Article: Proactive Risk Management

Posted: 18th May 2012 by Peter DeYoe in Agile Adoption, Agile Methods, Risk Management, Software Development, project management
0

Hello All and Happy Friday,

It’s been a week of reflecting on Risk Management.  Earlier in the week I posted an article summarizing some Expert Thoughts on Risk Management in Agile Projects and yesterday posted a youtube video discussing Proactive Risk Management.

So today I received a tweet from @SusanneMadsen with a link to a very good article on Proactive Risk Management that I thought I would share with you.  Although the author Roger Kastner is not specifically referencing Agile projects, but any project, the principles ring true.  Mr. Kastner writes:

“Proactive Risk Management is a key process that leads to successful projects. Because all projects will be challenged at some point, Proactive Risk Management will enable the successful Project Manager to safeguard their bandwidth to deal with the big, unforeseen issues that knock the project sideways. Contingency is a major piece of Proactive Risk Management because it enables the successful Project Manager to minimize the impact when the project goes sideways and literally buys the project time to recover.”

Read the entire article here

Have a great weekend!

Pete

Progressive Risk Management in Agile projects

Posted: 17th May 2012 by Peter DeYoe in Agile Adoption, Agile Methods, Application Development, Business Partnerships, Risk Management, management, project management, scrum
0

Hi Everyone,

I wrote an article yesterday that deals with Risk Management on an Agile software development project.  I found this youtube video that I thought was interesting and highly relevant.  In the video, the author explores Risk Management in an Agile project. It explains how to take advantage of Agile project characteristics, such as evolutionary design and ongoing re-planning, to eliminate many risk items early in an Agile project.

Enjoy,

Pete

Expert Thoughts on Agile Risk Management and the Need for More Comprehensive Risk Management Programs

Posted: 16th May 2012 by Peter DeYoe in Agile Adoption, Agile Methods, Application Development, Risk Management, Software Development, management, project management, scrum
0

There have been several articles written related to risk management.  Three such articles have come from some of the leaders in Agile methods, and support to some degree, our views on applying risk management processes to the Agile world.  Mike Cohn, from Mountain Goat Software wrote a blog article referencing a risk burn-down chart as a tool to manage risk in an Agile project.  Michael Lant an Agile practitioner and blogger recently wrote an article entitled “5 simple steps to Agile Risk Management”.  And thirdly, Preston Smith and Roman Pichler, two leading Agilists discuss an approach to Agile Risk Management through “Lean proactive techniques for the identification, analysis, prioritization planning and monitoring.”

In Mike’s Cohn’s blog article he indicates that explicit risk management may be unnecessary in short or low-risk projects due to Agile’s use of “short iterations, single-minded focus on working software, heavy emphasis on automated tests and frequent customer delivery.”  He states “for projects of this nature that the savings from explicitly managing risks is outweighed by the cost of explicitly managing risks. “ But he does imply to some degree that as projects get larger, more complex or of higher risk, that explicitly managing risk might be important.

In Mike’s article he references John Brothers work related to the risk burn-down chart.   Essentially the project team takes a risk census, which defines the probability of risk occurring at the feature/ function level.  Then the risk is further quantified in terms of the size of the loss should the risk come to bear.  This is expressed in terms of the number of days that would be lost.  The probability and the size of loss are then multiplied to get the risk exposure in days.  So if the probability of risk occurring is 25% with an estimated loss of days at 20 days then the risk exposure is 25% times 20, or 5 days of risk exposure.  All feature risks exposure values are summed and plotted to give us the total risk exposure for the sprint.  This would be done for each and every sprint or iteration and tracked in a burn-down chart similar to our normal story point burn-downs.  We could then show a downward trend line that represented the expected reduction in risk across iterations superimposed on our risk exposure line.  If the risks are not going down as expected over the iterations then decisions could be made to focus the next sprint on risk reduction activities.

This provides a sensible approach to Risk Management that can assist the development team in knowing if the risks are increasing overtime thereby allowing them to “press the reset button” so to speak and revisit those emerging risks iteration by iteration.  However, it may be focusing on risks as perceived by only the development team.  A broader view of risk overall is critical for larger efforts.

