Issue No.05 - September/October (2010 vol.27)
pp: 65-73
Michel Benaroch , Syracuse University
The ability to price (monetize) software development risks can benefit various aspects of software development. Cost estimators predict project cost by adjusting a project's nominal cost on the basis of risk factors' (cost drivers') expected values, but the predicted cost is often inaccurate because risk factors' actual values normally deviate from expectations. Because variability is a widely used risk measure in finance, this risk-pricing method relates risk factor variability to project cost variability. The method estimates two parameters for each risk factor: extra cost incurred per unit exposure and project sensitivity. Several areas can benefit from the benchmark risk-pricing parameters obtained when applying this method with a cost estimator such as Cocomo.
risk management, economics, software development, risk factors, financial pricing, Cocomo, project sensitivity, extra cost per unit exposure
Michel Benaroch, "Financial Pricing of Software Development Risk Factors", IEEE Software, vol.27, no. 5, pp. 65-73, September/October 2010, doi:10.1109/MS.2010.28
1. B. Kitchenham and S. Linkman, "Estimates, Uncertainty, and Risk," IEEE Software, vol. 14, no. 3, 1997, pp. 69–74.
2. W. Han and S. Huang, "An Empirical Analysis of Risk Components and Performance on Software Projects," J. Systems and Software, vol. 80, no. 1, 2007, pp. 42–50.
3. K. Schwaber and M. Beedle, Agile Software Development with Scrum, Prentice Hall, 2001.
4. S. Biffl et al., eds., Value-Based Software Engineering, Springer, 2006.
5. B.W. Boehm et al., Software Cost Estimation with COCOMO II, Prentice Hall, 2000.
6. K. Maxwell, L. Wassenhove, and S. Dutta, "Software Development Productivity of European Space, Military, and Industrial Applications," IEEE Trans. Software Eng., vol. 22, no. 10, 1996, pp. 706–718.
7. E.J. Elton and M.J. Gruber, Modern Portfolio Theory and Investment Analysis, John Wiley & Sons, 1995.
8. Z. Xu et al., "Optimizing Software Process Based on Risk Assessment and Control," Proc. 5th Int'l Conf. Computer and Information Technology, IEEE CS Press, 2005, pp. 896–900.