software engineering collection 2

Pataasin ang iyong marka sa homework at exams ngayon gamit ang Quizwiz!

Which of the following common risks are associated with the risk associated with the availability and quality of the tools to be used to build the product. A) Product size B) Business impact C) Customer characteristics D) Process Definition E) Development environment F) Technology to be built G) Staff size and experience

E) Development environment

Product

A software system that is provided to a client.

Defect testing

A successful test exposes a defect

Validation testing

A successful test shows the system operates as intended

Methodology

A system of practices, techniques, procedures, and rules used by those who work in a discipline.

Task Network

A task network (activity network) is a graphical representation of task flow for a project. Used to help set up task sequence and dependencies.

Desk checking

A testing technique in which the program code is sequentially executed manually by the reviewer, done by the programmer

Object-orientated design (5)

Defining the context and uses of the system, designing system architecture, identifying principle objects, developing design models and specifying object interfaces

Software project management

Deliver software on time, subject to budget, of adequate quality and in accordance to requirements

This consensus method uses a panel of experts familiar with the kind of project in question and uses anonymous estimate questionnaires to reach a decision

Delphi Method

Deployment plan

Describes how the software and associated hardware will be deployed in the customer's environment. This should include a plan for migrating data from existing systems.

Validation plan

Describes the approach, resources and schedule used for system validation

Configuration management plan

Describes the configuration management procedures and structures to be used.

Quality plan

Describes the quality procedures and standards that will be used in a project

Business model

Description of how the client does business

Inception design

Design the architecture

Object-orientated design

Designing software with an object-orientated framework

Quality planning

Desired product qualities and how they may be assessed

Testing types

Desk-checking Unit testing Integration testing Product testing Acceptance testing

Requirements workflow

Determine client needs, constraints

Program Evaluation and Review Technique (PERT) and Critical Path Method (CPM)

Determine the critical path (chain of tasks that determine project duration) Establish time estimates for tasks by statistic modeling Calculate boundary times that establish a time window for a particular task

Inception phase

Determines whether it is worthwhile to develop the software product

Financial Health

Developers in financial difficulty may lower their price to gain a contract. it is better to make smaller than normal profit or break even than to go out of business. Cash flow is more important than profit in difficult economic times.

Host-target development

Developing software for computers other than what it was developed on

Classical maintenance

Development before installation, post-delivery maintenance after installation.

Stages of testing (3)

Development testing, release testing and user testing

Software Engineering

Discipline aiming to produce fault-free software. Ideally on time, on budget, easy to modify and maintain, and meeting the client's needs.

A risk item checklist would contain known and predictable risks from which of these categories? A) Product size B) Development environment C) Staff size D) Process definition E) All of the above

E) All of the above

Which factors affect the probable consequences likely if a risk does occur? A) Risk cost B) Risk timing C) Risk scope D) Risk resources E) Both b and c

E) Both b and c

Risk management is a cyclical process that involves: 1) Ide___ 2) Ana___ 3) Pl___ 4) Tra___ 5) Con___

Identify, Analyze, Plan, Track, Control

The slides tell us that a risk is a potential problem that "might happen" and "might not". Regardless of the outcome, it is a really good idea to: 1) Ide_?_ it. 2) Assess the Pr_?_ of its occurrence 3) Estimate its Im_?_ 4) Establish a Co_?_ Pl_?_ should it occur

Identify, Probability, Impact, Contingency Plan

Algorithmic cost modeling

In this approach, a formulaic approach is used to compute the project effort based on estimates of product attributes, such as size, and process characteristics, such as experience of staff involved.

Phases of the unified process

Inception Elaboration Construction Transition

Extreme programming practices (5)

Incremental, small releases, simple design, test-first development and refactoring

Techniques of requirements gathering (4)

Individual interviews, focus groups, scenarios and ethnographic studies

Waterfall weaknesses (1)

Inflexible

Software capability maturity levels

Initial Repeatable Defined Managed Optimizing

Inception phase deliverables

Initial domain Initial business model Initial requirements Preliminary analysis Initial risks list Initial use cases Plan for elaboration phase Initial business case

Construction deliverables

Initial user manual Completed architecture updated risks SPMP

Misuse cases (4)

Interception, interruption, modification and fabrication threats

Refactoring

Making improvements to a program to slow down its degradation, preventative maintenance

Configuration management

Managing a changing software, version tracking etc

Configuration management

Managing changing software systems

Requirements management

Managing the changing requirements during development

What are the cons of plan driven development?

Many early decisions have to be revised because of changes to the environment in which the software is to be developed and used.

The slides describe two major reasons why Risk Analysis and Management are so important. They are because: 1) Sof_?_ is a difficult undertaking 2) Lots of things can go wr_?_ and many often do

Software, Wrong

Incremental development model

Specification, development and validation are interleaved. May be plan driven or agile.

Commercial of-the-shelf software (COTS)

Software that is purchased and is immediately ready for implementation; developed to suit a wide range of users and needs.

Baseline

Specifies what components are in the version of a particular system

Managed maturity

The organization sets goals, takes measurements, and tries to improve.

Client

The person or group that requests the project

front end" activities 40-50%

customer communication analysis design review and modification

control risk

deal with each risk by implementing its defined control plan and tracking the plan to completion

as the difficulty of the work decreases the expected improvement _______________________

decreases and the improvement ratio that is used becomes greater

Escalation

defines the circumstances and triggers for bringing as risk to the attention of others in the chain of command

Scope

defines the focus, range, an extent of risk management efforts and helps to drive risk management roles and responsibilities

emergency response plan

describes the actions to be taken in the event of a natural disaster, emergency evacuation, terrorist attack, or any other incident that disrupts the normal work pattern (tell employees what to do)

plan for risk control

determine an approach for addressing each risk; produce a plan for implementing the approach

User acceptance testing

determine if the system satisfies the user and business requirements, with actual data, done by SQA and client

Defining Task Sets

determine type of project assess the degree of rigor required identify adaptation criteria select appropriate software engineering tasks

Schedule Tracking2

determine whether formal project milestones (the diamonds shown in Figure 27.3) have been accomplished by the scheduled date. compare actual start-date to planned start-date for each project task listed in the resource table (Figure 27.4).

COCOMO 2 takes into account....................

different approaches to software development, reuse, etc.

these costs are clearly chargeable to a specific work package

direct costs

these costs represent real cash outflows and must be paid as the project progresses

direct costs

what are the types of costs associated with a project

direct labor costs direct project overhead costs general and administrative overhead costs

examples of this cost include salary of the PM and temporary rental space for the project team

direct project overhead costs

these costs can be tied to project deliverables or work packages, examples include the salary of the PM and temporary rental space

direct project overhead costs

Measures

done to ensure risk management practices are meeting it objectives

what does a learning curve tell management

each time the ouput quantity doubles, the unit labor hours are reduced at a constant rate

Plan-driven development is based on........

engineering project management techniques

resource shortages, whether in the form of people, equipment, or materials, can extend original estimates is an example of which reason to refine estimates

normal conditions do not apply

Mitigation Planning occurs when...

occurs after analysis of probability, risk, and speed of onset.

insurance

protection against possible financial loss

risk statement

provides a unique, succinct, and meaningful descriptor of a risk

Communication

provides guidance for conveying risk information to collaborators, partners, subcontractors, suppliers, customers, and other stakeholders

Risk evaluation

provides measures for analyzing probability impact, and risk exposure

design flaws are revealed after the fact, extreme weather conditions occur, accidents happen is an example of which reason to refine estimates

things go wrong on projects

Design flaws being revealed after the fact, extreme weather conditions, and accidents occurring are examples of:

things going wrong on a project

medical payments coverage

this pays the costs of minor accidental injuries to visitors on your property

what is the collection and archival of data on past project estimates and actuals

time and cost databases

estimates made by top managers who have very little knowledge of component activities used to complete the project

top-down estimates

usually derived from someone who uses experience and or information to determine the project duration and total cost

top-down estimates

assess risk

transform the concerns people have into distinct, tangible risks that are explicitly documented and analyzed

known unknowns

uncertainties that we know exist but we don't know much about their probability or impact

testing and installation 30-40

unit, integration white-box, black box regression

Worksheet

updates can include new fields, additional names of participating groups and individuals, changes in criteria

Which guideline allows for a better chance of being reasonable and realistic when several people with relevant experience and or knowledge of the task are used.

use several people to estimate

Democratic team

Group of egoless programmers working together

Software development

Where software is designed and programmed

Software evolution

Where software is modified as needs/requirements change

Domain

Where the product will be used

The slides list seven questions that help to identify the risks due to the customer. List them. 1) Have you Wo_?_ with the customer in the past? 2) Has the customer agreed to spend Ti_?_ with you? 3) Does the customer have a solid idea of Req_?_ 4) Is the customer willing to participate in Rev_?_ 5) Is the customer willing to let your Peo_?_ do their job? 6) Is the customer Tec_?_ sophisticated? 7) Does the customer understand the So_?_ En_?_ process?

Worked, Time, Requirements, Review, People, Technically, Software Engineering

Implementation workflow

Write the code to fulfill design workflow plans

Is testing expensive?