Michael Lant defined another approach in his blog article “5 Simple Steps to Agile Risk Management.”  He starts out with the basics of Risk Management stating that:

“Risks are influencing factors that might adversely affect the outcome of a project.  Risk is the direct result of uncertainty. If there is no uncertainty, it is not a risk – it is a certainty.  Risk analysis is used to help a team understand uncertainty that could affect the outcome of the project.  Risk management (sometimes called risk mitigation) is the plan that the team puts into place to pre-empt, contain or mitigate the effects of risk to a project.

Within simple projects things can and will go wrong and risk management must be applied in order to plan for those risks in order to minimize the impact.  Lant discusses 5 steps (6 if you include repeating the first five steps).  The first of these steps is to identify the risks on 2 dimensions.  The first dimension is those risks that are helpful and harmful. The helpful ones are the factors that advance a project’s objectives and the harmful ones are those that hinder the results of the project.

The second dimension has to do with whether the risk is caused by internal influences or external influences.  Lant recommends constructing a SWOT analysis (Strengths, Weaknesses, Opportunities and Threats) in 4 quadrants.  Risks that are helpful and internal are ones that we consider strengths, whereby those that are harmful and of external origin are considered threats.  He then classifies these risks as those that could affect the outcome of the solution, the budget, privacy, security, resources or scope.

Then, in a similar way that we assessed or quantified risk in the burn down chart discussed in Mike Cohn’s article he provides a 1 to 5 rating on the impact of the risk (5 being extreme and 1 being minimal) and also on a scale of 1 to 5 the probability that the risk will occur (5 being very likely to occur and 1 being unlikely to occur).

From there he produces a matrix, which identifies target values of probability to impact values.  Those that are of low probability (rated as 1) and low impact (rated as 1) are given a score of 1.  Those that have a high impact (a 5 rating) and high probability of occurring (also 5) receive a score of 25 (5 rating on impact times 5 rating on probability).  He then takes each risk and their ratings and creates a “Risk Register.”  Those receiving the highest values are things that require urgent action.  Conversely those with the lowest values should be reviewed but with no immediate action required.  Then each of the risks that require attention based on their ratings has a defined set of risk mitigation activities defined by the team.  These would then be added to the product backlog in included in a subsequent sprint.

Preston Smith and Roman Pichler have also defined effective risk management as involving risk identification, assessment of the severity of the risk, prioritizing the risks based on severity, creating mitigation plans and continuously monitoring these risks across each iteration.  In all of these approaches there is the process of identifying, assessing and building mitigation processes that are integrated into each sprints backlog and continually monitoring these risks throughout the life of the project.

We have found that the approaches discussed thus far all have great merit in the management of risks throughout Agile projects.  In much the same way that was described by the experts above, we have found that continuously measuring uncertainty, value and level of effort is essential to a strong risk management program.  Assessing risks at the feature level provides us with a good picture of where we need to focus our risk mitigation efforts and allows us to more adequately prioritize our product and sprint backlogs.  It also allows us to determine which features and functions have the highest value with perhaps the highest risk.  This leads us to making sure we take care of the high-risk, high-value elements first.  Normally these may be architectural in nature or proof of concepts that must be ironed out first to ensure that our software products have a strong foundation.  It also leads us to identify low-value, high-risk components that could be removed (or certainly placed at the bottom of our development activities) that would otherwise require extensive resources for very little value to the target software product.  In a more traditional paradigm the low-value, high-risk features would take up valuable resources and provide no real value, adding to the risk and cost of the solution.

The Sources of Risk: A Broader View

In the discussion above we were defining risk, uncertainty, value and level of effort in somewhat quantifiable terms.  We were trying to boil our perceptions of risk, value and effort down to “hard data” if you will; a number that we would track and manage based on the development teams assessment of just perhaps a handful of variables.  But risks can surface from all dimensions of a project.  Some of these risks can be reduced to “hard data” and yet others are harder to spot.  We have compiled a short list of sources of risk that may be very difficult to track and manage on an ongoing basis, but could have significant impact on the outcome of a project.  Below is a list of potential risks that also must also be tracked and managed.

