Analysis of Risk Assessment Framework Using Agile Methodology and Computer-Aided Software Engineering Tools
DOI:
https://doi.org/10.24002/ijis.v8i2.12359Abstract
This research paper presents a risk assessment framework developed through the integration of the Scrum process with a Computer-Aided Software Engineering (CASE) tool, specifically Microsoft Excel. The framework aims to automate risk assessment processes, facilitating more accurate calculations of risk based on impact and probability using a matrix system. Initially, data is collected and recorded in the Risk Register, serving as the foundation for risk evaluation. The integration of the CASE tool enhances the efficiency and effectiveness of the process, allowing for real-time updates and tracking of risks. As updates occur within the Risk Register, a real-time dashboard is generated, providing stakeholders with an immediate overview of the risk landscape. The dashboard feature significantly improves decision making capabilities by presenting visual insights into risk levels and potential impacts on the projects. This dynamic monitoring tool is crucial for effective decision-making and timely responses to emerging risks. By leveraging agile methodologies design, this framework not only streamlines the risk management process but also ensures that relevant data is readily accessible to project teams. The findings from this research contribute to the fields of project management and software engineering by demonstrating the benefits of incorporating agile approaches with automated tools in risk assessment. The potential implications of this framework extend beyond individual projects, offering a model that can be adopted by various organizations seeking to enhance their risk management practices in a streamlined and efficient manner.
Keywords: Risk Assessment, Scrum, CASE Tool, Risk Register, Dashboard
References
[1] E. P. Wonohardjo, R. F. Sunaryo, and Y. Sudiyono, ‘A Systematic Review of SCRUM in Software Development’, JOIV : Int. J. Inform. Visualization, vol. 3, no. 2, pp. 108–112, Mar. 2019, doi: 10.30630/joiv.3.2.167.
[2] Thapelo Monageng, ‘Development using Scrum: A CASE Tool Approach’, vol. 13, no. 2, pp. 1542–1549, 2025.
[3] Emmanuel Chibuike Daraojimba, Chinedu Nnamdi Nwasike, Abimbola Oluwatoyin Adegbite, Chinedu Alex Ezeigweneme, and Joachim Osheyor Gidiagba, ‘COMPREHENSIVE REVIEW OF AGILE METHODOLOGIES IN PROJECT MANAGEMENT’, Comput. sci. IT res. j., vol. 5, no. 1, pp. 190–218, Jan. 2024, doi: 10.51594/csitrj.v5i1.717.
[4] Q. Meng, X. Qu, K. T. Yong, and Y. H. Wong, ‘QRA Model‐Based Risk Impact Analysis of Traffic Flow in Urban Road Tunnels’, Risk Analysis, vol. 31, no. 12, pp. 1872–1882, Dec. 2011, doi: 10.1111/j.1539-6924.2011.01624.x.
[5] K. Schwaber and J. Sutherland, The Scrum Guide The Definitive Guide to Scrum: The Rules of the Game. 2020. [Online]. Available: https://scrumguides.org/docs/scrumguide/v2020/2020-Scrum-Guide-US.pdf#zoom=100
[6] B. M. Esiefarienrhe and T. Monageng, ‘Critical success factors frameworks, and models for risk assessment of eGovernment projects: A systematic literature review’, J. Infras. Policy. Dev., vol. 8, no. 8, p. 4503, Aug. 2024, doi: 10.24294/jipd.v8i8.4503.
[7] S. Shafiee, Y. Wautelet, S. C. Friis, L. Lis, U. Harlou, and L. Hvam, ‘Evaluating the benefits of a computer-aided software engineering tool to develop and document product configuration systems’, Computers in Industry, vol. 128, p. 103432, Jun. 2021, doi: 10.1016/j.compind.2021.103432.
[8] S. Lopes, R. Gratão De Souza, A. Contessoto, A. Luiz De Oliveira, and R. Braga, ‘A Risk Management Framework for Scrum Projects’:, in Proceedings of the 23rd International Conference on Enterprise Information Systems, Online Streaming, --- Select a Country ---: SCITEPRESS - Science and Technology Publications, 2021, pp. 30–40. doi: 10.5220/0010448300300040.
[9] M. Limayem, M. Khalifa, and W. W. Chin, ‘CASE Tools Usage and Impact on System Development Performance’, Journal of Organizational Computing and Electronic Commerce, vol. 14, no. 3, pp. 153–174, Sep. 2004, doi: 10.1207/s15327744joce1403_01.