Yes, testing can make up to 40% of total costs

pure risk

a category of risk in which loss is the only possible outcome

condition

a circumstance with the potential to produce loss; a condition has no effect on performance absent the occurrence of the event

premium

a fee for insurance

potential event

a future occurrence that may or may not happen

assigned risk pool

a group of people who cannot get motor vehicle insurance who are assigned to each insurance company operating in the state

Risk exposure

a measure fo the magnitude of a risk based on current values of probability and impact, usually expressed qualitatively using a range of values, matrix used to derive this from the individual values of probability and impact

Work package estimates should be based on what kind of conditions

normal

Feature creep

A series of small, insignificant requests for additions to the requirements

Model

A set of UML diagrams that describe one or more aspects of a software product

Planning activities

At the start End of analysis Throughout the project

Team development

Hardware is getting better and cheaper, so software is getting more and more complex.

Chief programmer

Highly skilled, completely in charge and responsible for everything

What are project plan supplements?

- Configuration management plan - Deployment plan - Maintenance plan - Quality plan - Validation plan

Programming secretary

Highly skilled, maintains product library (versions, test data, etc)

Risk Identification

-Either by team or manager's experience -checklist is used: Technology People Organizational Tools Requirements Estimation

Test case

Id, title, conditions, steps and expected results

Use case

Identifies the actor in an interaction and the interaction itself

What are the planning stages?

1- proposal planning. 2- Project startup planning. 3- Development planning (Periodically throughout the project).

What are the 4 success criteria for project mngmt?

1. On time 2. On budget 3. Meet customer expectations 4. Satisfied team

Operational risk assessment

Life cycle risk, but also with environmental considerations

5 Management Activities

1. Project Planning 2. Reporting 3. Risk Management 4. People Management 5. Proposal Writing

3 Types of Risk

1. Project risk - affects the schedule/resources 2. Product risk - affects the quality/performance 3. Business risk - affects the org developing/procuring

Configuration management (2)

Losing track of changes and losing track of versions

Following FSOFT RADIO, who is responsible for reviewing estimation? A. Project QA Leader B. Project member C. Senior Manager D. Operation Manager

A

RUP benefits (2)

Lots of tools and focus on product quality

List 4 attributes of good software

Maintainability, dependability/security, efficiency and acceptability

Largest Cost in IT

Maintenance costs

When is the project plan created? what is its use?

At the start of a project, is used to communicate how the work will be done to the project team and customers, and to help assess progress on the project.

The Create WBS process identifies the deliverables at the____________________ level in the Work Breakdown Structure (WBS). A. Medium B. Average C. Lowest D. Highest

C

Adaptive maintenance

Changes to the system to make it work with environmental changes or new ways of doing things

Software change

Changing software to meet changing needs

When does a company need to underprice a system?

- A company may underprice a system to gain access to a new market area. - In order to gain a contract that allows them to retain staff for future opportunities.

Integration and configuration benefits (3)

Cheaper, less risky and faster to create

Abraham Maslow's need hierarchy

*bottom to top* 1. Physiological - food, sleep, sex, water, breathing, homoeostasis, excretion 2. Safety - security of: body, employment, family, morality, family, health, resources 3. Love/belonging - friendship, family, sexual intimacy 4. Esteem - self-esteem, achievement, confidence, respect of others, respect by others 5. Self-actualization - morality, creativity, spontaneity, problem-solving, lack of prejudice, acceptance of facts

What are the agiles planning stages?

- Release planning - Iteration planning

Proposal stage

- When you are bidding for a contract to develop or provide a software system. - planning may be necessary with only outline software requirements.

Development planning

- When you modify your plan in the light of experience gained and information from monitoring the progress of the work. - The project should be regularly amended as the project progresses and you know more about the software and its development.

In project activities, each activity has.....

- a duration in calendar days or months, - an effort estimate, which shows the number of person-days or person-months to complete the work, - a deadline by which the activity should be complete, - a defined end-point, which might be a document, the holding of a review meeting, the successful execution of all tests, etc.

What are the pricing strategies?

- under pricing - increased pricing

Project startup planning

- when you have to plan: 1- Who will work on the project 2- How the project will be broken down into increments. 3- How resources will be allocated across your company. - At this stage, you know more about the system requirements but do not have design or implementation information. - Create a plan with enough detail to make decisions about the project budget and staffing.

Managing People

-Job of the manager -people=most important asset of a company -poor people management=>Project failure

Risk Monitoring

-Regularly assessing the risks to decide if it is become less or more probable -Assess if effect of risk has changed

Group composition for an effective group?

-balance of all types of people -difficult to obtain as software developers are usually task-oriented -very imp to have interaction-oriented people in the group to detect and defuse tension

Characteristics of an informal group

-decisions are made by the group as a whole -group leader->external interface of the group -tasks are taken up by members depending on experience and ability -successful when all members are experienced and competent

Quality culture (3)

Check code, never add code that causes failures and fix problems as you see them

How to select the group members?

-group should be cohesive and organized properly -right mix of people with technical knowledge and personalities

What are the types of estimation techniques?

1 - Experience-based techniques 2- Algorithmic cost modeling

What does project planning involve?

1- Breaking down the work into parts. 2- Assign these to project team members. 3- Anticipate problems that might arise and prepare tentative solutions to those problems.

What are the scheduling problems?

1- Estimating the difficulty of problems and hence the cost of developing a solution is hard. 2- Productivity is not proportional to the number of people working on a task. 3- Adding people to a late project makes it later because of communication overheads. 4-The unexpected always happens. Always allow contingency in planning.

What are the factors affecting software pricing?

1- contractual terms 2- cost estimate uncertainty 3- financial health 4- market opportunity 5- requirements volatility

What are the project scheduling activities?

1- split project into tasks and estimate time and resources to complete each task 2- Organize tasks concurrently to make optimal use of workforce. 3- Minimize task dependencies to avoid delays caused by one task waiting for another to complete. 4- Dependent on project managers intuition and experience.

3 Types of motivation

1. Basic needs (food, sleep etc) 2. Personal needs (respect, self-esteem etc) 3. Social needs (feel accepted by the team)

Characteristics of a good group?

1. Cohesive 2. has team spirit

4 critical factors in people's management

1. Consistency in fairly treating individuals 2. Respect 3. Inclusion 4. Honesty

Extreme programming

1. Develop stories the client would like to support 2. Estimate cost of each 3. Client determines which to develop using cost-benefit analysis 4. Build is broken into tasks 5. Select tests for each task 6. Programmers work in pairs, alternating typing / watching every 15 to 20 minutes 7. Partners are rotated daily

4 advantages of cohesive group

1. Group quality stds are developed 2. Team members learn from each other 3. Knowledge is shared 4. Refactoring and continual improvement (fixing the code irrespective of who created it first)

5 Factors affecting Effectiveness and Efficiency of group communication

1. Group size: small>large 2. Group structure: informal>hierarchical 3. Group composition: different personalities, mixed>single sex 4. Physical work environment 5. Availability of communication channels

Strengths of iteration and incremntation

1. Multiple opportunities for checking correctness 2. Opportunity to determine robustness of architecture early 3. Mitigate risks early 4. Working version of the software at each increment 5. Empirical evidence that the life cycle is effective

Synchronize and stabilize

1. Pull requirements 2. Write spec 3. Divide work into three or four builds 4. Carry out each build with small teams 5. Synchronize at the end of the day 6. Stabilize at the end of each build

Classical Life-cycle aka Waterfall model

1. Requirements 2. Analysis 3. Design 4. Implementation 5. Post-delivery maintenance 6. Retirement

4 Activities of risk management process

1. Risk identification 2. Risk analysis 3. Risk planning 4. Risk monitoring

3 factors affecting group work

1. Selection: select diverse mix of people 2. Organization: organize the group optimally 3. Communication: good communication

How to provide satisfaction to employees?

1. Social -provide communal facilities -allow informal communication (social n/w) 2. Esteem -recognize achievements -appropriate rewards 3. Self Realization -training -responsibility

3 Unique distinctions about software management

1. Software is intangible- Manager cannot see the progress just by looking at the artefact being developed 2. Software products are one-off - experienced managers can also not anticipate problems 3. Software development process is variable and is company specific- cannot reliably predict when a s/w may cause development problems

Motivation should take into account personality types also. What are these?

