ABSTRACT
Risk identification telescopes into risk analysis; where one ends, the other begins. Well-conducted risk identification involves preliminary analysis and adds that much more value to risk data. There are two types of risk identification methods. The first type is generic, open-ended, and constitutes a search in internal and external environments. The second type is a search for risk within a tightly held context and focuses on risks related to delivery. At the center of risk discovery we have the mind-mapping process. The mind recognizes risk symptoms by mapping familiar symptoms to future trouble. Group thinking, with cross-fertilization of ideas, aided by brainstorming and mind mapping, is most useful in identifying unknown and hidden risks. Software Engineering Institute proposes a taxonomy-based questionnaire as a formal and structured way of identifying risks. Risks are viewed through windows of known risk types, making identification of risks faster and more economical.
