Reactive Vs. Proactive Risk Strategies

Reactive risk strategies have been laughingly called the Indiana Jones School of risk management. In the movies which carried his name Indiana Jones when faced with overwhelming difficulty would invariably say, do not worry, I'll think of something! Never worrying about problems until they happened Indy would react in some heroic way.

Sadly the members of the software project team are not his trusty sidekicks and the average software project manager is not Indiana Jones. Since, the majority of software teams rely solely on reactive risk strategies. At best a reactive planning monitors the project for likely risks. The resources are set aside to deal with them should they become actual problems. More obviously, the software team does nothing about risks until something goes wrong. After then the team flies into action in an attempt to correct the problem rapidly. This is also called fire fighting mode. This fails crisis management takes over and the project is in original jeopardy.

The considerably more intelligent planning for risk management is to be proactive. The proactive strategy starts long earlier technical work is initiated. Potential risks are identified their impact and probability are assessed and they are prioritized through importance. Then the software team builds a plan for managing risk. The primary goal is to avoid risk but because not all risks can be avoided the team works to establish a contingency strategy that will enable it to respond in a controlled and effectual manner. By the remainder of this chapter discuss a proactive strategy for risk management.