Avaliando uma ferramenta baseada em dados históricos para auxiliar o gerenciamento de riscos: um estudo de caso em projetos de software

Emanuel Dantas Filho; Ademar França de Sousa Neto

doi:10.5585/gep.v14i2.24431

Authors

Emanuel Dantas Filho Instituto Federal da Paraíba – IFPB http://orcid.org/0000-0002-8204-8731
Ademar França de Sousa Neto Universidade Federal de Campina Grande – UFCG http://orcid.org/0000-0002-1651-4159

DOI:

https://doi.org/10.5585/gep.v14i2.24431

Keywords:

Risk management, Software projects, Focus group, Case study, Historical data, Bayesian network

Abstract

A risk is an uncertain event or condition that, if it occurs, affects the objectives of projects. Risk management is costly and error-prone because risks are abstract and subjective. This paper aims to present a tool to assist in risk management in software projects. The methodological procedure adopted was a case study, collecting information through focus groups. We conducted experiments with real teams in software projects to evaluate the tool. In addition, to verify professionals' perceptions, we applied a questionnaire based on the TAM methodology. The Risk Control tool aims to make risk management more objective and systematic, reducing subjectivity in decision-making. The results pointed to the approach's usefulness in identifying and monitoring risks. However, professionals made reservations about the applicability of risk measurement. The tool’s contributions are probabilistic inferences using Bayesian Network, which offers adapted responses to new inputs as soon as someone introduces them.

References

Arumugam, C., Kameswaran, S., & Kaliamourthy, B. (2017, November). Global software development: A design framework to measure the risk of the global practitioners. In Proceedings of the 7th International Conference on Computer and Communication Technology (pp. 1-8). https://doi.org/10.1145/3154979.3154983.

Boehm, B. (1989, September). Software risk management. In European software engineering conference (pp. 1-19). Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-51635-2_29.

Chrissis, M. B., Konrad, M., & Shrum, S. (2011). CMMI for development: guidelines for process integration and product improvement. Pearson Education. Link: https://resources.sei.cmu.edu/library/asset-view.cfm?assetid=31054.

Dantas, E., Sousa Neto, A., Perkusich, M., Almeida, H., & Perkusich, A. (2021). Using Bayesian Networks to Support Managing Technological Risk on Software Projects. In Anais do I Workshop Brasileiro de Engenharia de Software Inteligente, (pp. 1-6). Porto Alegre: SBC. https://doi.org/10.5753/ise.2021.17277.

Davis, F. D. (1989). Perceived usefulness, perceived ease of use, and user acceptance of information technology. MIS quarterly, 319-340. https://doi.org/10.2307/249008

Hossain, E., Babar, M. A., Paik, H. Y., & Verner, J. (2009, December). Risk identification and mitigation processes for using scrum in global software development: A conceptual framework. In 2009 16th Asia-Pacific Software Engineering Conference (pp. 457-464). IEEE. https://doi.org/10.1109/APSEC.2009.56.

International Organization for Standardization (2009). ISO 31000: Risk management-Principles and guidelines. Geneva: ISO. Link: https://www.iso.org/iso-31000-risk-management.html.

Joshi, A., Kale, S., Chandel, S., & Pal, D. K. (2015). Likert scale: Explored and explained. British journal of applied science & technology, 7(4), 396. https://doi.org/10.9734/BJAST/2015/14975.

Khanna, E., Popli, R., & Chauhan, N. (2021, August). Artificial Intelligence based Risk Management Framework for Distributed Agile Software Development. In 2021 8th International Conference on Signal Processing and Integrated Networks (SPIN) (pp. 657-660). IEEE. https://doi.org/10.1109/SPIN52536.2021.9566000.

Kerzner, H. (2017). Project management: a systems approach to planning, scheduling, and controlling. John Wiley & Sons. Link: http://www.mim.ac.mw/books/Kerzner's%20Project%20Management%20A%20Systems%20Approach...10thed.pdf.

Lee, O. K., & Baby, D. V. (2013). Managing dynamic risks in global it projects: Agile risk-management using the principles of service-oriented architecture. International Journal of Information Technology & Decision Making, 12(06), 1121-1150. https://doi.org/10.1142/S0219622013400117.

Leitch, M. (2010). ISO 31000: 2009-The new international standard on risk management. Risk analysis, 30(6), 887. https://doi.org/10.1111/j.1539-6924.2010.01397.x.

Meirinhos, M., & Osório, A. (2010). O estudo de caso como estratégia de investigação em educação. EduSer, 2(2). https://doi.org/10.34620/eduser.v2i2.24.

Mendes, E., Rodriguez, P., Freitas, V., Baker, S., & Atoui, M. A. (2018). Towards improving decision making and estimating the value of decisions in value-based software engineering: the VALUE framework. Software Quality Journal, 26(2), 607-656. https://doi.org/10.1007/s11219-017-9360-z.

Miguel, P. A. C. (2007). Estudo de caso na engenharia de produção: estruturação e recomendações para sua condução. Production, 17, 216-229. https://doi.org/10.1590/S0103-65132007000100015.

