Software Risk Management Process Improvement Experience in Enterprise Projects Kurumsal Projelerde Yazilim Risk Yonetimi Surec Iyileştirme Deneyimi

Arikan S. M. , Yurekten Ö.

14th Turkish National Software Engineering Symposium, UYMS 2020, İstanbul, Turkey, 7 - 09 October 2020 identifier

  • Publication Type: Conference Paper / Full Text
  • Volume:
  • Doi Number: 10.1109/uyms50627.2020.9247026
  • City: İstanbul
  • Country: Turkey
  • Middle East Technical University Affiliated: No


© 2020 IEEE.Software projects that are growing and getting more complex require more effective risk management for project success. Continuous improvement of risk management process can be achieved by utilizing emerging technologies, standards and experiences. In the scope of this study, risk management process improvement activities are implemented and maintained for a year within a sampled set of software development projects carried out by the TÜBITAK-BILGEM Cyber Security Institute. Our achievements, at the end of those activities, include the integration of risk management process with software development life cycle tools, a constantly visible risk treatment plan, while ensuring a proactive risk management approach. In addition, we setup an infrastructure to increase the involvement of stakeholders into the risk management process. The risk management process, which was improved as a result of this study, was implemented in other cyber security projects within TÜBITAK-BIILGEM Cyber Security Institute. In this study, we share our experiences during the adaptation of the process, preparation of management plan and establishment of infrastructure.