The challenge of knowing whether we are on track to deliver haunts projectmanagers and developmentmanagers at various levels as their organizations take on agile approaches to product and project development. Driving towards smaller work items and lower work in process brings the benefits of both better project risk management as well as more effective agile execution and learning.
Commitment is a graphical business novel about managing project risks with “Real Options”, a way of thinking to improve your decision making. InfoQ attended the book launch on May 14 in Amersfoort, The Netherlands and spoke with the authors about decision making, risks and technical debt.
Building on their work on Real Options, Chris Matts and Olav Maassen are writing a graphic novel to explain the concepts and share their knowledge in the area. They discussed the novel, the process of producing it and the crowdsourcing model of funding with Shane Hastie from InfoQ. A sample chapter is available for InfoQ readers to download.
One category of risk that project teams need to ensure they address is business value failure – delivering a product that fails to provide value for the business investor. 3
In this IEEE article, author Danny Dhillon discusses a developer-driven threat modeling approach to identify threats based on the dataflow diagrams for assessing and mitigating the security risks. 3
Risk management is a crucial discipline for projects, and finding ways to do effective risk management on agile projects will spell the difference between Agile scaling into the enterprise or failing. 5
In this IEEE article, author John Diamant talks about improving security quality of software applications using techniques like security requirements gap analysis and architectural threat analysis.
InfoQ spoke with Rich Caralli from SEI's Resilient Enterprise Management Team about Resilience Management Model used for managing operational resilience in complex, risk-evolving environments.
In this IEEE article, John Stouby Persson and Lars Mathiassen discuss a process for managing risks associated in managing the distributed software projects. 2
Static code analysis gives developers ability to review their code to uncover security vulnerabilities. InfoQ spoke with Brian Chess about static analysis and how it compares with other techniques.
"Freedom to choose" underlies many Agile practices. We avoid early commitments to gain flexibility later. The authors propose "Real Options," a thinking tool to help develop and refine new practices. 45
Bruce Tate examines the changing risk profiles for Java and Ruby from a managers perspective, examining Java's initial adoption and also common risk myths about Rails. 37