1. Task-oriented - motivation for work is work itself 2. Self-oriented - motivation for work is achieving individual goals 3. Interaction-oriented - motivation for work is presence and actions of co-workers

Group organization affects:

1. decisions made by the group 2. way information is exchanged b/w the group 3. interaction b/w the dev group and external stakeholders

Problems with group composed of people sharing same motivation

1. task-oriented: everyone wants to do their own thing 2. self-oriented: everyone wants to be the boss 3. interaction-oriented: too much chatting, no work

what is the preparation costs of top-down estimates

1/10 to 3/10 of a percent of total project cost

Risk Analysis Table

3 columns: 1. Risk 2. Probability- Very low, low, moderate, high, very high 3. Effect- Insignificant, Tolerable, Serious, Catastrophic

what is the preparation costs of bottom-up estimates

3/10 of a percent to 1% of total project costs

"Mr. Bao - Project Manger has 2 years experience in working with the customer and his project rank is C. The project QA says that Bao can approve the project estimation/schedule instead of the Delivery Head/SM. If you were Bao, what would you do?" A. Follow QA guideline and get approval for this tailoring B. Request Senior Manager to approve the estimation as normal C. Follow QA guideline and no need to do anything more D. None of the answer

A

"The key benefit of creating WBS is that ________________________ ." A. It provides a structured vision of what has to be delivered. B. It provides a set of conditions that is required to be met C. It provides type of requirements need to be collected D. It provides a change or deviation from the scope baseline

A

"The requirement traceability matrix helps to detect ________________________ ." A. The impact of any change or deviation from the scope baseline on the project objectives. B. Which type of requirements need to be collected for the project. C. The work that must be performed to complete one or two functions D. A set of conditions that is required to be met before deliverables are accepted

A

If resources are assigned to the tasks, what may the Project Manager cause when shortening the duration of tasks on the critical path? A. Resource over allocated on fixed-work tasks B. Nothing happens C. The finish date of the schedule occurs sooner D. None of the answer

A

If you use the bottom-up method, what risk may you face? A. Omit some important activities in the list of tasks B. No risk C. The accuracy of estimation is low D. None of the answer

A

In Guideline_Use Case Points Estimation, what does UUCP stand for? A. Unadjusted use case points B. Unplanned use case points C. Undefined use case points D. None of them

A

Prototyping is a method of obtaining early feedback on requirements by________________________. A. Providing a working model of the expected product before actually building it B. Providing a working model of the expected product after actually building it C. Providing a picture of the expected product before testing it D. Providing a picture of the expected product after testing it

A

Requirements can be grouped into some classifications, one of them is project requirements. What does project requirements describe? A. The actions, processes, or other conditions the project needs to meet B. The behaviors of product, data, interactions with product C. The temporary capabilities, data conversion & training requirements D. The higher-level need of organization as a whole

A

What is Acceptance criteria? A. A set of conditions that is required to be met before deliverables are accepted B. A set of risks that is required to be included in project deliverables C. A set of issues that is required to be detected in project execution D. A set of bugs that is required to be found in products

A

What is the definition of critical dependencies? A. Work products/work interfaces provided by project interfaces and have significant effect on the project B. Those elements that affect the scheduling of an item C. Both A&B are correct D. Both A& B are not correct

A

What is the key advantage of the bottom-up approach? A. It does not require explicit size estimates for the software B. It requires a list of project tasks C. Both A &B are correct D. Both A & B are not correct

A

Which is a TRUE statement? A. Software estimation should be utilized throughout the life cycle of a project B. Software estimation shouldn't be changed throughout the life cycle of a project C. Software estimation should only be implemented at the beginning of the project D. None of the answer

A

Which of the following are NOT Function Types used in the FP Analysis Technique ? A. Internal Inquiries B. External Inquiries C. Logical Internal Files D. External Interface Files

A

Which schedule compression technique often results in increased costs, and may increase risk, trades time for money? A. Crashing B. Fast-tracking C. Resource Modeling D. Schedule Compression

A

You are collecting requirements for your project. What will you obtain from Project Charter? A. The high-level description of the product, service, or result of the project so that detailed requirements can be developed. B. The detailed description of the product, service, or result of the project C. The impact of any change or deviation from the scope baseline on objectives. D. The work that must be performed to complete one or two functions

A

________________________ identified with the project scope statement list & describe the specific internal or external restrictions or limitations associated with the project scope, the effect, the execution of the project. A. Constraints B. Assumptions C. Dependencies D. Requirements

A

____________________________technique involves taking critical path activities that were originally planned in a series & doing them instead in parallel for some or all of their duration. A. Fast-tracking B. Crashing C. Resource Modeling D. Schedule Compression

A

Activity model

A behavioral model to show what happens to the system as a response to stimulus

Contractual terms

A customer may be willing to allow the developer to retain the ownership of the source code and reuse it in other projects. The price charged may then be less than if the software source code is handed over to the customer.

Market opportunity

A development organization may quote a low price because it wishes to move into a new segment of the software market. Accepting a low profit on one project may give the organization the opportunity to make a greater profit later. The experience gained may also help it develop new products.

Regression fault

A fault inadvertently introduced into one part of a product as a consequence of making an apparently unrelated change to another part of the product.

Quality reviews

A group of people who examine part or all of the software and it's documentation, review everything

Miller's law

A human can only concentrate on seven chunks of information at once.

Codeline

A sequence of source code versions, each deriving itself from an earlier version

Software risk impact assessment should focus on the consequences affecting: A) Planning, resources, cost, schedule B) Marketability, cost, personnel C) Business, technology, process D) Performance, support, cost, schedule

A) Planning, resources, cost, schedule

Which of the following common risk are associated with the overall size of the software to be built or modified. A) Product size B) Business impact C) Customer characteristics D) Process Definition E) Development environment F) Technology to be built G) Staff size and experience

A) Product size

Reasons why estimating time and cost are important include all of the following except:

A) To schedule work B) To determine how long the project should take and cost C) To develop cash flow needs D) To determine how well the project is progressing E) All of the above are valid reasons E) all of the above

Which of the following is not one of the recommended guidelines for developing useful work package estimates?

A)Estimates should be made by those responsible for the work B) Use several people to estimate the same work C) Estimates should be based on normal conditions D) Estimates should include a normal level of contingency E) Estimates should be independent of other projects D) estimates should include a normal level of contingency

Initial maturity

Ad hoc, responsive to crisis

Traceability

All artifacts must trace back to a requirement artifact

Technical milestone: OO analysis completed

All classes and the class hierarchy have been defined and reviewed. Class attributes and operations associated with a class have been defined and reviewed. Class relationships (Chapter 8) have been established and reviewed. A behavioral model (Chapter 8) has been created and reviewed. Reusable classes have been noted.

User testing (3)

Alpha, beta and acceptance testing

Verification

Check software meets it's stated requirements

Scrum

An agile method focusing on managing iterative development, where teams are cross-functional

Object-oriented paradigm

An approach to programming that focuses on the manipulation of objects rather than on the generation of procedure-based code.

What is plan-driven or plan-based development?

An approach to software engineering where the development process is planned in detail. Plan-driven development is the traditional way of managing large software development projects.

Validation

Checks software matches the customers expectations

User

An individual who will be interacting with a completed software product

Developer

An individual who writes code and creates the software product

Business case

Analysis of whether the product will be cost-effective, on-time, and what risks might be involved . Can include cost-benefit analysis or revenue projections

Analysis workflow

Analyze and refine requirements, create UML diagrams, SPMP

Analysis phase

Analyze requirements Draw up formal spec Draw up the SPMP

System stakeholder

Anyone who is affected by the system

Product standards

Applies to all aspects of software, including documentation

Process standards

Applies to processes

Design Phase

Architectural design Break down into components Detailed design

Creating secure software (3)

Architectural design, good practice and design for deployment

Change management

Assessing proposed changes and deciding if they are worth implementing or not

Security risk assessment (4)

Asset identification, asset value assessment, exposure assessment and threat identification

Risk planning (3)

Avoidance, minimization and contingency methods

"If the team is decomposing work packages into the activities required to produce them, they are in ____________________ ." A. Create WBS process B. Define Activities process C. Develop Schedule process D. Control Schedule process

B

"The requirement management plan provides ________________________ throughout the Collect Requirements process to define & document the stakeholder needs." A. The functions that will be analyzed B. The processes that will be used C. The features that will be managed D. The quality that will be met

B

"Which estimation method is the base of the Use Case Points Approach?" A. WBS method B. Functional Points method C. None of the answer D. Both A & B are correct

B

After calculating the size, cost, schedule and resources, what should the Project Manager conduct? A. Do nothing B. Do risk assessment C. Send estimation to reviewers D. None of the answer

B

At step "Weighting Environmental Factors" in the UCP estimation, what information should you consider? A. The technical complexity of the project B. The experience level of the people on the project C. Both A & B are correct D. Both A & B are not correct

B

Deliverables that meet the________________________ are formally signed off & approved by the customer or sponsor. A. Timeliness B. Acceptance criteria C. Budget Plan D. Traceability Matrix

B

How does the accuracy of the estimate change throughout the life cycle of a project? A. No change B. Increase C. Decrease D. None of the answer

B

Requirements include the quantified & documented needs & expectation of the____________________________ . A. Sponsor & project manager B. Sponsor, customer, and other stakeholders C. Vendors & sub-contractors D. PM, Developers & Testers

B

The WBS is a________________________ of the work to be executed by the project team and defines the total scope of the project. A. Vertical decomposition B. Hierarchical decomposition C. Horizontal decomposition D. Critical decomposition

B

The________________________ is sometimes viewed as including____________________________ . A. Product scope, project scope B. Project scope, product scope C. Project tools, project scope D. Project techniques, product scope

B

Which approach is used for the WBS estimation methods ? A. Top-down approach B. Bottom-up approach C. Expert judgement D. Alternative analysis

B

Which metric provides information on how well the size estimation is performed? A. Productivity B. Size deviation C. Effort Efficiency D. Effort Effectiveness

B

Which of the following tool/ technique will be used to define scope? A. Speaking & Talking B. Facilitated workshops C. Listening & Hearing D. Bookmarks

