After the identified risks of a software project are assessed, plans must be made to contain the most damaging and the most likely risks.
Different risks require different containment procedures. In fact, most risks require ingenuity on the part of the project manager in tackling the risk.
There are three main strategies to plan for risk containment:
Avoid the risk– This may take several forms such as discussing with the customer to change the requirements to reduce the scope of the work, giving incentives to the engineers to avoid the risk of manpower turnover, etc.
Transfer the risk– This strategy involves getting the risky component developed by a third party, buying insurance cover, etc.
Risk reduction– This involves planning ways to contain the damage due to a risk. For example, if there is risk that some key personnel might leave, new recruitment may be planned.
Risk Leverage To choose between the different strategies of handling a risk, the project manager must consider the cost of handling the risk and the corresponding reduction of risk. For this the risk leverage of the different risks can be computed. Risk leverage is the difference in risk exposure divided by the cost of reducing the risk.
More formally, risk leverage = (risk exposure before reduction – risk exposure after reduction) / (cost of reduction)