A NEW METHOD AND METRIC FOR QUANTITATIVE RISK ANALYSIS

Peng Zhou, Hareton Leung

2011

Abstract

Quantitative risk analysis provides practitioners a deeper understanding of the risks in their projects. However, the existing methods for impact assessment are inaccurate and the metrics for risk prioritization also can not properly prioritize the risks for certain cases. In this paper, we propose a method for measuring risk impact by using AHP. We also propose a new indicator, risk intensity (RI), to prioritize the risks of a project. Compared with the widely used metric Risk Exposure (RE), the contours of RI show a convex pattern whereas the contours of RE show a concave pattern. RI allows practitioners weight probability and risk impact differently and can better satisfy the needs of risk prioritization. Through a case study, we found that RI could better prioritize the risks than RE.

References

  1. Bhushan, N. and Rai, K., 2004. Strategic Decision Making: Applying the Analytic Hierarchy Process. London, Springer.
  2. Boehm, B., 1989. Software Risk management, IEEE Computer Society Press.
  3. Boehm, B., 1991. “Software risk management: principles and practices”, IEEE software, Vol.8, No.1, pp.32-41.
  4. Cox, L. A., et al, 2005. Huber, “Some limitations of qualitative risk rating systems”, Risk Analysis, Vol.25 No.3, pp.651-662.
  5. Cox, L. A. 2008, “What's Wrong with Risk Matrices?”, Risk Analysis, Vol.28, No.2, pp.497-512.
  6. Ferguson, R. W., 2004, “A project risk metric”, CrossTalk: The Journal of Defense Software Engineering, Vol.17, No.4, pp.12-15.
  7. Forman, E. H., and Gass, S. I., 2001. "The analytical hierarchy process-an exposition", Operations Research, Vol.49, No.4, pp.469-486.
  8. Gluch, D. P., 1994. “A Construct for Describing Software Development Risks”, SEI Technical Report CMU/SEI-94-TR-14, SEI, Pittsburgh, PA.
  9. Jones, C., 1996. Patterns of Software Failure and Success, Boston, MA: International Thompson Computer Press.
  10. Kähkönen, K., 2001. “Integration of Risk and Opportunity Thinking in Projects”, Presented in Proceedings of 4th European Project management Conference, London, Jun, PMI Europe 2001.
  11. Kerzner, H., 2006. Project management: a systems approach to planning, scheduling, and controlling, 9th edition, Hoboken, N.J.
  12. Lipovetsky, S. and Tishler, A., 1994. “Linear methods in multimode data analysis for decision making”, Computers and Operations Research, Vol.21, No.2, pp.169-183.
  13. Lipovetsky, S., 1996. “The synthetic hierarchy method: an optimizing approach to obtaining priorities in the AHP”, European Journal of Operational Research, 93, pp.550-569.
  14. Mcmanus, J., 2004. Risk management in Software Development Projects, Elsevier, Burlington, MA.
  15. Pandian, C. R., 2007. Applied software risk management: a guide for software project managers, Auerbach, Boca Raton, Fla.
  16. PMI, 2008. A guide to the project management body of knowledge, 4th edition, Project management Institute, Newtown, PA.
  17. Saaty, T. L., 1994. Fundamentals of Decision Making and Priority Theory with Analytic Hierarchy Process. Pittsburgh, RWS.
  18. Saaty, T. L., 2008. "Relative Measurement and its Generalization in Decision Making: Why Pairwise Comparisons are Central in Mathematics for the Measurement of Intangible Factors - The Analytic Hierarchy/Network Process", RACSAM, Vol.102, No.2, pp.251-318.
  19. Sherer, S., 2004. “Managing risk beyond the control of IS managers: the role of business management”, Proceedings of 37th Hawaii International Conference on System Sciences, Hawaii, Track 8.
  20. White, B. E., 2006. “Enterprise Opportunity and Risk”, INCOSE 2006 Symposium Proceedings, Orlando.
Download


Paper Citation


in Harvard Style

Zhou P. and Leung H. (2011). A NEW METHOD AND METRIC FOR QUANTITATIVE RISK ANALYSIS . In Proceedings of the 13th International Conference on Enterprise Information Systems - Volume 3: ICEIS, ISBN 978-989-8425-55-3, pages 25-33. DOI: 10.5220/0003442200250033


in Bibtex Style

@conference{iceis11,
author={Peng Zhou and Hareton Leung},
title={A NEW METHOD AND METRIC FOR QUANTITATIVE RISK ANALYSIS},
booktitle={Proceedings of the 13th International Conference on Enterprise Information Systems - Volume 3: ICEIS,},
year={2011},
pages={25-33},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0003442200250033},
isbn={978-989-8425-55-3},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 13th International Conference on Enterprise Information Systems - Volume 3: ICEIS,
TI - A NEW METHOD AND METRIC FOR QUANTITATIVE RISK ANALYSIS
SN - 978-989-8425-55-3
AU - Zhou P.
AU - Leung H.
PY - 2011
SP - 25
EP - 33
DO - 10.5220/0003442200250033