B

Which schedule compression technique often results in rework, usually increases risk, and requires more attention to communication? A. Crashing B. Fast-tracking C. Resource Modeling D. Schedule Compression

B

Which technique involves adding or adjusting resources in order to compress schedule while maintaining the original project scope? A. Fast-tracking B. Crashing C. Resource Modeling D. Schedule Compression

B

Who is responsible for making estimation? A. All Project members B. Project Manager C. Senior Manager D. Project Managers & Team Leaders

B

You are creating WBS for your project. Which of the following organizational process asset could influence on your WBS? A. Lessons learned from holidays B. Lessons learned from previous projects C. Lessons learned from drinking beer D. Lessons learned from writing a book

B

You are managing project in coding phase & customer ask to add some changes in GUI of website homepage. When implementing & managing the actual changes, you also manage their integration with the other control processes. What are you doing? A. Validate scope B. Control scope C. Define scope D. Check scope

B

Which of the following common risk are associated with the constraints imposed by management or the marketplace. A) Product size B) Business impact C) Customer characteristics D) Process Definition E) Development environment F) Technology to be built G) Staff size and experience

B) Business impact

Risk tables are sorted by: A) Probability and cost B) Probability and impact C) Probability and size D) Probability and exposure

B) Probability and impact

Three major categories of risks are: A) Business risks, personnel risks, budget risks B) Project risks, technical risks, business risks C) Planning risks, technical risks, personnel risks D) Management risks, technical risks, design risks

B) Project risks, technical risks, business risks

........... are the most commonly used representation for project schedules.

Bar charts

Repeatable maturity

Basic management, measurements are taken, problems addressed as they arise

Why is project management needed?

Because a project is subject to budget and schedule constraint set by org developing the software

Iteration and incrementation model

Beginning with the most important features of a system, then gradually adding in less important features with each iteration.

Software standards benefits (3)

Best practice, framework for defining quality and continuity

The slides list 8 questions that help to identify risks due to staff/people risk. List them. 1) Are the Be_?_ people available? 2) Does staff have the R_?_ skills? 3) Are enough Pe_?_ available? 4) Are staff Com_?_ for entire duration? 5) Will some people work Pa_?_ time? 6) Do staff have the right Exp_?_ 7) Have staff received necessary Tra_?_ 8) Will Tu_?_ among staff be low?

Best, Right, People, Committed, Part, Expectations, Training, Turnover

What influence the price charged?

Broader organisational, economic, political and business considerations influence the price charged.

"Choose the right order for the following activities in the software estimation process: 1. Estimate schedule 2. Estimate size 3. Estimate resources 4. Estimate cost and effort" A. 1-2-3-4 B. 2-1-4-3 C. 2-4-1-3 D. 2-4-3-1

C

"In project context, the term Scope can refer to ________________________ ." A. Product scope only B. Project scope only C. Product scope & Project scope D. Project tools & techniques

C

"Organization's culture________________________ the Plan Scope Management process." A. Can overlap B. Can not overlap C. Can influence D. Can not influence

C

"The scope management plan can be ________________________ ." A. Formal only B. Informal only C. Formal or informal D. Excel only

C

"What should be the appropriate level to do the Use Case Point estimation ?" A. Summary goal level B. Sub-function level C. User goal level D. Activity level

C

"You are determining, documenting & managing stakeholder needs & requirements to meet project objectives. What are you doing?" A. Analyze requirements B. Creating SRS C. Collect requirements D. Creating traceability matrix

C

A________________ can be used to group the activities where work is scheduled & estimated, monitored, and controlled. A. Behavior package B. Issue package C. Work package D. Resource package

C

Control Quality is generally performed____________________ Validate Scope. A. After B. Just one day after C. Before D. Just one day before

C

Early in the project, How large a variance between two estimates is acceptable? A. 10% B. 15% C. 20% D. 25%

C

Following FSOFT RADIO, who is responsible for estimation approval? A. Project QA Leader B. Project Manager C. Senior Manager D. Operation Manager

C

How long will this project take? (Image_Time1.jpg)" A. 15 B. 16 C. 17 D. 19

C

How many person-hours per UCP does the UCP method suggest to use for a project estimate? A. 10 person-hours per UCP B. 15 person-hours per UCP C. 20 person-hours per UCP D. 25 person-hours per UCP

C

If the data source to refer is not available at estimation time, what should the Project Manager do? A. The Project manager can base the estimation on industry standards or suggestions from an experienced person B. Get approval from FSU Delivery Head before applying data that does not exist in PCB C. Both A & B are correct D. Both A & A are not correct

C

Requirement should be________________________ . A. Short & easy to guess B. Long & complex C. Measurable & testable D. Functional only

C

The Project Manager cannot use the standard method to estimate the Project size. What should the PM do? A. Record the instruction for size estimation and get approval by FSU Delivery Head B. Get approval for this tailoring C. Both A & B are correct D. No need to do anything

C

Verified deliverables are project deliverables that are completed & checked for____________________ through the Control Quality process A. Weakness B. Performance C. Correctness D. Timeliness

C

What are the types of project context factors? A. Project life cycle coverage factors B. Project specific assumption factors C. Both A & B are correct D. Both A & B are not correct

C

What is product scope? A. The quality objectives that characterize a product, service, or result B. The activities to implement project as a whole C. The features & functions that characterize a product, service, or result D. The work that must be performed to complete one function

C

What is the recommended size for a Work package at the bottom level of the WBS ? A. 10-15% of total effort B. 5-10% of total effort C. 0.5 - 2% of total effort D. Less than 0.5% of total effort

C

When the scope validation is performed by the project team & other stakeholders, which of the following technique could be used to reach a conclusion? A. Inspection B. SWOT Analysis C. Group Decision-Making D. Brainstorming

C

Which is additional activity involved in controlling the schedule? A. Inspect deliverables B. Review project Chapter C. Follow the change control process D. Q-up

C

Which of the following approach(s) could be used to create WBS structure? A. Top-down approach only B. Bottom-up approach only C. Top-down & Bottom-up approach D. Top-up & Bottom-down approach

C

Which of the following common risk are associated with the sophistication of the customer and the developer's ability to communicate with the customer in a timely manner A) Product size B) Business impact C) Customer characteristics D) Process Definition E) Development environment F) Technology to be built G) Staff size and experience

C) Customer characteristics

Hazard analysis focuses on the identification and assessment of potential hazards that can cause: A) Project termination B) Schedule slippage C) External problems D) Entire system to fail

C) External problems

Risk projection attempts to rate each risk in two ways: A) Likelihood and size B) Likelihood and probability C) Likelihood and impact D) Likelihood and mitigation

C) Likelihood and impact

Software risk always involves two characteristics: A) Fire fighting and crisis management B) Known and unknown risks C) Uncertainty and loss D) Staffing and budget

C) Uncertainty and loss

The slide lists 2 questions that help to identify risks due to development environment. List them. 1) Are Ca_?_ To_?_ used for analysis, design, and testing? 2) Are the tools Int_?_ with one another

CASE Tools, Integrated

COSO vs ISO 31000

COSO is more compliance oriented and maximizes owners'/shareholders' equity, ISO 31000 is more proactive and applicable to a broader range of orgs and maximizes across a range of org stakeholders

COCOMO stands for............

COnstructive COst MOdeling

Configuration management (4)

Change management, version management, system building and release management

Software evolution process (5)

Change requests, impact analysis, planning, implementation and release

Adaptive maintenance

Change the product to adapt to changes in the environment. May change spec

Perfective maintenance

Changes made to a system to add new features or to improve performance.

Perfective Maintenance

Changes that will improve the product — enhancements & upgrades. Changes spec

Waterfall model weaknesses

Client cant understand spec docs, so finished product might not meet needs

Egoless programming

Code belongs to the team, and members are encouraged to find faults

Benefits of TDD (4)

Code coverage, regression testing, simplified debugging and system documentation

Implementation Phase

Coding Unit testing Integration Acceptance testing Deploy to production environment

Requirements specification

Collating requirements into a requirements document

Define software project management

Collection of activities that ensure the project is delivered on time, on schedule and meet the requirements of the organizations developing and procuring the software

Team issues

Communication challenges Interpersonal problems Implementation inconsistencies

Factors of release planning (4)

Competition, marketing requirements, platform changes and technical quality of the system

Elaboration phase deliverables

Completed domain model Completed business model Completed requirements Competed analysis Updated architecture Updated risks SPMP Completed business case

System building

Completing an executable system

Release components (5)

Configuration files, data files, installation program, documentation and packaging

Refactoring

Constant code improvement

Non-functional requirements

Constraints on a system being developed. Such as the system having a short response time

Domain requirements

Constraints on the system from the domain of operation

Leham's laws (4)

Continuing change, increasing complexity, large program evolution and organizational stability

Optimizing maturity

Continuous process development. Statistics used, and process is better every time

Post-Delivery Maintenance

Corrective maintenance Perfective maintenance Adaptive Maintenance

C___. Which of the four major risk components would be the degree of uncertainty that the project budget will be maintained.

Cost

___. The Risk Exposure = P x c. C is the _?_ to the project should a risk occur

Cost

Model-driven engineering

Creating models, rather than software, programs are then generated from the models

Security engineering

Creating more secure systems

Rapid prototyping

Creating working models that are equivalent to some small part of the product.

