Risk management in the software life cycle: A systematic literature review

•The paper presents a review of 45 studies related to software risk in the context of the software life cycle.•A large number of studies reviewed involve other knowledge areas to support decision-making in the risk management activities.•A few proposals for risk management use internationally recogn...

Full description

Saved in:
Bibliographic Details
Published in:Computer standards and interfaces 2020-08, Vol.71, p.103431, Article 103431
Main Authors: Masso, Jhon, Pino, Francisco J., Pardo, César, García, Félix, Piattini, Mario
Format: Article
Language:English
Subjects:
ISO 12207
ISO 31000
Literature reviews
Project management
Risk management
Risk management activities
Software
Software life cycle processes
Software risk
Systematic literature review
Systematic review
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:•The paper presents a review of 45 studies related to software risk in the context of the software life cycle.•A large number of studies reviewed involve other knowledge areas to support decision-making in the risk management activities.•A few proposals for risk management use internationally recognised standards or de facto models to its definition.•It is especially important to define a framework and model for risk management in the software life cycle using an agile approach.•It is important that agile approaches include risk management practices which are in line with the already accepted ones in traditional approaches. Risk management (RM) plays a key role in project management, as it allows identification and prompt management of threats that may arise during project execution. Furthermore, project management within the software industry is evolving rapidly nowadays, a fact that implies new challenges, because the emergence and use of fresh approaches has brought a greater degree of complexity to the RM process. The objective of this paper is to carry out a systematic literature review (SLR) in the field of software risk, in an attempt to characterize and present the state of the art of this field, identifying gaps and opportunities for further research. From the analysis of the results of this SLR it could be observed that interest on the part of the scientific community has turned away from the definition of research work that addressed an integrated risk management process, to pay attention to work that concentrates on specific activities of this process. It was also possible to see that there is a clear lack of scientific rigour as regards the process of validation in the different studies, and a deficiency in the use of standards or of de facto models to define these.
ISSN:0920-5489
1872-7018
DOI:10.1016/j.csi.2020.103431