Enhancing Risk Analysis Using Software Development Impact Statements

Document Type

Conference Proceeding

Publication Date



Any software project goes through three distinct phases: an initial phase where the feasibility of the project is examined, a requirements phase that lays out the overall structure and function of the project, and a detailed phase that lays out the plans for building the software. Each of these phases has its peculiar risks. A narrow approach to risk analysis focusing on just the business stakeholders and understanding the scope of software project risks to include only schedules, budgets and functionality has contributed to significant software failures. A process called "Software Development Impact Statements" (SoDIS™) is presented which both expands the concept of software risk to include social, professional and ethical risks that lead to software failure, and extends the range of stakeholders considered in risk analysis.. Using a SoDIS risk analysis enlarges the project scope considered by software developers. The SoDIS process is incorporated into an a version of the spiral lifecycle model. A tool to develop impact statements is used to illustrate the SoDIS process.