Agile principles (5)

Customer involvement, incremental delivery, people not process, embracing changes and maintaining simplicity

Challenges in requirements gathering (4)

Customers don't know what they want, requirements change and customers don't clearly portray their requirements

"Effort to control schedule when the project is using a change-driven approach such as Agile includes ____________________ ." A. Quality Up activities B. Critical Chain C. Create WBS D. Identifying & managing changes as they arise

D

"Expert Judgment technique in Plan scope management process refer to input received from ________________________ ." A. Younger members of project B. Older members in project C. Unprofessional parties D. Knowledgeable & experienced parties

D

"How long will this project take? (Image_Time2.jpg)" A. 17 B. 16 C. 15 D. 14

D

"Which one is NOT included in a Software Estimation Record?" A. Estimation method used B. Size C. Risk of the estimation D. Resource assignments

D

Control scope is the process of monitoring the status of the project & product scope and managing changes to____________________________ . A. Risk baseline B. Schedule baseline C. Booking baseline D. Scope baseline

D

Project A has scope: DDD, Coding, Unit test. The Project Manager did the estimation version 1.0 in the Planning phase. When should the Project Manager re-estimate? A. Once design is completed B. Once code is completed C. Once change requests are received D. All of the answers

D

Project team may attend________________________ to develop the scope management plan. A. Review SRS B. Review Design C. Review Test case D. Project meetings

D

The completed deliverables that have not been formally accepted may require________________________ for defect repair. A. A formal risk B. A formal letter C. A bug list D. A change request

D

The scope management plan helps reduce the risk of________________________ . A. Project time creep B. Project cost creep C. Project quality creep D. Project scope creep

D

Well-documented requirements make it easier to detect any____________________ agreed for the project or product. A. Deviation in the process B. Deviation in the time C. Deviation in the cost D. Deviation in the scope

D

What CANNOT be shown in a Network diagram? A. The Critical path B. The dependencies between activities C. The sequence of activities D. Who will perform the activities

D

What are infrastructure resources? A. Computer memory capacity B. Computer processor use C. Communications channel capacity D. All of the answers

D

What are the examples of time and date constraints? A. Activity cannot take longer than a certain amount of time B. Activity must start/end by a certain date C. Activity must/cannot take place on certain days or dates or during certain times D. All of the answers

D

What information does a software estimation record have? A. Estimation method used B. Size C. Resource D. All of the answers

D

What is the purpose of estimation validation? A. To ensure that assumptions made for the estimate are accurate B. To ensure that methods used to develop the estimate were appropriate C. To ensure all risks have been identified D. All of the answers

D

What methods can you use when you estimate the infrastructure resource? A. Historical experience B. Simulations C. Prototyping D. All of the answers

D

An effective risk management plan will need to address which of the following issues? A) Risk avoidance B) Risk monitoring C) Contingency planning D) All of the above

D) All of the above

Which of the following common risk are associated with the software process has been defined and is followed by the development organization. A) Product size B) Business impact C) Customer characteristics D) Process Definition E) Development environment F) Technology to be built G) Staff size and experience

D) Process definition

Software specification?

Define the software to be produced and the constraints

Questions that should be asked to assess the overall project risk include: A) Have top managers formally committed to support the project? B) Are end-users committed to the project and proposed system being built? C) Are requirements fully understood by development team and customers? D) Does the proposed budget have time allocated for marketing? E) a, b and c

E) a, b and c

Increments

Each increment is a small version of the waterfall life cycle

Technical milestone: OO programming completed

Each new class has been implemented in code from the design model. Extracted classes (from a reuse library) have been implemented. Prototype or increment has been built.

What are the pros of plan-driven development?

Early planning allows organizational issues to be closely taken into account, and that potential problems and dependencies are discovered before the project starts.

Benefits of information hiding

Easier to maintain (changes only needed in one place) Development is more intuitive More independent components are more reusable

Code-and-fix strengths

Easy Generates code quickly

Test workflow

Ensure correctness of all artifacts

Transition phase

Ensure needs are met

Inception testing

Ensure the requirements are correct

The slides list 5 questions that help to identify risks due to process definition and maturity. List them. 1) Have you Est_?_ a common process framework? 2) Is it followed by Pr_?_ teams? 3) Do you have a management Su_?_ for Software Engineering? 4) Do you conduct formal Te_?_ Reviews? 5) Have document For_?_ been established?

Established, Project, Support, Technical, Formats

Requirements engineering

Establishing customer requirements and the constraints of the system

What does project pricing involve?

Estimating how much the software will cost to develop, taking factor such as staff cost, hardware costs, software costs into account.

Types of software change (3)

Evolution, servicing and phase-out

Software inspections

Examining the system to discover defects

Inception analysis

Extract information needed to design architecture

(T/F) Generic risks require far more attention than product-specific risks

F

(T/F) Proactive risk management is sometimes described as fire fighting.

F

(T/F) Risk monitoring involves watching the risk indicators defined for the project and not determining the effectiveness of the risk mitigation steps themselves.

F

Which of the following common risk are associated with the complexity of the system to be built and the "newness" of the technology that is packaged by the system. A) Product size B) Business impact C) Customer characteristics D) Process Definition E) Development environment F) Technology to be built G) Staff size and experience

F) Technology to be built

Fault

Failure

Types of maintenance (3)

Fault repairs, environmental adaption and functionality addition

Design workflow

Figure out how the product will fulfill refined requirements. Keep detailed records of all decisions

Transition deliverables

Final versions of all artifacts Final versions of all manuals

Requirements Phase

Find the client requirements Understand what the user needs

Corrective maintenance

Fix faults

3 types of group organization

For: 1. small projects - informal 2. large projects - hierarchical 3. agile projects - informal

Software quality management (3)

Framework, processes and planning

Defined maturity

Fully documented, continually improving, reviews are used and CASE environments used

Which of the following common risks are associated with the overall technical and project experience of the software engineers who will do the work. A) Product size B) Business impact C) Customer characteristics D) Process Definition E) Development environment F) Technology to be built G) Staff size and experience

G) Staff size and experience

Focus groups

Getting people to think about and discuss an issue

UML

Go look it up bruh

Problems with the classical paradigm

Good for small systems Hard to maintain Deals with data or operation, but not both

Spiral model benefits (2)

Good risk management and good monitoring of project

Key determinant of group performance?

Group interaction

Cost estimate uncertainty

If an organization is unsure of its costs, it may increase its price by a contingency over and above its normal profit.

Requirements volatility

If the requirements are likely to change, an organization may lower its price to win a contract. After the contract is awarded, high prices can be charged for changes to the requirements.

Code-and-fix model

Implement the idea without requirements, specification or design

Change management (4)

Implementation analysis, cost analysis, modify software and test software

What is meant by group cohesiveness?

In a cohesive group, members consider the group to be more important than any individual in it.

Test-driven development (TDD)

Interleaving testing and code development. Testing code as it is written

Kaplan and Mike's categories of risk

Internal and Preventable. Strategy. External.

Individual interviews

Interviews with stakeholders

Standards development (2)

Involve practitioners and review regularly

What is project scheduling?

Is the process of deciding how the work in a project will be organized as separate tasks, and when and how these tasks will be executed.

Backup programmer

Just as good as chief, plans tests and other things independent of design

Version management

Keeping track of different versions of software components, also ensuring non-conflicting modifications

The slides list seven attributes that affect the risk due to product size. List them. 1) Estimated size of the product in L_?_ or FP 2) Estimated size of product in number of Pro_?_ files, transactions 3) Percentage Dev_?_ in size of product from average for previous producs 4) Size of Dat_?_ created or used by the product 5) Number of Us?_ of the product 6) Number of projected Ch_?_ to the requirements for the product 7) Amount of Reu_?_ software

LOC, Programs, Deviation, Database, Users, Changes, Reused

Validation

Meeting customer expectations

Verification

Meeting requirements

Spiral model

Minimize risks by the repeated use of prototypes and other means

Interaction models

Modeling user interactions of a system

Software maintenance

Modifying a program after it has been put into use

Software Depression

Most software is late, wrong, faulty, or over-budget.

What is motivation balance? How does it change?

Motivation is made up of many elements. It is balanced based on these elements. Factors that change the balance: 1. Personal circumstance 2. External events 3. being a part of group or culture

What does motivation mean?

Motivation means to organise work and work environment in a way that it encourages people to work more efficiently

Strengths of iterative and incremental model

Multiple opportunities to check Checks the architecture early Mitigates risks early Working version at every increment Empirical evidence its effective

Distributed VM

Multiple versions of the same repository

Caveats to the object-oriented paradigm

Must be implemented well in order to be effective Best approach we have now, but it is likely to be replaced by a better paradigm in the future.

CM planning (4)

Naming scheme, responsibilities, policies and tools

Reasons for software change (3)

New requirements, errors and a changing business environment

The slides list 9 questions that help to identify risks due to technology risks. List them. 1) Is the technology Ne_?_ to your organization? 2) Are new Alg_?_ I/O technology required? 3) Is new or unproven Har_?_ involved? 4) Is a specified user Int_?_ required? 5) Is the application Rad_?_ different? 6) Are you using new So_?_ En_?_ methods? 7) Are you using Unc_?_ software development methods? 8) Are there significant Per_?_ constraints? 9) Is there doubt the functionality requested is Do_?_

New, Algorithms, Hardware, Interface, Radically, Software Engineering, Unconventional, Performance, Do-able

Inception implementation

No programming, but sometimes there is a proof-of-concept prototype

Is it possible to assemble an ideal team? Why?

