You are previewing Waltzing with Bears: Managing Risk on Software Projects.
O'Reilly logo
Waltzing with Bears: Managing Risk on Software Projects

Book Description

This is the digital version of the printed book (Copyright © 2003).

If There’s No Risk On Your Next Project, Don’t Do It.

Greater risk brings greater reward, especially in software development. A company that runs away from risk will soon find itself lagging behind its more adventurous competition. By ignoring the threat of negative outcomes–in the name of positive thinking or a can-do attitude–software managers drive their organizations into the ground.

In Waltzing with Bears, Tom DeMarco and Timothy Lister–the best-selling authors of Peopleware–show readers how to identify and embrace worthwhile risks. Developers are then set free to push the limits.

The authors present the benefits of risk management, including that it makes aggressive risk-taking possible, protects management from getting blindsided, provides minimum-cost downside protection, reveals invisible transfers of responsibility, isolates the failure of a subproject.

Readers are armed with strategies for confronting the most common risks that software projects face: schedule flaws, requirements inflation, turnover, specification breakdown, and under-performance.

Waltzing with Bears will help you mitigate the risks–before they turn into project-killing problems. Risks are out there–and they should be there–but there is a way to manage them.

Table of Contents

  1. About This eBook
  2. Title Page
  3. Copyright Page
  4. Also Available from Dorset House Publishing
  5. Acknowledgments
  6. Dedication Page
  7. Authors’ Note
    1. Voice
    2. Website
    3. Our Title
  8. Contents
  9. Prologue: The Ethics of Belief
  10. Part I: Why
    1. 1. Running Toward Risk
      1. Flight from Opportunity
      2. What’s Different About Today?
      3. Charette’s Risk Escalator
      4. Ignoring Risk
      5. Now What?
    2. 2. Risk Management Is Project Management for Adults
      1. Risk: The Temporary Definition
      2. Risks and Problems
      3. Risk Transitions and Transition Indicators
      4. Mitigation
      5. Example: Risk Management in a School
      6. Component Activities of Risk Management
      7. Once More Over the Same Ground
      8. The Special Challenge of Unthinkable Risk
    3. 3. Denver International Airport Reconsidered
      1. Another Fine Mess
      2. Beyond the Process
      3. Risk Management at DIA
      4. Risk Management Practices Honored in the Breach
      5. So, Who Blew It?
    4. 4. The Case for Risk Management
      1. Risk Management Makes Aggressive Risk-Taking Possible
      2. Risk Management Decriminalizes Risk
      3. Risk Management Sets Up Projects for Success
      4. Risk Management Bounds Uncertainty
      5. Risk Management Provides Minimum-Cost Downside Protection
      6. Risk Management Protects Against Invisible Transfers of Responsibility
      7. Risk Management Can Save Part of a Failed Effort
      8. Risk Management Maximizes Opportunity for Personal Growth
      9. Risk Management Protects Management from Getting Blindsided
      10. Risk Management Focuses Attention Where It Is Needed
  11. Part II: Why Not
    1. 5. The Case Against Risk Management
      1. 1. Our stakeholders are not mature enough to face up to risk.
      2. 2. The extent of uncertainty is just too much.
      3. 3. Explicit windows of uncertainty excuse poor performance.
      4. 4. A “manage for success” approach is better.
      5. 5. The data needed to do risk management effectively is lacking.
      6. 6. Risk management in isolation is dangerous.
    2. 6. The Onus of Uncertainty
      1. “Oh, you mean that oncoming train”
      2. Variation on the Theme
      3. Fortunately, There’s a Vaccine
    3. 7. Luck
      1. “We’ll take our chances on that one.”
      2. “I know April will be tough—that’s why I’m giving the job to you!”
      3. Shocked, Disappointed, and Dismayed
