Software Risk List

Posted on December 25, 2010 by


Steve McConnell, famous Borland and Microsoft developer and author of the renowned “Code Complete (1993)” and “Rapid System Development (1996)”, captured the following risks for software development in his “Rapid System Development”, page 86.  Though this list is 15 years old, I still use it as a starting point (not much has changed, has it?).

  1. Feature Creep (some say “sprint”)
  2. Requirement or developer gold plating
  3. Short changed quality
  4. Overly optimistic schedules
  5. Inadequate design
  6. Silver bullet syndrome
  7. Research oriented development
  8. Weak personnel
  9. Contractor failure
  10. Friction between developers and customers

Sample risk lists exist across industry and, as shared in Risk Types in Auditing , reuse, recycle and pull from those lists as a starting point.  An existing list is a wonderful way to work with a group in a brainstorming session – use those as a starting point and ask the non threatening question “what’s missing?”.