[10] S. Gupta et al., ‘Evaluating Waterfall vs. Agile Models in Software Development for Efficiency and Adaptability’, in Advances in Logistics, Operations, and Management Science, IGI Global, 2024, pp. 142–148. doi: 10.4018/979-8-3693-3318-1.ch008.
[11] A. Mishra and Y. I. Alzoubi, ‘Structured software development versus agile software development: a comparative analysis’, Int J Syst Assur Eng Manag, vol. 14, no. 4, pp. 1504–1522, Aug. 2023, doi: 10.1007/s13198-023-01958-5.
[12] A. Moran, Agile Risk Management. in SpringerBriefs in Computer Science. Cham: Springer International Publishing, 2014. doi: 10.1007/978-3-319-05008-9.
[13] J. Nyfjord and M. Kajko-Mattsson, ‘Commonalities in Risk Management and Agile Process Models’, in International Conference on Software Engineering Advances (ICSEA 2007), Cap Esterel, France: IEEE, Aug. 2007, pp. 18–18. doi: 10.1109/ICSEA.2007.22.
[14] M. Hammad, I. Inayat, and M. Zahid, ‘Risk Management in Agile Software Development: A Survey’, in 2019 International Conference on Frontiers of Information Technology (FIT), Islamabad, Pakistan: IEEE, Dec. 2019, pp. 162–1624. doi: 10.1109/FIT47737.2019.00039.
[15] A. Agrawal, Mohd. A. Atiq, and L. S. Maurya, ‘A Current Study on the Limitations of Agile Methods in Industry Using Secure Google Forms’, Procedia Computer Science, vol. 78, pp. 291–297, 2016, doi: 10.1016/j.procs.2016.02.056.
[16] B. Boehm, ‘Balancing Agility and Discipline: A Guide for the Perplexed’, in Software Engineering Research and Applications, vol. 3026, C. V. Ramamoorthy, R. Lee, and K. W. Lee, Eds., in Lecture Notes in Computer Science, vol. 3026. , Berlin, Heidelberg: Springer Berlin Heidelberg, 2004, pp. 1–1. doi: 10.1007/978-3-540-24675-6_1.
[17] M. H. Zahedi, A. Rabiei Kashanaki, and E. Farahani, ‘Risk management framework in Agile software development methodology’, IJECE, vol. 13, no. 4, p. 4379, Aug. 2023, doi: 10.11591/ijece.v13i4.pp4379-4387.
[18] O. M. Thom-Manuel, ‘Explicit Risk Management in Agile Software Projects: Its Relevance and Benefits’, AJRCoS, pp. 12–24, Aug. 2022, doi: 10.9734/ajrcos/2022/v14i330340.
[19] I. Sommerville, Software Engineering, 10th ed. Boston, MA: Pearson, 2016.
[20] G. Low and V. Leenanuraksa, ‘Software quality and CASE tools’, in STEP ’99. Proceedings Ninth International Workshop Software Technology and Engineering Practice, Pittsburgh, PA, USA: IEEE Comput. Soc, 1999, pp. 142–150. doi: 10.1109/STEP.1999.798787.
[21] G. Pascarella et al., ‘Risk Analysis in Healthcare Organizations: Methodological Framework and Critical Variables’, RMHP, vol. Volume 14, pp. 2897–2911, Jul. 2021, doi: 10.2147/RMHP.S309098.
[22] A. Vaezi, S. Jones, and A. Asgary, ‘Integrating Resilience into Risk Matrices: A Practical Approach to Risk Assessment with Empirical Analysis’, JRACR, vol. 13, no. 4, Jan. 2024, doi: 10.54560/jracr.v13i4.411.
[23] R. Khan, ‘The Role of Risk Management in Project Success: A Comprehensive Study of Project Management Practices’, TIJMG, vol. 11, no. 01, Feb. 2025, doi: 10.21522/TIJMG.2015.11.01.Art015.
[24] S. Moran, ‘How to Make Sure Your Design Is Reasonably Safe and Sustainable’, in An Applied Guide to Process and Plant Design, Elsevier, 2015, pp. 217–245. doi: 10.1016/B978-0-12-800242-1.00015-3.
[25] N. C. Bradley, T. Fritz, and R. Holmes, ‘Sources of software development task friction’, Empir Software Eng, vol. 27, no. 7, p. 175, Dec. 2022, doi: 10.1007/s10664-022-10187-6.