Project Management related Risks:

  • Lack of product vision and evolution
  • Little to no standard estimation and prioritization process
  • Institutionalized “learning” (learning from the past)
  • Little or no planning implemented for ALL project activities
  • Failure to institutionalize tracking and reporting to allow visibility and transparency of all project aspects
  • No well-defined escalation pathways
  • No established acceptance criteria for deliverables

Request Management Process related risks such:

  • Lack of a defined process to accept requests/changes
  • No process for reviewing requests and preliminary requirements.
  • No established process for points of clarification, feedback on the request and recommended path forward.

Scope management related risks:

  • Lack of entrance/exit criteria
  • Limited or no walkthrough of the design considerations
  • No process for collaboration regarding detailed design specification
  • No focus on clearly articulating assumptions and responsibilities

Quality management related risks:

  • Lack of building testing early in the cycle (test cases in requirements)
  • No ongoing Project Quality Audits (PQAs)
  • Lack of frequent inspections of applications as they are being developed (user demonstrations)
  • No defined quality measures (defects, rework, etc.)
  • Lack of rigorous performance and load testing against requirements
  • No traceability matrices
  • Lack of a proper quality acceptance process.

Customer satisfaction related risks:

  • No “formal” customer satisfaction survey program
  • No “formal” feedback loop for business sponsors, stakeholders, end-users, IT group.

Yes, we have key measure that we all understand, like velocity, burndown and deployable software and quality measures, but as this short-list indicates, there are softer measures such as communications, transparency, team cohesiveness/moral and stakeholder perception that could threaten our projects.  We needed a way to maintain a much broader view of risk within our projects; a way to consider areas of risk that were harder to quantify, capture and/or measure throughout the life of our projects.

So we have been embarking on an effort to try and understand not just the “hard data” as it relates to emerging risks, but also the softer data.  We began to ask ourselves “What if we could continuously ask the right questions throughout the Agile process and combine the answers with the hard data in a comprehensive dashboard to assess where risks are emerging without being paralyzing our development efforts?”

In a follow-up article I will describe some of the ways we are trying to merge both the “hard data” and “softer data” to give a more complete picture of risk throughout the life of our Agile projects by using CAI’s APO solution.

Pete

CAI's Automated Project Office

The Peter DeYoe Daily

Posted: 10th May 2012 by Peter DeYoe in Agile Adoption, Agile Methods, Application Development, Application Support, Business Partnerships, digital marketplace
0


All Hail the Scrum Master!

Posted: 23rd March 2011 by Peter DeYoe in Agile Methods, Leadership, scrum
Tags: , ,
Comments Off

Hello All,

Scrum Master…an odd-sounding title that to the uninformed or neo-agilite might conjure up images of the victor, champion and MVP of a rugby match being hoisted on shoulders of teammates with trophy in hand heading off to the pub to celebrate.  But although Scrum Masters might enjoy the pub from time to time, this is not what Scrum Master means to the Agilist and “Scrum Fellow.”  For the newly annointed Agilist…what exactly does this role entail?

For an Agile team, a Scrum Master is a key leader, mover, and shaker.  In his article, “New to agile? What does the Scrum Master do anyway?,” Bob Hartman opens with the common misconception that a Scrum Master is simply an IT Ganesha, the ultimate remover of obstacles for the team.  Bob expands the definition of Scrum Master by stating that “A Scrum Master is a servant leader helping the team be accountable to themselves for the commitments they make.

He then breaks that definition into its three individual phrases and fully expounds on the meaning of each of the following:

  • is a servant leader
  • helping the team be accountable to themselves
  • for the commitments they make

Read the article in detail because it contains many links to outside scrum resources. Then let’s discuss how good Scrum Masters in your experience have lived up to Bob Hartman’s definition.

