Jurnal Ilmu Komputer dan Informatika

Risk Management in Software Development Projects

A Systematic Literature Review
Marzuki Pilliang, Munawar*
*Correspondence: [email protected]
Computer Science Faculty
Esa Unggul University
Jakarta

Abstract-Risk Management is an integral part of every project. Risk management must estimate the risks’ significance, especially in the SDLC process,
and mitigate those risks. Since 2016, many papers and journals have researched planning, design, and risk control in software development projects
over the last five years. This study aims to find the most exciting topics for researchers in risk management, especially in software engineering projects.
This paper takes a systematic approach to reviewing articles containing risk management in software development projects. This study collects papers
and journals included in the international online library database, then summarizes them according to the stages of the PICOC methodology. This
paper results in the focus of research in the last five years on Agile methods. The current issue is that many researchers are trying to explicitly integrate
risk management into the Agile development process by creating a comprehensive risk management framework. This SLR helps future research get a
theoretical basis to solve the studied problem. The SLR explains the focuses of previous research, analysis of research results, and the weaknesses of
the investigation. For further study, take one of the topic papers, do a critical review, and find research gaps.

Keywords: project, risk management, software development, systematic literature review, SLR

Article info: submitted January 8, 2022, revised April 25, 2022, accepted May 27, 2022

Joshua Partogi also says the extra work that causes software
1. Introduction development costs to be more expensive is a risk that can eliminate
Uncertainty and extreme competition in the information in a fail-safe environment [7].
systems industry increase new challenges and problems in today's Risk management in software development projects describes
growing companies. Cost, deadline, and implementation of an integrated engineering approach with methods, processes, and
development methodologies are severe factors in software artifacts that continuously identify, analyze, control, and pool risks,
development project failure [1]. Risk is part of the project, and to reduce the risk of project failure. The risk management process
managing risk leads to success. Most software development consists of all the activities necessary to identify risks that may
companies view risk differently and less comprehensively [2]. This potentially impact the software project [8].
failure is why risk management in software projects has become a
significant concern for many companies. Organizations that adopt The importance of risk management in software development
risk management strategies positively affect the outcomes of their projects encourages researchers to conduct studies in this field to
software projects and typically result in reduced costs, fewer delays, find a novelty for knowledge and the software industry. However,
and improved performance [3]. in every research, it is often asked why the field was chosen and
whether the lot is outdated or has the potential to find elements of
Software engineering is a discipline that covers everything related novelty. Who researched the area (risk management in software
to the software development process, from the design stage to the development projects), and what were the results?
implementation stage and post-implementation, so that the
software life cycle can take place efficiently and measurably [4]. In To answer these problems, a systematic literature review was
(Rudy 2016), the definition of a project, according to PMBOK carried out to identify and evaluate the research, with the object of
(Project Management Body of Knowledge), is a temporary effort study in the form of papers published in the last five years until
to produce specific/unique products, services, or results [5]. Risk is September 2021, when this research was conducted. This paper
an integral part of every project, and risk management is an essential describes the research focus, analysis of research results, and
part of the decision-making process at every stage of the project. weaknesses of previous studies so that the results of this literature
The success or failure of a project is highly dependent on the review are used as a theoretical basis for further research.
approach to the potential emergence of risks that can affect the
productivity, quality, timeliness, and or cost of the project [6].

Vol.8 No.2 | October 2022 KHAZANAH INFORMATIKA | ISSN: 2621-038X, Online ISSN: 2477-698X
2. Method o IEEE Xplore (ieeexplore.ieee.org)
This paper takes an approach systematically to reviewing the o Elsevier (elsevier.com)
literature on risk management in software development projects.
o ACM Digital Library (dl.acm.org)
The Systematic Literature Review (SLR) method is well established
in medical research and deeper in information technology [9]. The  Inclusion criteria as requirements of relevant research,
SLR used is an approach by Kitchenham and Charters to identify, and exclusion is used to exclude studies or research those
assess, and interpret findings on a research topic to answer not pertinent.
predetermined research questions [10].
Table 3 Inclusion and exclusion criteria
1. Research Question
Research questions are obtained from the PICOC (Population, Inclusion Exclusion
Intervention, Comparison, Outcomes, and Context), which
Articles published in English Articles published not in English.
contains the criteria and scope of the papers included in the
literature study, as shown in Table 1. The PICOC method is used Articles published between January Articles published before 1st 2016
to build an evidence-based practice by asking well-structured 1st, 2016, and September 30th, 2021 and outside inclusion period
practical questions. Articles included in international Articles included not in
journals. international journals.
Table 1 Scope of formulating research questions Fully accessible papers Fully inaccessible papers