[26] H. Saeeda, M. O. Ahmad, and T. Gustavsson, ‘Challenges in Large-Scale Agile Software Development Projects’, in Proceedings of the 38th ACM/SIGAPP Symposium on Applied Computing, Tallinn Estonia: ACM, Mar. 2023, pp. 1030–1037. doi: 10.1145/3555776.3577662.
[27] A. Mihalache, ‘Project Management Tools for Agile Teams’, IE, vol. 21, no. 4/2017, pp. 85–93, Dec. 2017, doi: 10.12948/issn14531305/21.4.2017.07.
[28] S. Chaouch, A. Mejri, and S. A. Ghannouchi, ‘A framework for risk management in Scrum development process’, Procedia Computer Science, vol. 164, pp. 187–192, 2019, doi: 10.1016/j.procs.2019.12.171.
[29] B. W. Boehm, ‘Software risk management: principles and practices’, IEEE Softw., vol. 8, no. 1, pp. 32–41, Jan. 1991, doi: 10.1109/52.62930.
[30] R. P. Higuera and Y. Y. Haimes, ‘Software Risk Management’, p. 1996.
[31] J. Kontio, Risk Management in Software Development: A Technology Overview and the Riskit Method. 2001. [Online]. Available: https://insights.sei.cmu.edu/library/capability-maturity-model-integration-cmmi-version-12-overview/
[32] B. G. Tavares, M. Keil, C. E. Sanches Da Silva, and A. D. De Souza, ‘A Risk Management Tool for Agile Software Development’, Journal of Computer Information Systems, vol. 61, no. 6, pp. 561–570, Nov. 2021, doi: 10.1080/08874417.2020.1839813.
[33] V. Anes, A. Abreu, and R. Santos, ‘A New Risk Assessment Approach for Agile Projects’, in 2020 International Young Engineers Forum (YEF-ECE), Costa da Caparica, Portugal: IEEE, Jul. 2020, pp. 67–72. doi: 10.1109/YEF-ECE49388.2020.9171808.
[34] T. Natarajan and S. Pichai, ‘Behaviour-driven development and metrics framework for enhanced agile practices in scrum teams’, Information and Software Technology, vol. 170, p. 107435, Jun. 2024, doi: 10.1016/j.infsof.2024.107435.
[35] L. Barros, C. Tam, and J. Varajão, ‘Agile software development projects–Unveiling the human-related critical success factors’, Information and Software Technology, vol. 170, p. 107432, Jun. 2024, doi: 10.1016/j.infsof.2024.107432.
[36] M. Shafir, P. P. Saha, A. T. Araf, J. F. Nishi, M. Hasan, and F. Sadia, ‘The Success Factors of Agile Methodologies in Software Development based on Developing Countries’ Software Firms’, Procedia Computer Science, vol. 256, pp. 1954–1961, 2025, doi: 10.1016/j.procs.2025.02.338.
[37] E. Karimian Sichani, A. Smith, K. El Emam, and L. Mosquera, ‘Creating High-Quality Synthetic Health Data: Framework for Model Development and Validation’, JMIR Form Res, vol. 8, p. e53241, Apr. 2024, doi: 10.2196/53241.
[38] E. Barbierato, M. L. D. Vedova, D. Tessera, D. Toti, and N. Vanoli, ‘A Methodology for Controlling Bias and Fairness in Synthetic Data Generation’, Applied Sciences, vol. 12, no. 9, p. 4619, May 2022, doi: 10.3390/app12094619.
[39] PMI, ‘A guide to the project management body of knowledge (PMBOK® guide) (7th ed.)’. Project Management Institute, 2021.
[40] K. C. Obondia, ‘The utilization of project risk monitoring and control practices and their relationship with pro-ject success in construction projects’, Journal of Project Management, vol. 7, no. 1, pp. 35–25, 2022.
[41] S. Kainulainen, T. Tuunanen, and T. Vartiainen, ‘Requirements Risk Management for Continuous Development: Organisational Needs’, AJIS, vol. 28, Sep. 2024, doi: 10.3127/ajis.v28.4441.
[42] ISACA, ‘Agile Methodologies Require Adjustments to Risk Management’. ISACA, 2023. [Online]. Available: https://www.isaca.org/resources/news-and-trends/newsletters/atisaca/2023/volume-7/agile-methodologies-require-adjustments-to-risk-management
Downloads
Published
How to Cite
Issue
Section
License
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
Indonesian Journal of Information Systems as journal publisher holds copyright of papers published in this journal. Authors transfer the copyright of their journal by filling Copyright Transfer Form and send it to Indonesian Journal of Information Systems.
Indonesian Journal of Information Systems is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.
