at the SEI site. As the title says, it is a guidebook for managing risk in the software development domain. The processes described here can be used outside this domain as well. This book can be purchased from the Software Engineering Institute. If you're in the risk management business this is "must have" book, to be read cover to cover and used everyday.

  • Assessment and Control of Software Risks, Capers Jones. This is a primary source book from Capers Jones, who has many other publications relating to risk, metrics and general software management. This text is targeted at large complex project but contains many examples for smaller more agile development processes.

  • Software Engineering Risk Management: Finding Your Path Through the Jungle, Version 1.0, Dale Karolak, IEEE Computer Society. This is a book and software for general risk management. This is better than the Risk Radar from Software Program Managers Network, but it is also expensive ($150.00 or so for non-IEEE members).

  • "Large Scale Project Management is Risk Management," Robert N. Charette, IEEE Software, 13(4), July, 1996, pp. 110–117. Although targeted at large scale projects, the wisdom in this paper can be applied to nearly all projects.

  • Computer Related Risks, Peter Neumann, Addison Wesley, 1995. The book is based on a collection of mishaps and oddities relating to computer technology. It considers what has gone wrong in the past, what is likely to go wrong in the future, and what can be done to minimize the occurrence of further problems.

  • Risk Management for NASA/JPL Genesis Mission: A Case Study

  • Software Cost Risk Estimation and Management at JPL

  • Risk World journal

Home | Search |Site Map | Copyright