CAST Ch 4 Flashcards
Process Risk
Process risk is the activities such as planning, resourcing, tracking, quality assurance, and configuration management.
Project risk
Includes operational organizational and contractual software development parameters.
Primarily a management responsibility.
Process risk
includes both management and technical work procedures
Product risk
Contains intermediate and final work product characteristics
Primarily a technical responsibility. Can be found in the requirements phase analysis and design phase code complexity and test specifications
Risk event
A future occurrence that may affect the project for better or worse
Risk exposure
The measure of that determines the probability of likelihood of the event times the loss that could occur
Risk management
The process required to identify, quantify, respond to, in control project, process, and product risk
Active risk
Risk that is deliberately taken on. For example, the choice developing new products that may not be successful in the marketplace.
Passive risk
The choice not to update an existing product to compete with others in the marketplace
Risk acceptance
The amount of risk exposure that is acceptable to the product and the company and could be either active or passive
Risk assessment
An examination of a project to identify areas of potential risk
Risk identification
And method used to find risk for them to come problems
Threat
Something capable of exporting a vulnerability in the security of a computer system or application
Vulnerability
A design, implementation, or operations flaw that may be exploited by a threat