No! Constraints on team selection: 1. budget does not allow highly paid staff 2. people with appropriate experience not available 3. org may want to develop employee skills on a s/w project

Can a group be created flexibly?

No! The flexibility in group composition is LIMITED! Manager works with the best he can with available people.

Idealized software development

Nothing - Requirements - Analysis - Design - Implementation

Ethnography

Observing others to gather requirements

Software inspection vs. software testing

One is static, the other is dynamic

Centralized VM

One master repository

Software requirements document

Outlines what the system should do, not how to do it

Open source software

Software that is developed by usually-unpaid individuals on a volunteer basis, where the source code is visible and it is provided free of cost.

Per___. Which of the four major risk components would be the degree of uncertainty that the product will meet its requirements and be fit for its intended use.

Performance

Waterfall model

Plan-driven, distinct phases

Agile processes

Planning is incremental

Project management activities (3)

Planning, risk management and people management

Protection (3)

Platform-level, application-level and record-level protections

Maintenance plan

Predicts the maintenance requirements, costs and effort.

Security risk management (3)

Preliminary, life cycle and operational risk assessments

In _?_ (Proactive/Reactive) Risk Management, a formal risk analysis is performed.

Proactive

In _?_ (Proactive/Reactive) Risk Management, the organization corrects the root causes of risk.

Proactive

___. The Risk Exposure = P x C. P is the _?_ of occurrence for a risk.

Probability

Incremental problems (2)

Process is not visible and system degrades as software becomes more complex

Plan-driven processes

Processes where everything is planned for in advance

Construction phase

Produce the operational-quality version of the software product

Non-functional classifications (3)

Product, organizational and external

Risk Analysis and Management should be done b everyone in the software process. The participant list for Risk Analysis and Management should include: 1) Pr____ Ma___ 2) So___ En___ 3) Sta___

Project Managers, Software Engineers, Stakeholders

Risk types (3)

Project risks, product risks and business risks

Which planning stage is the basis for project resource allocation?

Project startup planning.

Which planning stage should define project monitoring mechanisms?

Project startup planning.

Architectural design

Protecting assets and minimizing the effectiveness of attacks

Regression test

Provides evidence that we have not unintentionally changed something that we did not intend to change.

Incremental benefits (3)

Rapid, feedback and the cost of changing requirements is less

In _?_ (Proactive, Reactive) Risk Management is a fix on failure approach; resources are found and applied when the risk strikes.

Reactive

In _?_ (Proactive/Reactive) Risk Management, the project team reacts to risk when they occur

Reactive

In _?_ (Proactive/Reactive) Risk Management, the project team uses a mitigation plan; mitigation means to reduce or alleviate the intensity by adding additional resources in anticipation of fire fighting

Reactive

The slides describe two major strategies for Risk Management. They are: 1) Re_?_ Risk Management 2) Pr_?_ Risk Management

Reactive, Proactive

What does a project plan record?

Records: - The work to be done - Who will do it - The development schedule _ The work products

The first goal of software engineering

Reduce maintenance cost.

Elaboration phase

Refine initial requirements, architecture, business case, risks, SPMP

Corrective Maintenance

Removing residual faults. Does not change functionality or spec.

Project management activities (2)

Reporting and proposal writing

Use case modelling

Represents a task that involves an external interaction with a system, actors can be people or other systems

Some risks (4)

Requirement change, people leaving, time underestimations and budget underestimations

Workflows of the unified process

Requirements Analysis Design Implementation Testing

Phases in waterfall (5)

Requirements analysis and definition, system design, implementation and unit testing, integration and system testing and operation and maintenance

Requirements engineering process (4)

Requirements elicitation, requirements analysis, requirements validation and requirements management

Requirements validation (2)

Requirements reviews and prototyping

Requirements verification

Requirements should be verifiable

Functional requirements

Requirements that describe the functionality of a system

Implementation issues (3)

Reuse, configuration management and host-target development

Reuse

Reusing of existing software

The slides list nine attributes that affect the risk due to business impact. List them. 1) Affect of this product on company Rev_?_ 2) Visibility of this product by Sen_?_ management 3) Feasonableness of Del_?_ deadline 4) Number of Cu_?_ who will use this product 5) Soph_?_ of end users 6) Amount and quality of product Doc_?_ that must be produced and delivered to the customer 7) Costs associated with La_?_ delivery 8) Gov_?_ constraints 9) Consts associated with a Def_?_ product

Revenue, Senior, Delivery, Customers, Sophistication, Documentation, Late, Government, Defective

Software reengineering

Rewriting a legacy system without changing it's functionality

A R_?_ is a potential problem that "might happen" and "might not". Regardless of the outcome, it is a really good idea to identify it.

Risk

Life Cycle risk assessment

Risk assessment taken place during as software is developed

Spiral model

Risk driven. Risks are outlined, analyzed and managed.

Risk management (4)

Risk identification, risk analysis, risk planning and risk monitoring

What is risk? What is risk management?

Risk is the probability that some adverse circumstance will occur. Risk management is a set of activities to lower the risk

-continuously assessing what could go wrong - determining which risks to address -implementing actions to addressing high-priority risks and bing those risks within tolerance

Risk management provides a disciplined environment for what three things?

Quality attributes (5)

Safety, security, reliability, reusability and efficiency

Sch___. Which of the four major risk components would be the degree of uncertainty that the project schedule will be maintained and that the product will be delivered on time.

Schedule

What should be revised at development planning stage?

Schedule, cost-estimate and risks have to be regularly revised.

The project scheduling process

See the figure in slide 21

Timeboxing

Setting a fixed amount of time to work on a task; do as much as possible in that window.

Stand-up meeting

Short, daily meeting where you discuss: 1. What have I done since yesterday 2. What am I doing today 3. What problems are in my way 4. What have we forgotten 5. What did I learn that I should share

Class diagrams

Shows classes and their associations

Sequence diagrams

Shows the sequence of interactions that take place

State model

Shows the system as nodes and events are arcs between nodes. As events occur, the system moves from one state to another.

Fault correction cost

Simple & easy in early phases, difficult as the product is developed

Open-source model

Single individual creates product, others join, it gets bigger

Weaknesses of iteration & incrementation

Slow Costly High likelihood of regression faults

Code-and-fix weaknesses

Slow Costly Likely to include regression faults

RUP weaknesses (2)

Slow and difficult to implement

SPMP

Software Project Management Plan

Software Crisis

Software is very often faulty, compared to other disciplines. Even when delivered, it is often late, over budget or not meeting requirements.

What are the fundamental software engineering activities? (4)

Software specification, software development, software validation and software evolution

User requirements

Statements of the services systems provide and its operational constraints, written for customers

Rational Unified Process (RUP)

Static and dynamic perspectives in a single diagram. Goal is on high quality products that the customer really wants.

Version control

Store and control different versions

Risk Planning

Strategies to manage risk. ARM 1. Avoidance 2. Reduction - minimization plans 3. Mitigation - contigency plans

Agile processes

Stresses communication, quickly satisfying client's needs.

System requirements

Structured document outlining the system

Program / system

Suite of software functionality / components that work together to fulfill one or more needs.

Sup___. Which of the four major risk components would be the degree of uncertainty that the resultant software will be easy to correct, adapt, and enhance

Support

Integration and configuration

System is assembled from existing components. May be plan-driven or agile

Integration and configuration weaknesses (2)

System may not meet all the needs and there is a loss of control from reused system elements

(T/F) A Risk Referent Level is a risk component value (performance, cost, support, schedule) or combination of values that cause a project to be terminated

T

(T/F) Individual team members can make their own estimate for a risk probability and then develop a consensus value

T

(T/F) The reason for refining risks is to break them into smaller units having different consequences

T

Spiral weaknesses (3)

Takes a long time. Basically lots of work and high costs.

The slides list seven fundamental risk management principles. List them. 1) Encourage Tea_?_ 2) Maintain a Gl_?_ perspective 3) Take a For_?_-Looking view 4) Encourage open Com_?_ 5) Int_?_ risk management 6) Emphasize a Con_?_ process 7) Develop a shared product Vis_?_

Teamwork, Global, Forward, Communication, Integrate, Continuous, Vision

Risks types (5)

Tech, people, organizational, requirements and estimation risks

Major risk categories

Technical risks Not getting requirements right Not getting architecture right

Release testing

Testing a particular release, mostly black-box and validation testing

Verification

Testing at the end of each phase

Validation

Testing before handing off to client

Scope of testing

Testing can show the presence of errors, but cannot prove the absence of errors

Development testing

Testing during development, primarily defect testing. Involves unit testing, system testing and component testing

User testing

Testing in the user's environment

What is the aim of proposal planning?

The aim is to provide information that will be used in setting a price for the system to customers.

Waterfall model

The classical model, but with added feedback during and after the project.

