Project Risk Management
Added on 2023-04-07
15 Pages3514 Words419 Views
Data Science and Big Data
|
|
|
qwertyuiopasdfghjklzxcvbnmqw
ertyuiopasdfghjklzxcvbnmqwert
yuiopasdfghjklzxcvbnmqwertyui
opasdfghjklzxcvbnmqwertyuiop
asdfghjklzxcvbnmqwertyuiopasd
fghjklzxcvbnmqwertyuiopasdfgh
jklzxcvbnmqwertyuiopasdfghjkl
zxcvbnmqwertyuiopasdfghjklzxc
vbnmqwertyuiopasdfghjklzxcvb
nmqwertyuiopasdfghjklzxcvbnm
qwertyuiopasdfghjklzxcvbnmqw
ertyuiopasdfghjklzxcvbnmqwert
yuiopasdfghjklzxcvbnmqwertyui
opasdfghjklzxcvbnmqwertyuiop
asdfghjklzxcvbnmqwertyuiopasd
fghjklzxcvbnmqwertyuiopasdfgh
jklzxcvbnmrtyuiopasdfghjklzxcv
Project Risk Management
Healthcare Application
3/18/2019
ertyuiopasdfghjklzxcvbnmqwert
yuiopasdfghjklzxcvbnmqwertyui
opasdfghjklzxcvbnmqwertyuiop
asdfghjklzxcvbnmqwertyuiopasd
fghjklzxcvbnmqwertyuiopasdfgh
jklzxcvbnmqwertyuiopasdfghjkl
zxcvbnmqwertyuiopasdfghjklzxc
vbnmqwertyuiopasdfghjklzxcvb
nmqwertyuiopasdfghjklzxcvbnm
qwertyuiopasdfghjklzxcvbnmqw
ertyuiopasdfghjklzxcvbnmqwert
yuiopasdfghjklzxcvbnmqwertyui
opasdfghjklzxcvbnmqwertyuiop
asdfghjklzxcvbnmqwertyuiopasd
fghjklzxcvbnmqwertyuiopasdfgh
jklzxcvbnmrtyuiopasdfghjklzxcv
Project Risk Management
Healthcare Application
3/18/2019
Project Risk Management
Table of Contents
Introduction...........................................................................................................................................2
Project Background...........................................................................................................................2
Risk Identification.................................................................................................................................2
Risk Event.........................................................................................................................................2
Key Causes........................................................................................................................................3
Qualitative Risk Analysis......................................................................................................................4
Consequence Table............................................................................................................................4
Likelihood Table...............................................................................................................................4
Likelihood Consequence Table.........................................................................................................5
Consequence & Probability Explanation & Justification...................................................................5
Risk Treatment......................................................................................................................................6
Possible Treatments...........................................................................................................................6
Residual Risk.....................................................................................................................................7
Secondary Risk..................................................................................................................................8
Risk Register.........................................................................................................................................8
Reflection............................................................................................................................................11
Critical Analysis..............................................................................................................................11
References...........................................................................................................................................13
1
Table of Contents
Introduction...........................................................................................................................................2
Project Background...........................................................................................................................2
Risk Identification.................................................................................................................................2
Risk Event.........................................................................................................................................2
Key Causes........................................................................................................................................3
Qualitative Risk Analysis......................................................................................................................4
Consequence Table............................................................................................................................4
Likelihood Table...............................................................................................................................4
Likelihood Consequence Table.........................................................................................................5
Consequence & Probability Explanation & Justification...................................................................5
Risk Treatment......................................................................................................................................6
Possible Treatments...........................................................................................................................6
Residual Risk.....................................................................................................................................7
Secondary Risk..................................................................................................................................8
Risk Register.........................................................................................................................................8
Reflection............................................................................................................................................11
Critical Analysis..............................................................................................................................11
References...........................................................................................................................................13
1
Project Risk Management
Introduction
The risk management is one of the significant areas under project management. A risk is
defined as an event that may have an impact on the project progress, operations, and its
elements and the nature of the impacts may be positive or negative. The occurrence of the
risks during the project timeline may alter the determined levels of scope, costs, and schedule
that may impact the client satisfaction levels as well. There are also various other possible
implications of these risks and it is, therefore, essential that the management of the risks is
done adequately. The risk management is also included as one of the significant areas under a
majority of the project management methodologies. The report covers the risk management
for one of the projects.
Project Background
The project is an ongoing project which involves the development of a mobile application for
the employees of the healthcare firm. The mobile application is to be developed for the
Android and iOS platforms and it will include the main modules as user login, patient data
records, data analysis, medical reports, and information sharing. It will allow the doctors and
nursing staff to keep a track of the patient data and analyse the same to determine patterns for
enhanced medical diagnosis and reporting. Information sharing will also be possible between
the medical professionals and the patients through the application.
Risk Identification
Risk Event
There will be various risks that may be involved in the project. One such risk event that may
appear during the project timeline is the emergence of information security threats and
attacks. The mobile application that is being developed for the healthcare care will be done in
three major environments as development environment, test environment, and production
environment. The application developers and the testing team members will perform the
development and testing activities in the first two environments. The production environment
will include user acceptance testing processes along with the deployment activities. The risk
event that is included may take place in the production environment of the project. This is
because the development and test environments will involve the dummy data sets; however,
the real data and information will be used in the production environment of the project. These
2
Introduction
The risk management is one of the significant areas under project management. A risk is
defined as an event that may have an impact on the project progress, operations, and its
elements and the nature of the impacts may be positive or negative. The occurrence of the
risks during the project timeline may alter the determined levels of scope, costs, and schedule
that may impact the client satisfaction levels as well. There are also various other possible
implications of these risks and it is, therefore, essential that the management of the risks is
done adequately. The risk management is also included as one of the significant areas under a
majority of the project management methodologies. The report covers the risk management
for one of the projects.
