- One method for identifying risks is to create a risk item checklist
- The checklist can be used for risk identification and focuses on some subset of known and predictable risks in the following generic subcategories:
- Product size—risks associated with the overall size of the software to be built or modified
- Business impact—risks associated with constraints imposed by management or the marketplace
- Stakeholder characteristics—risks associated with the sophistication of the stakeholders and the developer’s ability to communicate with stakeholders in a timely manner
- Process definition—risks associated with the degree to which the software process has been defined and is followed by the development organization
- Development environment—risks associated with the availability and quality of the tools to be used to build the product
- Technology to be built—risks associated with the complexity of the system to be built and the “newness” of the technology that is packaged by the system
- Staff size and experience—risks associated with the overall technical and project experience of the software engineers who will do the work