Technical milestone: OO testing

The correctness and completeness of OO analysis and design models has been reviewed. A class-responsibility-collaboration network (Chapter 6) has been developed and reviewed. Test cases are designed and class-level tests (Chapter 19) have been conducted for each class. Test cases are designed and cluster testing (Chapter 19) is completed and the classes are integrated. System level tests have been completed.

Experience-based techniques

The estimate of future effort requirements is based on the manager's experience of past projects and the application domain. Essentially, the manager makes an informed judgment of what the effort requirements are likely to be.

Information hiding

The implementation of attributes is not known from outside

Stepwise refinement

The process of breaking a problem down into progressively smaller pieces, then starting with the ones that are most important. Response to miller's law.

System modeling

The process of developing models of a system

Process and product quality

The quality of products is influence by the processes taken place

- describes how risk management activities are funded, managed, performed and evaluated - includes methods and tool specification included or referenced - objectives -scope -resoures - roles and responsibilities -sources of risk relevant criteria for assessing or measuring risks -decision-making criteria - a communication framework -schedule -effectiveness measures

The risk management plan does what?

Technical milestone: OO design completed

The set of subsystems (Chapter 9) has been defined and reviewed. Classes are allocated to subsystems and reviewed. Task allocation has been established and reviewed. Responsibilities and collaborations (Chapter 9) have been identified. Attributes and operations have been designed and reviewed. The communication model has been created and reviewed.

What if the pricing is less than the development costs?

The software functionality may be reduced accordingly with a view to extra functionality being added in a later release. Additional costs may be added as the requirements change and these may be priced at a higher level to make up the shortfall in the original price.

What are the sub models in COCOMO 2

The sub-models in COCOMO 2 are: Application composition model. Used when software is composed from existing parts. Early design model. Used when requirements are available but design has not yet started. Reuse model. Used to compute the effort of integrating reusable components. Post-architecture model. Used once the system architecture has been designed and more information about the system is available.

Requirements validation

Validating and verifying the requirements match what the customer wants and that they are consistent, complete at realistic

Why test

To ensure software meets its requirements and to discover faults or defects in the software

Release management

Tracking what versions are distributed to customers

Object-oriented paradigm

Treats data and operations together and equally. Uses information hiding

Inception phase, requirements workflow

Understand the domain, determine scope, build business model, business case

Risk Analysis and Management are a series of steps that help a software team to Und_?_ and Man_?_ uncertainty.

Understand, Manage

Development testing (3)

Unit testing, component testing and system testing

UML

Universal modelling language

Security management (3)

User permissions, software deployment and attack monitoring/recovery

When to use plan-driven (4)

User requirements are clear, the system is critical, stakeholders are not actively engaging and/or teams are globally distributed

User stories

User requirements expressed as stories or scenarios and broken down into implementation tasks

Scenario based requirements gathering

Using scenarios to gather requirements

Guidelines for safety (4)

Validate inputs, log actions, fail securely and avoid a single point of failure

Software validation

Where software is checked and tested

Product testing

Verified that systems work as intended, done by SQA

Classical paradigm

Waterfall method

COCOMO

Well-documented, 'independent' model which is not tied to a specific software vendor.

Procedures, worksheets, automated tools, databases

What are 4 methods assess or tools of Tailoring considerations?

- a condition that directly produces a loss or consequence - issues can lead to other risks

What are issues or problems with risk management?

accept, transfer, avoid, mitigate

What are the four steps for common control approaches for CRM?

Risk evaluation, Escalation, Risk Tolerance, Communication

What are the four types of Criteria in risk management?

probability, impact, risk exposure, timeframe

What are the four types of Risk measures

- prepare for risk management - perform risk management activities - sustain and improve risk management

What are the steps in the risk management framework?

- assess risk - plan for risk control - control risk

What are the steps involved in performing risk management activities?

- manage risk management assets and work products - evaluate effectiveness of risk management practice - implement improvements to risk management practice

What are the steps involved in sustaining and improving risk management?

the probability of realizing a gain

What is the opportunity presented when performing risk management?

Assess risk, plan for risk control, control risk

What is the process of risk management?

a condition that is driving an entity toward a desired outcome

What is the strengths of risk management?

- developing stakeholder sponsorship - developing risk management plan - tailor methods and tools - train personnel

What steps are involved in preparing for risk management?

When does a company need to increase the price of a system?

When a buyer wishes a fixed-price contract and so the seller increases the price to allow for unexpected risks.

Retirement

When a product is no longer used. (Usually replaced).

Modern maintenance

When software is modified, it is corrective maintenance (never mind deployment)

Scope creep

When the client requests additional changes, which slowly increase the size of the project without changing the spec.

Moving target problem

When the client requirements change as the product is being developed

Risk management

a systematic approach for minimizing exposure to potential losses

The cost to prepare bottom-up estimates will typically run how much more than the costs to prepare the top-down estimates?

about 3 times as much

How long should a task take?

about a week or two, tasks shouldn't be too small

The software is priced according to......

according to what the software developer believes the buyer is willing to pay.

mitigate

actions are implemented in attempt to reduce or contain a risk

endorsement

addition of coverage

personal property floater

additional property insurance that covers the damage or loss of a specific item of high value

Tolerance

amount of risk the organization can survive if an event occurs

Residual Risk

amount of uncertainty that remains after all possible management strategies have been exhausted.

risk control

an action taken to manage a risk

Systems analysis

an analysis to determine inputs, outputs, and changes in a system under various conditions

no-fault system

an arrangement whereby drivers who are involved in accidents collect money from their own insurance companies

key characteristic of an effective risk management program is identified in ISO 31000?

an effective risk management program fits the organization's own risk and control environment. It cannot be a standard or "boilerplate" program but must manage the organization's unique risks with realistic and appropriate controls.

objectives

an example set of risk management objectives helps that keeps to keep risk within in an acceptable tolerance over time, ensures timely management of each risk that is identified, execute risk management activities within defined cost objectives

A Control

any measure that modifies risk by decreasing the likelihood that a risk event will occur or the impact that the event would have on the organization.

hazard

anything that increases the likelihood of loss through peril

peril

anything that may possibly cause a loss

Which of the following top-down methods is used when projects closely follow past projects in features and costs and result in costs being assigned by percentages to major segments of the project?

apportion

which top down methd is used when projects closely follow past projects in features and costs. Estimates can be made quickly with little effort and reasonable accuracy

apportion methods

which top-down method uses authorization to pay contractors by completion of specific segments of a house. For example, foundation might represent 3%, framing 25%, electric 15% and so on

apportion methods

If-then statements

are good for events or circumstances that might occur at some point in the future and will have negative consequences if they do occur. Security risks are good examples as well as things like future budget cuts, possible schedule changes, and so on.

Condition-consequence statements

are good for risks which arise out of a current weak condition that could already be causing problems but will also possibly cause additional problems, which are documented as the potential consequences.

COSO defines risk

as having an adverse effect

ISO defines risk

as the effect of uncertainty on objectives

can serve as a check on cost elements in the WBS by rolling up the work packages and associated cost accounts to major deliverables

bottom up approach

provides the customer with an opportunity to compare the low-cost, efficient method approach with any imposed restrictions

bottom up approach

what is the intended use of bottom-up estimates

budgeting scheduling resource requirements fund timing

Bar charts are........

calendar-based

Procedures

can be adjusted based on roles and responsibilities, specific tools being used, ect.

Automated tools

can be customized base on the program's risk parameters

Risk sources

cases of risk that should be considered when risk is assessed, complied in lists and taxonomies

speculative risk

category of risk that results in an uncertain degree of gain or loss. All of these risks are made as conscious choices and are not just a result of uncontrollable circumstances

Database

changes can include new reports tailored data entry, screens and new interfaces to other system tools

changes often have to be made midstream to respond to new demands by the customer is an example of which reason to refine estimates

changes in project scope and plans

When to use agile (2)

clear commitment from customers and there are few constraints

construction activities 15-20%

coding and code generation

what is the best way to improve estimates

collect and archive data on past project estimates and actuals

what factors influence the level of detail in the WBS

complexity of the project need for control project size cost duration other factors

Top-down estimates are most likely to occur during the ______ phase.

concept

Schedule Tracking

conduct periodic project status meetings in which each team member reports progress and problems. evaluate the results of all reviews conducted throughout the software engineering process.

This method uses the pooled experience of senior and or middle managers to estimate the total project duration and costs

consensus method

what are the top down approaches for estimating project times and costs

consensus method ratio method apportion method function point method learning curves

work package estimates should not include allowances for_____________________

contingencies

ISO defines "risk management" as

coordinated activities to direct and control an org WRT risk

homeowner's insurance

coverage that provides protection for your residence and its associated financial risks

accept

if the risk occurs it will be handled as an issue or problem, no proactive action will be taken and the risk is closed with a rationale.