Criteria Scope Articles belonging to the risk Articles not belonging to the risk
management category and software management category and software
P Population Risk management and software development projects development projects development projects

Limited to research on risk management in software

I Intervention
development projects
3. Result
C Comparison n/a
Risk management in software development projects
The following steps are carried out in the search for papers:
O Outcomes
dominates trends and topics of research concern. 1. Enter keywords in the search field in each online
A review of all research containing risk management in repository (link.springer.com, researchgate.net,
C Context ieeexplore.ieee.org, elsevier.com, dl.acm.org).
software development projects
2. Limit search years (2016 - 2021).
Based on these criteria and scope, five Research Questions 3. Perform downloads for articles that can be accessed.
(RQ) were generated or shown in Table 2.

Table 2 Research Questions

After browsing and searching for sources from online
Research Question
repositories, then extracting papers based on inclusion and
exclusion criteria, 54 articles were determined. The list of titles, year
RQ1 Does the paper discuss risk management? of publication, and repository sources can be seen in Table 4.
RQ2 Does the paper discuss software development projects? Table 4 List of Search Results
RQ3 What is the main focus of the research? Year Title Source Seq

RQ4 What is the result of the research? Causes of Human Errors in Early
[11] 2016 Risk assessment in Software dl.acm.org 1
RQ5 Who has researched the most in this field? Project Management
Open data standards for open
[12] 2018 source software risk management dl.acm.org 2
2. Search strategy routine
The search strategy was carried out by determining the search Risk management in projects
string formulation, searching for data sources from the online [13] 2019 dl.acm.org 3
based on open-source software
database literature, defining the inclusion and exclusion criteria as Risking: A game for teaching risk
shown in Table 3, and extracting papers based on the RQ in Table [14] 2019
management in software projects
dl.acm.org 4
2.
Risk Management for Software
[15] 2020 dl.acm.org 5
 Search string is English and combines keywords using Projects in Banking
Boolean ANDs & ORs [9]. This paper is used search Categorization and
strings like the following: risk management AND standardization of accidental risk-
(software develop* OR project manage*). [16] 2016 criticality levels of human error to elsevier.com 6
develop risk and safety
management policy
 Literature from the most popular Internet is explored to
the broadest possible range for study dan research. The Climate-Agriculture-Modeling
following is a list of digital repository indexes: and Decision Tool (CAMDT): A
[17] 2017 elsevier.com 7
software framework for climate
o Springer (link.springer.com) risk management in agriculture

o Research Gate (researchgate.net)