      4. The Indy 500 Analogy
  12. Part III: How
    1. 8. Quantifying Uncertainty
      1. Same Idea in Picture Form
      2. What the Risk Diagram Tells Us About Today’s Common Practices
      3. The Nano-Percent Date
      4. Yes, a Window, but How Much of a Window?
    2. 9. Mechanics of Risk Management
      1. Maybe We’re Not So Bad at Estimating
      2. Yesterday’s Problem
      3. Okay, We Listed the Risks—Now What Do We Do About Them?
      4. Somebody Else’s Risk
      5. Risk Exposure
      6. A Word About Showstoppers
      7. Risk Reserve
      8. Mitigation Costs
      9. Transition Indicators and Transition Monitoring
    3. 10. Risk Management Prescription
      1. What It Means to Do Risk Management
      2. N-Based Scheduling
      3. Commitments and Goals
      4. Uncertainty Trade-Offs
      5. A Note on Publication of the Risk Census
    4. 11. Back to Basics
      1. The Hidden Meaning Behind “I Don’t Know”
      2. Uncertainty Diagrams (Risk Diagrams) Again
      3. A Better Definition of Risk
      4. Characteristics of Risk Diagrams
      5. Aggregate and Causal Risks
      6. Two Kinds of Model
      7. One More Nuance About Risk Diagrams
    5. 12. Tools and Procedures
      1. Complex Mixing
      2. The Monte Carlo Effect
      3. Simulating the Two-Uncertainty Run
      4. The Software Project Risk Model
      5. A Side-Effect of Using Simulation
      6. Alternatives to RISKOLOGY
    6. 13. Core Risks of Software Projects
      1. Risks Common to All Software Projects
      2. Core Risk #1: Schedule Flaw
      3. Core Risk #2: Requirements Inflation
      4. Core Risk #3: Turnover
      5. Core Risk #4: Specification Breakdown
      6. Core Risk #5: Under-Performance
      7. Combined Effect of the Core Risks
      8. Core Risks as an Indicator of Completeness
    7. 14. A Defined Process for Risk Discovery
      1. Naming the Disincentives
      2. The Defined Process
      3. Step 1: Catastrophe Brainstorm
      4. Step 2: Scenario-Building
      5. Step 3: Root Cause Analysis
      6. The WinWin Alternative
    8. 15. Risk Management Dynamics
      1. Risk Management from Comeuppance On
      2. Closure Metrics
      3. Boundary Elements Closure
      4. EVR (First Pass)
    9. 16. Incrementalism for Risk Mitigation
      1. By Incremental Delivery, We Mean . . .
      2. Reactive Incrementalism (the Not-So-Great Approach)
      3. Proactive Incrementalism
      4. Undeliverable Increments
      5. The Incremental Delivery Plan
      6. Calculation and Use of EVR (Pass Two)
      7. Incrementalism: A Summing Up
    10. 17. The Ultimate Risk Mitigation Strategy
      1. The Joke’s On Us
      2. Gutsy and Gutless Management
      3. Why the Early Start Option Is Important Even If You Can’t Do It
  13. Part IV: How Much
    1. 18. Value Quantification
      1. What’s Different Today?
      2. The Question of Accountability
      3. Remedial Moment: The 45,328 Reasons We Can’t Specify Benefits Precisely
      4. Your Company’s Biggest Risks
      5. Five Elements of Benefit Calculation
    2. 19. Value Is Uncertain, Too
      1. Benefit? Well, That Depends . . .
      2. The Market Window
      3. News from the Real World
    3. 20. Sensitivity Analysis
      1. If This Is the Solution, What Is the Problem?
      2. Incremental Value/Cost Analysis
      3. Economies and Diseconomies of Scale
      4. Back to the Real World
    4. 21. Value Offsets Risk
      1. Death-March Projects
      2. Take Risks Justified by Value
    5. 22. Refining the Risk Management Prescription
      1. What It Means to Do Risk Management (Refined and Elaborated)
  14. Part V: Whether or Not
    1. 23. Test for Risk Management
      1. The Did We Really Do Risk Management? Test
  15. Appendix A. The Ethics of Belief, Part 1
  16. Appendix B. Risk Template
  17. References
    1. Recommended Articles
    2. Recommended Books
    3. Recommended Websites
    4. Related References
  18. Index