Enjoy,

Pete

PMI is in the Agile Certification Game

Posted: 23rd March 2011 by Peter DeYoe in Agile Adoption, Agile Methods, PMBOK v4, Project Management Institute (PMI), project management
Tags: , , ,
Comments Off

Hello All,

On February 24, 2011, the Project Management Institute (PMI) unveiled their new Agile certification. The number of Agile sessions at PMI events has been growing over the last six years. Sixty-five percent of PMI members are involved in large Agile products, and Gartner predicts that by 2012 80% of software projects will use Agile as the development methodology.

In light of this trend, PMI developed a certification path. The author of the article “PMI Unveils Agile Certification Program” participated in the development of the certification path and was particularly pleased with the quality and depth of knowledge of the other Agile thought leaders that PMI brought to the table.

The author made the following two points in his article:

  • While certifications do not assure competence or capability to manage projects, they are a useful learning tool for people new to the domain. Read More>>
  • …for me it is not so much about the certification, but hopefully the training materials, studying and increased awareness of successful adoption strategies it should bring. Read More>>

I encourage you to visit the blog article; there are links to additional posts that provide more details about PMI’s Agile certification or compare the PMBOK v4 to Agile process mappings. Then come back and discuss what you think of the new certification and its requirements.

Pete

What motivates teams? You have to see this YouTube Video!

Posted: 23rd March 2011 by Peter DeYoe in Agile Adoption, IT Productivity, Leadership, management, scrum
Tags:
Comments Off

Hello All,

This never gets old.  A fascinating view into what motivates us.  Autonomy, self-direction, mastery, creativity and purpose.  Forget the processes you are trying to build to create great teams.  Instead, focus on these things.  Greatness will follow! Pete

Reducing Risk and Avoiding Pain – Agile Lessons Learned (Part 3)

Posted: 22nd March 2011 by Peter DeYoe in Agile Adoption, Agile Methods, Application Development, Software Development, scrum
Tags: , , , ,
Comments Off

Hello All,

In the first two parts of this series, we discussed six of Jim Dempsey’s lessons learned in building an Agile software development program.  You can review these in the previous blog posts:

In this post, we will focus on the next four lessons learned in adopting an Agile-Scrum.   These next four lessons are:

  • The Sprint Planning Meeting Will Make or Break the Project
  • Manual Tools Work Great
  • Requirements Are Still Important
  • People Are More Important than Process and Tools

Lesson 7 – The Sprint Planning Meeting will Make or Break the Project.  Setting up your Sprints is so critical to the project.  How you move things from the Product Backlog and into a Sprint Plan will either solidify your success or make it difficult to attain the objectives of the current Sprint.  Some rules of thumb that Mr. Dempsey has found helpful making sure your Sprint planning is as effective as possible are as follows:

o   Make sure your Product Backlog is in good shape prior to having your Sprint planning meeting.  This means that you need to make sure that it has been properly prioritized by the Product Owner

o   As you move features off of the Product backlog onto the Sprint backlog, make sure that the features are small enough to be completed in a single iteration.  That means that some features may need to be split into smaller features that you can show value at the end of the Sprint.

o   Sprint durations can really be of any length that the team decides is best for a project.  Some like 2-week Sprints, others, 30-day Sprints and yet others may want them even smaller.  Jim recommends that when you are starting out with Agile, you should consider 30-day Sprints until you have established some “Sprint success.”  This time frame is long enough that the team is not scrambling to complete the Sprint, yet short enough to see results often and early.

Lesson 8 – Manual Tools Work Great. If you are enamored with technology, you may find it difficult to resort to using index cards, magic markers and sticky notes to plan and track your projects.  But these are proving to be extremely effective in the Scrum team room.  Peter Stevens (Scrum Breakfast Blog) discusses Michael Dubakov’s Agile Tools Decision Matrix in his blog article Managing Scrum:  The Right Tool for the Job.  Michael calls manual tools “Tangible Tools” and states that:

“Tangible tools are great for learning the processes and principles. Hung on the wall, they radiate information for all to see. They are extremely flexible for structuring and displaying information. Use them to get started with Scrum. Use them as long as you are happy with them.”