Vol.8 No.2 | October 2022 KHAZANAH INFORMATIKA | ISSN: 2621-038X, Online ISSN: 2477-698X
 Year Title Source Seq Year Title Source Seq
Framework for risk management Data-driven Risk Management
[18] 2017 software system for SMEs in the elsevier.com 8 for Requirements Engineering:
[38] 2020 ieeexplore.ieee.org 29
engineering construction sector An Automated Approach based
on Bayesian Networks
A risk management framework
[19] 2017 elsevier.com 9
for distributed agile projects Risk Management in Software
[39] 2020 ieeexplore.ieee.org 30
Engineering Using Big Data
Risk management framework for
distributed software team: A case Artificial Intelligence based Risk
[20] 2019 elsevier.com 10
study of telecommunication Management Framework for
[40] 2021 ieeexplore.ieee.org 31
company Distributed Agile Software
Development
A framework for risk
[2] 2019 management in Scrum elsevier.com 11 Adapting a Software Acquisition
development process Curriculum to Instruct Supply
[41] 2021 Chain Risk Management in a ieeexplore.ieee.org 32
Project planning and risk Project-Based Software
management as a success factor Development Course
[21] 2020 elsevier.com 12
for IT projects in agricultural
schools in Serbia Assessing the Risk of Software
[42] 2021 Development in Agile ieeexplore.ieee.org 33
A risk prediction model for Methodologies Using Simulation
software project management
[22] 2021 elsevier.com 13
based on similarity analysis of Software risk management: Using
[43] 2016 link.springer.com 34
context histories the automated tools
Expert's opinions on software A study on software risk
[23] 2016 ieeexplore.ieee.org 14
project effective risk management [44] 2016 management strategies and link.springer.com 35
mapping with SDLC
Experimental evaluation of a
novel ISO 14971 risk Risk Management During
[24] 2016 ieeexplore.ieee.org 15
management software for medical Software Development: Results
devices [45] 2016 of a Survey in Software Houses link.springer.com 36
from Germany, Austria and
Corporate risk estimation by Switzerland
[25] 2016 combining machine learning ieeexplore.ieee.org 16
technique and risk measure Software Testing in Clinical Risk
[46] 2016 link.springer.com 37
Management
Quantitative planning and risk
[26] 2017 management of Agile Software ieeexplore.ieee.org 17 Risk Factor Classification
Development [47] 2016 GEMIO in the Planning Phase of link.springer.com 38
Logistic Project Management
Decision support system for risk
assessment and management Improving Project Risk
[27] 2017 ieeexplore.ieee.org 18
strategies in distributed software [48] 2016 Management of Cloud CRM link.springer.com 39
development Using DANP Approach
A critical analysis of software risk Concept implementation of
[28] 2018 management techniques in large ieeexplore.ieee.org 18 decision support software for the
[49] 2017 link.springer.com 40
scale systems risk management of complex
technical system
A Software System for Risk
[29] 2018 Management of Information ieeexplore.ieee.org 20 3PR Framework for Software
Systems* [50] 2017 Project Management: People, link.springer.com 41
Process, Product, and Risk
Agile Software Risk Management
[30] 2018 Architecture for IoT-Fog based ieeexplore.ieee.org 21 Agile risk management using
[51] 2018 link.springer.com 42
systems software agents
Exploring Experiential Learning Risk Management in Software
Model and Risk Management [52] 2018 Engineering: What Still Needs to link.springer.com 43
[31] 2018 ieeexplore.ieee.org 22
Process for an Undergraduate Be Done
Software Architecture Course
Application of a risk management
Modeling information security tool focused on helping to small
threats for smart grid applications [53] 2018 and medium enterprises link.springer.com 44
[32] 2018 ieeexplore.ieee.org 23
by using software engineering and implementing the best practices
risk management in software development projects
Intelligent Software Platform and Risk Analysis and Management of
[54] 2018 link.springer.com 45
[33] 2018 End-Point Software for Risk ieeexplore.ieee.org 24 Software V&V Activities in NPPs
Management
Adaptation of open up in the
Risk Management in Agile scrum framework to improve
[34] 2019 ieeexplore.ieee.org 25
Software Development: A Survey [55] 2019 compliance in scope, risk link.springer.com 46
management and delivery times in
Agile risk management for multi- software development projects
[35] 2019 ieeexplore.ieee.org 26
cloud software development
Towards risk-driven security
Risk Management Technology of [56] 2019 requirements management in agile link.springer.com 47
[36] 2019 Software Project Sustainability in ieeexplore.ieee.org 27 software development
Fuzzy Conditions
Risk Catalogs in Software Project
[37] 2019 ieeexplore.ieee.org 28
Management

