tags:

views:

54

answers:

2
Q: 

Sources for Software as Risk Management

I'm looking for my own research for sources that look at software as a way to manage risk. I don't mean risk management for software development projects, I mean how working software can automate the management of risk.

My interest is more philosophical: how do people put software in action to practically get control over factors that otherwise would be uncontrollable in an automated way?

The analogy I like to use is that of the speed camera: it's a device that compels drivers to drive more slowly (until they're out of the range of the camera). Instead of manned controls speed cameras automate the deterrence for drivers. These cameras - where installed - reduce the need for preventive police interventions and thus are an effective way to bring down the risk of accidents on that location.

What I'm looking for specifically are books or websites that deal with this kind of research, and case studies of how software has actually succeeded in managing risk (or hasn't).

Thanks for any pointers. If I need to clarify this question please let me know.

A: 

You can look at a whole range of issues:

  • Software can prevent medical mishaps and prevent thousands of errors that happen each year. Microsoft has initiative called Microsoft Health Common User Interface (CUI), that provides User Interface Design Guidance and Toolkit controls that address a wide range of patient safety concerns for healthcare organizations worldwide.

  • Forensic Video Analysis, Facial recognition software, software that can map crime data, and other such softwares can help prevent crime.

  • Another item, that I could think of is green computing, and how it relates to global warming. VMWare and such companies produce virtualization software that can help with this.

There are many more such things, and I hope I touched on some of the things you were expecting.

CodeToGlory  2009-05-07 00:16:08
Thank you. One of the reasons I'm interested is this because I wonder if there's a ceiling to how much risk can effectively be managed by software, and at which point organizations have to realize it's more practical to simply their risk management assumptions than it is to really on imperfect software. In other words: how much can we rely on software without entertaining illusions about how well risk is being handled that do not correspond with reality. I'm thinking in terms of the financial crisis where more software and more complexity made the illusion mode convincing.
Steven Devijver  2009-05-07 00:23:11
I feel that we have not even made it to the outer rim in terms of innovation in these fields. There is lot more potential before we can start seeing their downside.
CodeToGlory  2009-05-07 00:36:39
A: 

You may be having trouble from a research standpoint because what you're asking is using overloaded terms.

One possibility is that you're thinking about managing risks, like to life and property, caused by software. if so, you should look at RISKS Digest.

Another one is that you're thinking in terms of financial risks, in which case you want to look into actuarial science. If it's that one, let me know as I know of some good groups for that stuff as well.

Yet another is that you're interested in software safety and that sort of thing, in which case you should look at Nancy Leveson's stuff.

Charlie Martin  2009-05-07 04:35:47
Thanks for pointing this out. I mean risk management in the broadest, most generic terms. So I'm a priori not really concerned about such or such risk.
Steven Devijver  2009-05-07 07:47:16

related questions

How relevant is to analyze a software project from the economic point of view in order to generate a risk management plan??
What other RM methodologies are well know besides FMEA??
Rails Modeling: Trying to sort out proper associations for Risk Assessment system
Development Environment in a VM against an isolated development/test network
Usage of open source libraries in high governance and risk-averse large organizations (banks, financials etc)
DVCS and data loss?
Risk Management
How can I provide feedback to my team about changes included in a build and their impact on risk?
Security risk when store private data.
Daily risk estimation for your team
How do you mitigate the inherent risk of a one-person team?
Branching hell, where is the risk vs productivity tipping point?
Test what you fly, fly what you test. [NASA Principle]
Risk Management Profile for Web Software Projects?
What is the difference between risk analysis and risk mitigation?
What are your risk management strategies?
What issues carry the highest risk in a software project?
Risk Management: Current & Future Development in Software Development
How does a good developer keep from creating code with a high bus hit factor?
What should be in a 'technical work plan' ?
DBO rights risk
Best language for safety-critical software
Is it worth mitigating security risks in every application