Jim Dempsey points out, however, that with distributed Scrum teams, you may have to rely more and more on automated tools and techniques.  There are many excellent open-source and commercial Agile project management tools available.  AgileScout recently posted a blog “Top Agile and Scrum Tools, Which One is Best? , that lists several packages.   There are so many out today.  Just Google “Scrum Tools” and you will be given the old “fire hose” of data.

Lesson 9 – Requirements are Still Important.  When you decided to adopt Agile, did you think that you could just forget about requirements?  The Business Analyst did not vaporize overnight.  He and she are alive and well, and a crucial part of the Scrum.  And it is not a matter of whether we create and elaborate requirements.  It is more a matter of how and when do we create and elaborate them.  In the old days, they had to all be buttoned up and approved before we could start anything else.  In Agile, we move from feature statement to requirement only when we pull that feature from the Product Backlog and into a Sprint Backlog.  And it is only then that this requirement gets elaborated.  That’s right…think lean…think “Just In Time.” Let’s not forget that Agile’s (and Scrum’s) roots are deeply seated in lean thinking and lean strategies.  And Agile requirements can take several forms including:

  • User stories
  • Use cases
  • Flow diagrams
  • Wireframes

So keep your business analysts happy.  You need them to be successful.

Lesson 10 – People are More Important that Processes and Tools.  Do we really need to restate this?  YES. There is no silver bullet out there yet, and I would venture to guess that there will not be anytime soon.  Project success depends on bringing good people together in an environment rich with collaborative energy where innovation, freedom of expression, respect for others opinions and talents, honesty and trust are rewarded.  Invest in the teams and people because in the end they are what make you successful.

In Part 4 of this series, we will discuss the next 4 Lessons Learned in Agile Adoption:

  • Don’t Matrix People Across Different Projects
  • Focus on Architecture in the Early Sprints
  • Re-Estimate Product Backlog Items Every Few Sprints
  • Don’t Forget Engineering!

Stay Tuned,

Pete

Certifiable Scrum!

Posted: 21st March 2011 by Peter DeYoe in Agile Adoption, Agile Methods, scrum
Tags: , , ,
Comments Off

Hi All,

Related to my previous article “Denounce your CSM?!” , one of our staff writers is pondering the following:

As Agile becomes adopted in a wider variety of settings, there is a need to ensure that the resources you’ve selected really know what they’re doing in Agile, especially Scrum Masters.  But does a certified scrum master (CSM) really bring value to the table?

In his article, “I’m a Certified Scrum Master. BFD.*,” Ian Kelling explores what it takes to get a certification, why it’s a problem, and how he would fix the process.

He explained that he attended a two-day course and walked away certified. The problem he acknowledges is that two-thirds of the group never had any experience in Agile and scrum and this was their first experience. The follow-on problem was in Ian’s words: “Aside from making CSMs who actually have a clue look like crap, and devaluing the certification in general, it threatens the positive, healthy adoption of scrum and agile methods. Read More>>

So what is his fix for this issue? In his words:

Make it a certification with some real substance:

  • Have some real pre-reqs: relevant experience and an assessed level of knowledge about scrum and agile methods
  • Incorporate a practicum of sorts
  • Actually evaluate knowledge and practical experience, preferably via interview versus written

So what are your thoughts on the CSM situation? Is the current certification process acceptable, or should it be beefed up.  Share your opinions here.  What would you recommend in establishing the CSM as a true measure of Agile expertise?

Is Your Agile Workspace Crowded By Elephants?

Posted: 16th March 2011 by Peter DeYoe in Agile Adoption, Agile Methods, Leadership, Software Development, scrum
Tags:
Comments Off

Hi All,

One of my colleagues, Mr. Nick Spanos (www.LeanITBlog.com) directed me to an article on CIO.com entitled Elephants in the Room – What Agile Practitioners Don’t talk about.

After 10 years since the Agile Manifesto changed our way of thinking, we are now in a phase of “shaking out the bugs” so to speak and reaching a new stage of maturity.  Attached below is a YouTube video that captures some of the discussions around those Elephants.

Do you have Elephants in your Agile Workspace? Can we expand on this discussion?

Have a great day.

Pete

Older Entries