Vol.8 No.2 | October 2022 KHAZANAH INFORMATIKA | ISSN: 2621-038X, Online ISSN: 2477-698X
 Year Title Source Seq categorized into two parts, namely Journal Articles, and Conference
A Scalable and Automated Proceedings. Each contribution can be seen in Figure 2.
[57] 2021 Machine Learning Framework to link.springer.com 48
Support Risk Management A total of 20 articles have been studied; each was coded (C1,
C2, C3, C4, C5, C6, C7, C8, C9, C10, C11, C12, and C13) for
Requirement-oriented risk articles in the Conference Proceedings category. And the code (J1,
[58] 2021 management for incremental link.springer.com 49
software development J2, J3, J4, J5, J6, and J7) for articles in the Journal Article category,
the bibliographic details can be seen in Table 7.
Open Chance and Risk
Management Process Supported
[59] 2021 link.springer.com 50
by a Software Tool for Improving
Urban Security
A Multi-Disciplinary Software
Suite for Uncertainty 7; 35%
[60] 2016 researchgate.net 51
Quantification and Risk
Management
13; 65%
Impact of Risk Management on
[61] 2017 Software Projects in Nigeria researchgate.net 52
Using Linear Programming
Drinking Water Quality Risk
Management. Risk Analysis of Journal Article Conference Proceedings
[62] 2019 Nitrogen Groundwater researchgate.net 53
Contamination Using Analytica
Software Figure 2 Articles of software development projects
A Review on Some Pertinent
[63] 2021 Software Security Risk researchgate.net 54
Management Frameworks 3. What is the main focus of the research?
Table 6 shows the mapping of the primary research focuses
from articles published between January 2016 to September 2021.
A grouping of articles by database source can be seen in Figure
1. A total of 12 articles (C3, C5, C6, C10, C11, C13, J1, J2, J3, J4,
J6, and J7) focused on Agile as the object of research. Agile
methodology is an alternative to traditional linear sequential
Springer 17 software development processes such as Waterfall. The term
"Agile" in software development methodologies comes from the
researchgate.net 4 "Agile Manifesto,” compiled in 2001. Among the Agile methods
ieeexplore.ieee.org
are Extreme programming, Test-driven development, Feature-
20
driven development, and Scrum. In recent years, the software
Elsevier 8 industry has shifted to adopting Agile practices that are responsive
and flexible to change instead of traditional methods [64].
dl.acm.org 5
Three articles (C8, J5, and J6) specifically examine risk
0 5 10 15 20 25 management in the software development process with Scrum.
Scrum is based on empiricism and lean thinking. Empiricism
asserts that knowledge comes from experience and makes decisions
Figure 1 A grouping of articles by database source based on observation. Lean thinking reduces waste and focuses on
After implementing the PICOC methodology for these papers, what matters. Scrum uses an iterative and incremental approach to
the results related to the research questions (RQ) presented in the optimize predictability and control risk [65].
previous section were obtained. Here are the answers to the five The Risk Management Tool includes the second most popular
questions. research focus. A total of 8 articles (C4, C5, C6, C13, J2, J3, J5, and
1. Does the paper discuss risk management? J6) were reviewed, and even some articles carried the tools or
applications used in risk management. The framework for risk
Fifty-four articles can be accessed to carry out a study in the management includes a widely discussed research focus, including
abstract, introduction, and discussion sections. These papers eight articles (C5, C7, C8, C9, C11, J1, J4, and J7).
discuss risk management; the following is a mapping based on the
year of publication, as shown in Table 5. The risks involved in deployment have not gone unnoticed by
researchers in the last five years. Five articles (C1, C3, C7, C10, and
Table 5 Mapping based on the year of publication C12) focused on this issue. Each piece (C3 and C10) focuses on
Quality Risks, and the last report (C2) focuses on People Risks.
2016 2017 2018 2019 2020 2021 Total Visually, the trend of research focus is shown in Figure 3.
Qty 12 8 11 11 5 7 54

2. Does the paper discuss software development projects?

Fifty-four papers or journals discuss risk management, and 20
discuss software development projects. With the help of the
Mendeley Reference Manager application, these articles can be

Vol.8 No.2 | October 2022 KHAZANAH INFORMATIKA | ISSN: 2621-038X, Online ISSN: 2477-698X
 Table 6 Mapping of research focus