Odzaly¹, E. E., & Des Greer¹, D. S. (2014). Lightweight risk management in Agile projects. Link: https://www.academia.edu/download/70086054/Lightweight_Risk_Management_in_Agile_Pro20210921-30204-1ihxgi8.pdf

Odzaly, E. E., Greer, D., & Stewart, D. (2018). Agile risk management using software agents. Journal of Ambient Intelligence and Humanized Computing, 9, 823-841. https://doi.org/10.1007/s12652-017-0488-2.

PMI. (2019). Project management body of knowledge (pmbok® guide). In Project Management Institute (Vol. 11, pp. 7-8). Link: http://lms.aambc.edu.et:8080/xmlui/bitstream/handle/123456789/160/PROJECT%20MANAGEMENT%20BODY%20OF%20KNOWLEDGE%20(PMBOK%20GUIDE)%20(%20PDFDrive.com%20).pdf?sequence=1.

Purdy, G. (2010). ISO 31000: 2009—setting a new standard for risk management. Risk Analysis: An International Journal, 30(6), 881-886. https://doi.org/10.1111/j.1539-6924.2010.01442.x.

Rabbi, M. F., & Mannan, K. O. B. (2008, August). A review of software risk management for selection of best tools and techniques. In 2008 Ninth ACIS International Conference on Software Engineering, Artificial Intelligence, Networking, and Parallel/Distributed Computing (pp. 773-778). IEEE. https://doi.org/10.1109/SNPD.2008.127.

Rosenberger, P., & Tick, J. (2018, November). Suitability of PMBOK 6 th edition for agile-developed IT Projects. In 2018 IEEE 18th International Symposium on Computational Intelligence and Informatics (CINTI) (pp. 000241-000246). IEEE. https://doi.org/10.1109/CINTI.2018.8928226.

Russell, R. S., & Taylor-Iii, B. W. (2008). Operations management along the supply chain. John Wiley & Sons. Link: http://jtelen.free.fr/0MARINE%20bouquins/%5BRoberta_S._Russell,_Bernard_W._Taylor%5D_Operations(Bookos.org).pdf

Sasankar, A. B., & Chavan, V. (2011). SWOT analysis of software development process models. International Journal of Computer Science Issues (IJCSI), 8(5), 390.

Schwaber, K., & Sutherland, J. (2011). The scrum guide. Scrum Alliance, 21(19), 1. Link: https://citeseerx.ist.psu.edu/document?repid=rep1&type=pdf&doi=cb1ce98a878d5d783cf8108b870d817853a01f6c#page=400.

Shull, F., Singer, J., & Sjøberg, D. I. (Eds.). (2007). Guide to advanced empirical software engineering. Springer Science & Business Media. https://doi.org/10.1007/978-1-84800-044-5.

Takagi, Y., Mizuno, O., & Kikuno, T. (2005). An empirical approach to characterizing risky software projects based on logistic regression analysis. Empirical Software Engineering, 10(4), 495-515. https://doi.org/10.1007/s10664-005-3864-z.

Tavares, B. G., da Silva, C. E. S., & de Souza, A. D. (2019). Risk management analysis in Scrum software projects. International Transactions in Operational Research, 26(5), 1884-1905. https://doi.org/10.1111/itor.12401.

Tomanek, M., & Juricek, J. (2015). Project risk management model based on PRINCE2 and SCRUM frameworks. arXiv preprint arXiv. Link: https://arxiv.org/abs/1502.03595

Ventura, M. M. (2007). O estudo de caso como modalidade de pesquisa. Revista SoCERJ, 20(5), 383-386. http://sociedades.cardiol.br/socerj/revista/2007_05/a2007_v20_n05_art10.pdf.

Venkatesh, V., Morris, M. G., Davis, G. B., & Davis, F. D. (2003). User acceptance of information technology: Toward a unified view. MIS quarterly, 425-478. https://doi.org/10.2307/30036540.

Venkatesh, V., Thong, J. Y., & Xu, X. (2012). Consumer acceptance and use of information technology: extending the unified theory of acceptance and use of technology. MIS quarterly, 157-178. https://doi.org/10.2307/41410412.

Weber, K., Araújo, E., Rocha, A. R. C., Oliveira, K. M., Rouiller, A. C., von Wangenheim, C. G., ... & Yoshida, D. (2006, August). Melhoria de Processo do Software Brasileiro (MPS. BR): um programa mobilizador. In Proceedings of the XXXI Conferencia Latinoamericana de Informatica (CLEI 2006). Santiago, Chile: agosto. Link: https://www.softex.br/wp-content/uploads/2015/08/Artigo_CLEI-200611.pdf.

Xu, Z., Khoshgoftaar, T. M., & Allen, E. B. (2003). Application of fuzzy expert systems in assessing operational risk of software. Information and software technology, 45(7), 373-388. https://doi.org/10.1016/S0950-5849(03)00010-7.

Yin, R. K. (2015). Estudo de Caso-: Planejamento e métodos. Bookman editora. Link: https://edisciplinas.usp.br/mod/resource/view.php?id=3878524.