Project Background
The project is an ongoing project which involves the development of a mobile application for
the employees of the healthcare firm. The mobile application is to be developed for the
Android and iOS platforms and it will include the main modules as user login, patient data
records, data analysis, medical reports, and information sharing. It will allow the doctors and
nursing staff to keep a track of the patient data and analyse the same to determine patterns for
enhanced medical diagnosis and reporting. Information sharing will also be possible between
the medical professionals and the patients through the application.
Risk Identification
Risk Event
There will be various risks that may be involved in the project. One such risk event that may
appear during the project timeline is the emergence of information security threats and
attacks. The mobile application that is being developed for the healthcare care will be done in
three major environments as development environment, test environment, and production
environment. The application developers and the testing team members will perform the
development and testing activities in the first two environments. The production environment
will include user acceptance testing processes along with the deployment activities. The risk
event that is included may take place in the production environment of the project. This is
because the development and test environments will involve the dummy data sets; however,
the real data and information will be used in the production environment of the project. These
2
Project Risk Management
data sets will be exposed to the information security risks and attacks (Deursen, Buchanan
and Duff 2013).
The healthcare information is one of the most critical pieces of data and the security attacks
on these data sets can have severe implications. The data in the production environment will
have an enhanced attack surface and attack window. This is because the application will not
be fully implemented and the exposure of the data sets to the unauthorized entities may be
done with ease. The first form of information security attack that may occur in this risk event
is malware threats and attacks (Bahtiyar 2016). These are the attacks in which the malicious
codes and software may be used to impact the information privacy, confidentiality, and
availability. These may be carried out on the production data sets through files and the
application modules. The employees developing the mobile application will also be provided
with the grants and permissions of the production data. The competitors of the healthcare
firm may influence these employees and gain access to these data sets. These will be the
insider threats and may have severe implications on the data properties (Probst 2011).
The primary users of the mobile application will be the patients and the medical
professionals. Some of these users will be provided with the beta version of the mobile
application. The users may not be aware of the functionalities initially and may carry out the
operations resulting in improper handling of the data sets. The networks will be the important
element in the mobile application and the network testing will also be necessary. The use of
the production data over the networks during the testing phase may result in the breaching
and loss of the data sets. There may also be issues of the denial of services attacks conducted
by the malicious entities (Bertino 2015).
Key Causes
The primary cause behind the occurrence of the risk event described above is the lack of
technical and logical security controls before the final implementation of the mobile
application. This may result in the enhanced attack surface and attack window providing the
malicious entities with the opportunity to easily carry out the risk. The security threat agents
in this case may involve the users, application modules, or the networks being used in the
application for the purpose of testing and implementation (Green 2015).
The second cause that may be involved may be the users carrying out the user acceptance
testing processes. Some of these users may be provided with the production data sets. The
users may not be aware of the security practices and measures and may carry out certain
3
data sets will be exposed to the information security risks and attacks (Deursen, Buchanan
and Duff 2013).
The healthcare information is one of the most critical pieces of data and the security attacks
on these data sets can have severe implications. The data in the production environment will
have an enhanced attack surface and attack window. This is because the application will not
be fully implemented and the exposure of the data sets to the unauthorized entities may be
done with ease. The first form of information security attack that may occur in this risk event
is malware threats and attacks (Bahtiyar 2016). These are the attacks in which the malicious
codes and software may be used to impact the information privacy, confidentiality, and
availability. These may be carried out on the production data sets through files and the
application modules. The employees developing the mobile application will also be provided
with the grants and permissions of the production data. The competitors of the healthcare
firm may influence these employees and gain access to these data sets. These will be the
insider threats and may have severe implications on the data properties (Probst 2011).
The primary users of the mobile application will be the patients and the medical
professionals. Some of these users will be provided with the beta version of the mobile
application. The users may not be aware of the functionalities initially and may carry out the
operations resulting in improper handling of the data sets. The networks will be the important
element in the mobile application and the network testing will also be necessary. The use of
the production data over the networks during the testing phase may result in the breaching
and loss of the data sets. There may also be issues of the denial of services attacks conducted
by the malicious entities (Bertino 2015).
Key Causes
The primary cause behind the occurrence of the risk event described above is the lack of
technical and logical security controls before the final implementation of the mobile
application. This may result in the enhanced attack surface and attack window providing the
malicious entities with the opportunity to easily carry out the risk. The security threat agents
in this case may involve the users, application modules, or the networks being used in the
application for the purpose of testing and implementation (Green 2015).
The second cause that may be involved may be the users carrying out the user acceptance
testing processes. Some of these users may be provided with the production data sets. The
users may not be aware of the security practices and measures and may carry out certain
3
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Project Management Principleslg...
|8
|2514
|303
Project Management Techniqueslg...
|17
|4146
|262
Literature Review on Testing Methodslg...
|9
|2294
|482
Migration Plan for E-Business: Electronic Healthcare Applicationlg...
|14
|4224
|362
Research Proposal on Information Security Governance in the Financial & Banking Sectorlg...
|5
|798
|374
IT Write-up: Data Models, DBMS Functions, Business Rules, and Relational Data Modelslg...
|8
|2015
|125