Risk Focus Quality

RISK FOCUS
Method Framework
Deploym Frame-
People Tools Quality
ent work Tools
C5 C6
C5 C11 People
C13 J2
Agile C3 C10 J1 J4 C3 C10 Deployment
J3 J6
J7
0 2 4 6 8
Scrum J5 J6 C8
Tradition C1 C7 Traditional Scrum Agile
C2 C4 C6 C7 C9
al C12

Figure 3 The trend of research focus

Table 7 Bibliographic information

Code Author Title Year Research Result

B. Roy, R. Dasgupta, and A study on software risk management strategies and
C1 2016 Risk classification by SDLC phase
N. Chaki mapping with SDLC
Causes of human errors in early risk assessment in Strauss and Glasser's theoretical approach to human
C2 S. Sharma and B. Ram 2016
software project management error
Quantitative planning and risk management of agile
C3 K. Ghane 2017 The concept for calculating risk value
software development
A. Boranbayev, S.
Boranbayev, A.
A Software System for Risk Management of
C4 Nurusheva, K. 2018 Software to improve reliability and fault tolerance
Information Systems∗
Yersakhanov, and Y.
Seitkulov
P. Gouthaman and S. Agile software risk management architecture for IoT- Risk assessment software and framework to assist in
C5 2018
Sankaranarayanan fog based systems identification and planning
Application of a risk management tool focused on
Y. M. García, M. Muñoz,
helping to small and medium enterprises Case studies of the application of tools in risk
C6 J. Mejía, G. P. Gasca, and 2018
implementing the best practices in software management
A. Mireles
development projects
A framework that categorizes risks based on the
Risk management in software engineering: What still
C7 T. Hussain 2018 relative importance and level of control of the
needs to be done
project manager
S. Chaouch, A. Mejri, and A framework for risk management in Scrum A framework involved in the deployment of the risk
C8 2019
S. A. Ghannouchi development process management process in Scrum
W. S. Wan Husin, Y.
Yahya, N. F. Mohd Azmi, Risk management framework for distributed software Communication elements within the framework on
C9 2019
N. N. Amir Sjarif, S. team: A case study of telecommunication company DSD risk categories
Chuprat, and A. Azmi
M. Hammad, I. Inayat, Risk management in agile software development: A Mitigation strategies used to minimize the impact of
C10 2019
and M. Zahid survey risk in the risk management process
D. Ionita, C. van der
Velden, H. J. K. Ikkink, Towards risk-driven security requirements A framework that can help Agile development
C11 2019
E. Neven, M. Daneva, management in agile software development teams consider security a priority in software risk
and M. Kuipers
C. M. Tae, P. D. Hung, Analyze size, accuracy, time, cost, effort, knowledge,
C12 Risk Management for Software Projects in Banking 2020
and L. D. Huynh and experience to avoid the risk
Risk Management in Software Engineering Using Big Big data predictive analytics to make risk predictions
C13 A. Puri and S. Sharma 2020
Data in software projects
S. V. Shrivastava and U. A risk management framework for distributed agile A framework that categorizes risks in DAD
J1 2017
Rathod projects (Distributed Agile Development) projects
Decision Support System for Risk Assessment and
Tools that serve to make decisions for risk
J2 A. Aslam et al. Management Strategies in Distributed Software 2017
management in the software development process
Development
E. E. Odzaly, D. Greer, Tools used to support risk identification,
J3 Agile risk management using software agents 2018
and D. Stewart assessment, and monitoring.
The framework is generated from combining the
Agile risk management for multi-cloud software
J4 V. Muntés-Mulero et al. 2019 previous risks that are used to mitigate the following
development
risks
A risk prediction model for software project
A. S. Filippetto, R. Lima, Atropos model for measuring uncertainty in
J5 management based on similarity analysis of context 2021
and J. L. V. Barbosa projects
histories
M. I. Lunesu, R. Tonelli,
Assessing the risk of software development in agile Model several key risk factors using the Agile
J6 L. Marchesi, and M. 2021
methodologies using simulation development simulator
Marchesi
M. Roy, N. Deb, A. A risk management framework for the ISD
Requirement-oriented risk management for
J7 Cortesi, R. Chaki, and N. 2021 (Incremental Software Development) process that
incremental software development
Chaki provides risk exposure estimates for projects

