Most software development organisations today use Scrum or some other Agile methodology to streamline their processes. While they do have their own obvious benefits, many people do complain at times that Scrum has no clear Risk Management steps for the Scrum Master to follow – the fact is that Scrum does have a five-step plan which is meant to address the issues of risk in a structured manner.
The Scrum Master is in charge of ensuring that the team functions without any impediments on the way, and removing any obstructions which are holding the team back. Therefore, this is how a Scrum Master commonly deals with risk.
• Risk Identification
With the help of the Scrum Product Team, the Master should try and identify all the risks which could potentially have an impact on the project. This is done also by looking at the product from a host of perspectives and using some other techniques. Risk identification is a constant process, and the Identified risks even become inputs to many Scrum processes like Demonstrate and Validate Sprint.
• Risk Assessment
After identifying the risks, you have to now understand what the impact of each risk may be on the project. The overall business value in the worst case scenarios can be calculated, and you can also check if the risks outweigh the implications of the project itself – in that case, you should think whether it is apt to even continue the process. Probability Trees, Pareto Analysis and a Probability and Impact Matrix, can be used to understand the impacts the risks may have.
• Risk Prioritization
As a result of the first two steps, you have a list of the possible risks which could impact the project and an idea of how big each risk is. In this step, therefore, you will have to priorities the risks based on their chances of occurring and implications on the projects. This priority list will come in handy in the next couple of steps.
• Risk Mitigation
Risk can be mitigated by using a number of responses from Scrum, from which the best option is to formulate a plan B for you to fall back on. You can either be proactive about the risk, or reactive about it. Proactive is about trying to prevent the risk in an active fashion, which being reactive is about trying to mitigate the results of the risk after they have happened.
• Risk Communication
Every project has a lot of stakeholders who are worried about how the project is progressing. It is important to communicate to these stakeholders, not just the owners, about the risks and their potential impact on the project. You should also explain the measures you have taken in order to mitigate the effects of the risk. This is not the last step in the process – rather, it is a parallel step which should be done throughout the first four steps.
If you find yourself interested in learning more, you should check out the Agile business analyst and Scrum prodegree with SAP on offer at Imarticus Learning.