Case Study: Problem 5
JCI management is pleased with how your work has progressed. They are starting to gain an awareness of the importance of security and how they may have been lacking in that area. With this upcoming new contract, they are more aware than ever of their company’s reputation. You assure them that you will deliver a final document deliverable to outline risks and how to mitigate them. They seem less than thrilled about the possibility of having to read another document.
You suspect that JCI management will not dedicate the time to actually read the final deliverable document. You realize that you have to provide your results to them in “management-speak.” Given that they are full engaged in this new proposal and have little time for anything else, you offer to provide an “overview” briefing to explain your findings. You promise that the briefing will not be longer than 30 minutes. They agree to give you time during their lunch, as the rest of their day is devoted to proposal writing. You know you have to prepare well to get the important points across to JCI management.
Week 5: Final Deliverable for Key Assignment
Provide a Word document of 2–3 pages that is delivered as a final section to your report, expanding on the following critical activities that are needed to create the Risk Management Framework:
Risk Management of Software from a Business Perspective
Creates a basis for understanding what software risks are critical; current business goals, operational, and technical priorities; circumstances of taking certain business actions must be identified and understood
Business and Technical Risk
Identification of what risks financially affect which organizational goals; reputation, liability concerns, and increased development cost; business and software risks must be quantified
Determines which business goals are critical or important and which technical risks may affect business operations
Risk Mitigation Strategy
Strategy takes into account time, resources, likelihood of operational success, and overall impact; involves metrics and validation procedures to ensure the risks are mitigated
Repair Problems With Architecture, Requirements, and Design
Involves the study of open risks, evaluating quality metrics, and judging progress against any existing risks