Vol.8 No.2 | October 2022 KHAZANAH INFORMATIKA | ISSN: 2621-038X, Online ISSN: 2477-698X
 4. What is the result of the research? The model emerged based on the respondent's questionnaire. The
The article (C1) produces a risk classification based on the aim is to improve the methodology that maps the risk management
phases in the SDLC (Systems Development Life Cycle). This allows principles to increase project success [2]. However, the results need
researchers to apply various conceptual models or risk management to be verified by testing them in software development scenarios in
frameworks and then analyze the occurrence of risk across all steps various Scrum organizations, both on medium and large-scale
of the SDLC so that risk mitigation can be inventoried as quickly projects. This risk management framework also needs to be further
as possible [44]. However, the results of this study have not brought developed for other Agile methodologies such as Extreme
up a framework that can be integrated into all phases of the SDLC. Programming (XP), Dynamic System Development Method,
Kanban, and Feature Driven Development (FDD).
Article (C2) takes the theoretical approach of Strauss and
Glaser to detect human errors in information security that can pose The article (C9) adds a communication element to the DSD
risks to the software development process [11]. However, this is (Distributed Software Development) risk category.
only partial mitigation for the overall chances of a project. Communication will help grow team members to become aware of
the risk, facilitate everyone responsible for managing risk, and
In the article (C3), the researcher proposes a concept to understand the basis for decisions made and the reasons behind
calculate the risk value in the software development process using specific treatments or actions chosen [20]. However, this addition
the Agile method based on input parameters with the desired target does not cover the categories of other risks.
value limits and the appropriate level of confidence [26]. However,
the concept being carried out does not cover the planning and The article (C10) presents the results of a survey conducted on
mitigation strategies that may occur at a value that has exceeded the industry practitioners of software developers using the Agile
target limit. method. The survey contains the mitigation strategies to minimize
risk in the risk management process to various software
The article (C4) describes the software that has been developed development life cycle stages. According to an industry survey,
to manage risk in the information system process. It enables scheduled risk and varying requirements are the most experienced
developers to identify, evaluate, and neutralize information and by practitioners. Most of the risk mitigation strategies followed
other automated systems risks. In addition, the developed system involve using tools to communicate with clients, tracking
has several other advantages, such as the ability to identify risks at requirements and change requests implemented in the project, and
an early stage of development, the convenient interface, and time- reducing the number of software bugs [34]. The author considers
saving [29]. However, the addition of tools in the software these parameters can be used as material to create a framework for
development process can increase the workload of developers, risk management for future research to get more optimal results.
considering that agencies that are only used half-heartedly will
create invalid output results. Article (C11) presents a framework to help Agile development
teams consider security priority in software risk. The framework
Article (C5) proposes an architecture and risk assessment was developed and tested on a single software developer in the
framework system to identify and plan risk management in the Netherlands and only applied to mobile and web applications [56].
software development process using the Agile method. Especially Therefore, this framework only covers one aspect of risk
software development in IoT, Fog, and Cloud-based systems [30]. management, so it is necessary to develop a framework for other
However, the proposed framework does not include an analysis of elements.
risk parameters, so further research is needed to create a more
effective framework. The article (C12) analyzes the size, accuracy, time, cost, effort,
knowledge, and experience to avoid or overcome many risks in
The article (C6) presents the results of a case study of the information system project management at the Bank [15].
application of tools in essential risk management in two companies. However, it does not discuss planning and risk mitigation strategies.
The results of the hypothesis indicate that the use of these tools is In addition, the scope of research is only in the banking sector, so
helpful for implementation in software engineering projects [53]. it cannot be confirmed for other industrial sectors.
However, these results cannot be generalized to other projects in
the software development process. Because environmental and The article (C13) raised issues in risk management in software
ethnic, or cultural factors can affect the results obtained. engineering using big data. Predictive big data analysis is used to
predict risks experienced before in software projects and provide
The article (C7) examines the risk management process: risk proposals for possible risks that will arise accordingly [39].
planning; risk identification; risk analysis; risk response; and However, checking unstructured data will be inconvenient and
monitoring and control. This article presents a framework that requires special skills to avoid invalid analysis results.
categorizes risks based on their relative importance and perceived
level of control over the project manager. The framework is Article (J1) proposes a framework for risk categories, 'Group
classified into four quadrants: customer mandate, scope and Awareness', 'External Stakeholder Collaboration', and 'Software
requirements; execution; and the environment [52]. However, risk Development Lifecycle' on a DAD (Distributed Agile
analysis becomes very difficult or impractical for large projects Development) project. However, the DAD team needs to adopt
because the research only focuses on quantitative aspects and practices to reduce the impact of spatial distance between
ignores qualitative elements. This makes the framework that is stakeholders. Apart from geographic dispersion, other properties,
carried out ineffective and can be applied to large projects. including work culture, enormous project scope, temporal distance,
and language barriers, which impact the DAD project, should also
Article (C8) proposes a model of the activities involved in be considered to control risk [19]. Therefore, further research is
spreading the risk management process in the Scrum framework. needed to improve this framework.