Risk tolerance

establishes the acceptable threshold for risk exposure

The process of forecasting or approximating the time and cost of completing project deliverables is called

estimating

appraised

evaluated for worth

known known

events that are to be expected and involve little uncertainty

what is the intended use of top-down estimates

feasibility/conceptual phase rough time/cost estimate fund requirements resource capacity planning

Sean is forecasting the time and cost of developing a customized software program by looking at the number of inputs, outputs, inquires, files, and interfaces. Which of the following methods is he using?

function point

the software industry frequently estimates using weighted macro varibles called________________________

function point methods

which top-down method uses major parameters such as number of inputs, number of outputs, number of inquiries, number of data files, and number of interfaces

funtion point methods

these costs are usually allocated as a percent of the total direct cost, or a percent of the total of a specific direct cost such as labor, materials, or equipment

general and administrative overhead costs

these costs represent organization costs that are not directly linked to a specific project

general and administrative overhead costs

People working on prototype development needing time to interact with the design engineers after the design is completed is an example of:

hidden interaction costs

Graphical notations are normally used to..........

illustrate the project schedule.

collision insurance

insurance that covers damage to your vehicle when it is involved in an accident

bodily injury liability

insurance that covers physical injuries caused by a vehicle accident for which you are responsible

uninsured motorist's protection

insurance that covers you and your family members if you are involved in an accident with an uninsured or hit-and-run driver

time and costs devoted to managing interactions rises exponentially as the number of people and different diciplines involved increases on a project reflects which reason to refine estimates

interaction costs are hidden in estimates

natural risk

involves storms and other acts of nature that are beyond one's ability to control

Earned Value Analysis (EVA)

is a measure of progress enables us to assess the "percent of completeness" of a project using quantitative analysis rather than rely on a gut feeling "provides accurate and reliable readings of performance from as early as 15 percent into the project." [Fle98]

Upside Risk

is an opportunity that arises out of uncertainty about outcomes

KRI

key risk indicator

Learning curves are more likely to apply in situations where most of the costs are

labor

what type of costs are considered direct labor costs

labor materials equipment

the pattern of improvement

learning curve

liability

legal responsibility for the financial cost of another person's loss or injuries

Is development or maintenance more expensive?

maintenance

what is the preferred approach in defining the project estimates

make rough top-down estimates, develop the WBS, make bottom-up estimates, develop schedules and budgets, and reconcile differences between top down and bottom up estimates

Assessing risk measures

measures of probability, impact, and risk exposure

Managers use the plan as a way of.........

measuring progress

Schedule Tracking3

meet informally with practitioners to obtain their subjective assessment of progress to date and problems on the horizon. use earned value analysis (Section 27.6) to assess progress quantitatively.

what is the usefulness of KRI?

metric that signals when risk exposure may be increasing

what is the accuracy of bottom-up estimates

minus 10% to plus 30%

The accuracy of top-down estimates will typically be in the range of

minus 20% to plus 60%

what is the accuracy of top-down estimates

minus 20% to plus 60%

property damage liability

motor vehicle insurance that applies when you damage the property of others

the tendency of people to overestimate how quickly they can get things done and underestimate how long it will take them to complete tasks is an example of which reason to refine estimates

overly optimistic

Janet is forecasting how much money her department needs to support a new project. She estimates that two people and $25,000 in expenses will cover her needs. Because management typically insists on reducing forecasts by 20 percent, she increases her estimates to allow for that reduction. Which of the following factors is illustrated in this situation?

padding estimates

which bottom-up approach uses cost per task to determine total cost of project

parametric procedures

The approach that begins with a top-down estimate for the project and then refines estimates as the project is implemented is known as ______ method

phase estimating

which bottom-up approach is used when an unusual amount of uncertainty surrounds a project and it is impractical to estimate times and costs for the entire project

phase estimating

which bottom-up approach uses a detailed estimate to develop estimates for the immediate phase and a macro estimate for the remaining phases of the project

phase estimating

which estimating approach is preferred by those working on projects where the final product is not known and the uncertainty is very large, for example, the integration of wireless phones and computers

phase estimating

estimates of current events are close to 100 percent accurate but are reduced for more distant events

planning horizon

what factors influence the quality of estimates

planning horizon project duration people project structure and organization padding estimates organization culture nonproject factors

Milestones are........................

points in the schedule against which you can assess progress, for example, the handover of the system for testing.

avoid

program activities are restructured to eliminate the possibility of a risk occurring

In agile planning, the decision on what to include in an increment depends on...............

progress and on the customer's priorities

COCOMO is an empirical model based on................

project experience

which bottom-up approach is popular in software and new product projects where up-front requirements are fuzzy and not well known

range estimating

which bottom-up approach uses three time estimates--low, average, and high to determine total project cost

range estimating

which bottom-up approach works best when work packages have significant uncertainty associated with the time or cost to complete

range estimating

Which top down method uses, for instance, the number of square feet to estimate the cost and time to build a house; that is a house of 2700 square feet might cost $160 per square foot.

ratio method

Vulnerability

refers to the degree of probability that a loss will occur.

mandatory

required

Which guideline allows persons most familiar with the task to use their experience and best judgemnt to develop useful work package estimates?

responsibility

what are the seven guidelines to develop useful work package estimates

responsibility use several people to estimate normal conditions time units independence contingencies adding risk assessment

ISO 31000

risk is the effect of uncertainty on objectives (positive + negative)

uncontrollable risk

risk that are beyond the ability of any person or company to change

unknown unknowns

risks that we don't know exist. (blindsiding events)

unknown knowns

risks we mistakenly think we understand

COCOMO estimation models

see the figure in slide 38

enterprise risk management (ERM) system, such as COSO ERM

sees risk as an integrated issue that must be managed across divisions and functions in an enterprise.

Typically, are software or hardware costs more expensive?

software

What are the advantages of software engineering? (2)

software development is cheaper and more reliable

What is software engineering?

software engineering is concerned with all aspects of software production

control approach

the strategy for addressing a risk, the risk method you use will specify which of these are applicable, should be shared with all relevant stakeholders as apporapriate

when project promoters underestimate the costs of projects and overestimate project benefits in order to win approval, like in public works projects, is an example of which reason to refine estimates

strategic misrepresentation

Project costs are typically viewed from all of the following except:

sunk

Managers use the plan to.............

support project decision making.

Activity networks show..........

task dependencies

which bottom-up approach uses the costs from past projects as a starting point for the new project

template

The bottom-up approach for estimating times and costs that uses costs from past projects that were similar to the current project is known as:

template method

what are the bottom-up approaches for estimating project times and costs

template method parametric procedures applied to specific tasks range estimating a hybrid phase estimating

Unit testing

test individual units or pieces of code for a system, done by SQA

In project scheduling, you need to estimate .......

the calendar time needed to complete each task, the effort required and who will work on the tasks that have been identified. you also need to estimate the resources needed to complete each task.

Risk sources

the cases of risk that should be considered when risk is assessed

risk

the chance of loss or injury

economic risk

the chance that macroeconomic conditions like exchange rates, government regulation, or political stability will affect an investment, usually in a foreign country

controllable risk

the chances of being able to reduce loss or risk all together

policy

the contract a person buys to join the risk-sharing group

Error

the difference between the accepted value and the experimental value

negligence

the failure to take ordinary or reasonable care to prevent accidents from happening

In agile planning, unlike plan-driven approaches..........

the functionality of the increments is not planned in advance but is decided during the development.

human risk

the group may incur losses due to drain or loss of personnel, deterioration of morale, inadequate development of human resources, inappropriate working schedule, inappropriate working and safety environment, inequality or inequity in human resource management or discriminatory conduct

Risk Equation

the level of risk equals the probability of occurrence multiplied by the magnitude of the impact of the risk event.

probability

the likelihood that an event will occur, usually expressed qualitatively using a range for values (three or five levels)

impact

the loss that occurs when a risk is realized

consequence

the loss that will occur when an event is realized

risk exposure

the magnitude of a risk based on current values of probability and impact

actual cash value

the payment you receive is based on the replacement cost of an item minus depreciation

replacement value

the payment you receive is the full cost of repairing or replacing an item

Impact

the possible effect on the organization

Risk

the probability of suffering harm or loss, a measure of the likelihood that an event will lead to a loss coupled with the magnitude fo the loss, requires the following conditions a potential loss, likelihood, choice

risk management

the process of identification, analysis, and acceptance or mitigation of uncertainty in investment decisions

transfer

the risk is shifted to another party

Bar charts show..............

the schedule as activities or resources against time.

deductible

the set amount that the policyholder must pay per loss on an insurance policy

Integration testing

verifies that separate systems can work together, done by SQA

when are top down methods useful

when experience and judgement have been accurate in the past

Iteration planning

which has a shorter term outlook, and focuses on planning the next increment of a system. This is typically 2-4 weeks of work for the team.

Release planning

which looks ahead for several months and decides on the features that should be included in a release of a system.

Deliverables are.........................

work products that are delivered to the customer, e.g. a requirements document for the system.

What should be taken into account when estimating software price?

you take into account: hardware, software, travel, training and effort costs.

effort validation

—be sure resources are available

compartmentalization

—define distinct tasks

defined outcomes

—each task must have an output

interdependency

—indicate task interrelationship

defined responsibilities

—people must be assigned

defined milestones

—review for quality


Kaugnay na mga set ng pag-aaral

Credit history and scores study guide

View Set

Finance 341, Chapter 5, Exam practice/ Study guide

View Set

新航道‧雅思真詞彙 - Level 1 (yet)

View Set

California Driver's Handbook Driving Rules

View Set

Psych Midterm Pre-Lecture Questions

View Set

Pth 201710 Baidu, 1111 Singles Day

View Set