RiskGuide: Risk Management in Software Projects


To develop an effective method and supporting environment for risk identification and analysis in software projects.


The contact for this research project is here.

PhD Thesis:

The research project has been summarized in a PhD thesis presented at the Gdansk University of Technology in December 2005:

Jakub Miler: "A Method of Software Project Risk Identification and Analysis"
Download PDF (1.37 MB)


The aim of any software project is to provide the stakeholders with a satisfactory solution of their problem within the schedule and budget limits. The risk of poor product quality and schedule or budget overruns is high which is confirmed by a number of cancelled, delayed or overpaid projects. Effective management of those risks is presently perceived as one of the most important areas of project management. Current risk identification practices adopt primarily two techniques: checklists and group effort (e.g. brainstorming) and are mostly based on the intuition and personal experience of project managers. The ongoing research effort aims at providing effective support of risk management activities, and in particular at providing for reusing the risk-related knowledge and experience gathered in earlier projects.

The RiskGuide project concentrates on software procurement and development projects and their objectives: the deadline, the budget, the product quality and the user satisfaction. It investigates the process risk - the possibility to steer a project away from its goals - and working on a risk assessment method to keep a project on its track. It also includes the development of a software risk management tool - RiskGuide - and experimental validation of proposed concepts and techniques.


The approach assumes collaborative risk assessment in distributed software projects. Risk identification employs two approaches: firstly, the analysis of the process model supported by risk metrics and model comparison and secondly, distributed risk identification supported by checklists and allowing for free input of perceived risk through a broad and highly available communication channel. Risk analysis uses distributed rating followed by holding the risk mitigation planning sessions and the publication of risk assessment reports with a selected number of highest-rated risks. RiskGuide establishes the continuous risk assessment process supported by adequately defined data structures maintaining the risk-related information. An important feature of the solution is that the risk database is equipped with learning facilities to provide for "learning from experience".


  • The project started in 1999. In December 2005 a PhD thesis based on this research was presented at the Gdansk University of Technology.

  • The method has been defined and a supporting tool has been implemented in 2000-2004.

  • A number of case studies were carried out with together with industrial partners in 2002-2004.

  • An extension of the tool to cover product IT risks identification and analysis was made in 2005.


  • meta-model for modeling the software process with support for tailoring and evolution

  • model of representation and classification of risk related to the process model

  • new risk identification techniques based on structural analysis of the process model

  • risk patterns for documenting the identified risk

  • model of risk knowledge base and learning methods

  • risk assessment process organized as a sequence of reviews

  • means of communication of risk-related information

  • RiskGuide 2.42 internet-based risk management supporting tool

  • three validation experiments and extensive case study of a real-life R&D project

More information:


  1. Miler J.: A Method of Software Project Risk Identification and Analysis, PhD Thesis, Gdansk University of Technology, Faculty of Electronics, Telecommunications and Informatics, 2005
    Download PDF (1.37 MB)

  2. Miler J.: PMRA - A method of software project risk assessment, proc of. 1st Polish Research Conference on Software Project Risk, Szczecin, Poland, 2005 (in Polish)

  3. Miler J.: A Service-Oriented Approach to the Identification of IT Risk, proc. of 1st IEEE International Conference on Technologies for Homeland Security and Safety TEHOSS’2005, Gdansk, Poland, 2005
    Download PDF (93 kB)

  4. Miler J., Gorski J.: Identifying Software Project Risks with the Process Model, proc. of 17th International Conference "Software & Systems Engineering and their Applications", Paris, France, 2004
    Download PDF (123 kB)

  5. Miler J., Gorski J.: Risk-driven Software Process Improvement - a Case Study, proc. of EuroSPI'2004 European Software Process Improvement Conference, Trondheim, Norway, 2004
    Download PDF (116 kB)

  6. Miler J., Gorski J.: Risk Identification Patterns for Software Projects, Foundations of Computing and Decision Sciences, Special Issue on Software Engineering, vol. 29, No.1-2, 2004, also published in Polish in proc. of 5th National Conference on Software Engineering, Szklarska Poreba, Poland, WNT, 2003
    Download PDF (153 kB)

  7. Miler J., Gorski J.: An Environment Supporting Risk Management in Software Projects, 1st National Conference on Information Technologies, Gdansk, Poland, 2003 (in Polish)

  8. Miler J., Gorski J.: Supporting Team Risk Management in Software Procurement and Development Projects, 4th National Conference on Software Engineering, Poznan, Poland, Nakom, 2002
    Download PDF (195 kB)

  9. Gorski J., Miler J.: Providing for continuous risk management in distributed software projects, 9th International Multi-Conference on Advanced Computer Systems, Miedzyzdroje, Poland, Kluwer Academic Publishers, 2002

  10. Gorski J., Miler J.: Towards an integrated environment for risk management in distributed software projects, 7th European Conference on Software Quality, Helsinki, Finland, 2002
    Download PDF (245 kB)

  11. Miler J., Gorski J.: Implementing risk management in software projects, 3rd National Conference on Software Engineering, Otwock, Poland, 2001
    Download PDF (161 kB)

  12. Miler J., Gorski J.: Software support for collaborative risk management, 8th International Conference on Advanced Computer Systems, Mielno, Poland, Kluwer Academic Publishers, 2001
    Download PDF (208 kB)