Vol. KHAZANAH INFORMATIKA | ISSN: 2621-038X, Online ISSN: 2477-698X

 The article (J2) proposes tools that can help decision-makers 5. Who has researched the most in this field?
during DSD (Distributed Software Development) risk Researchers who have contributed the most to research on risk
management [27]. However, these proposed tools have not linked management in software development projects can be seen in Table
the various planning stages with identifying variations in DSS 8.
(Decision Support Systems) outputs at different project stages. It is
still necessary to add features in distributed development to the risk Table 8 List of Authors
assessment results.
Risk Development
An article (J3) describes the underlying risk management model Full Name Paper Management Method Score
in Agile risk tools where software agents support risk identification, Aakash Puri C13 Tools Agile 1
assessment, and monitoring. Interaction between agents, agent
compliance with defined rules, and how agents react to project Abdulaziz S.
Almazyad J2 Tools Agile 1
environmental data changes. The results show that agents help
detect risks and respond dynamically to changes in the project Abid Khan J2 Tools Agile 1
environment, thereby helping to minimize human effort in Adeel Anjum J2 Tools Agile 1
managing risks in software development projects with Agile
Adeel Aslam J2 Tools Agile 1
methods [51]. However, tools that are not perfect can increase the
development team’s workload because they can produce Agostino Cortesi J7 Framework Agile 1
inappropriate analysis results. Alexsandro Souza
Filippetto J5 Tools Scrum 1
Article (J4) combines the information gathered from the joint
work in the previous process to become a framework used to Amjad Rehman J2 Tools Agile 1
mitigate the risks that will arise in Agile software development Tools and
projects [35]. However, the risks that have not appeared before Antonia Mireles C6 Framework Traditional 1
have not been thoroughly analyzed, so there is still a need to Askar Boranbayev C4 Tools Traditional 1
improve this framework.
Asma Mejri C8 Framework Scrum 1
The article (J5) uses the Atropos model to measure the
Assel Nurusheva C4 Tools Traditional 1
uncertainty in the project with a value that is close to the actual
financial impact of the identified risks. Implementation of risk Azri Azmi C9 Framework Traditional 1
recommendations based on historical similarity analysis of the Babu Ram C2 Human error Traditional 1
context by providing advice and considering the characteristics of
each new project [22]. However, additional prototypes are needed Balázs Somosköi J4 Framework Agile 1
to compile a complete project history, thus allowing more Bibhash Roy C1 Deployment Traditional 1
information to be generated to support more significant risk Chung Min Tae C12 Deployment Traditional 1
recommendations and improve analysis of similarity and accuracy
of risk recommendations. Coco van der Velden C11 Framework Agile 1
Dan Ionita C11 Framework Agile 1
The article (J6) introduces a new approach to modeling several
key risk factors: project duration, the number of problems applied, Darryl Stewart J3 Tools Agile 1
and key statistics of problem-solving time. Using an Agile Des Greer J3 Tools Agile 1
development simulator, this approach includes modeling Agile
processes, collecting data from tools used for project management, Edzreena Edza
Odzaly J3 Tools Agile 1
and performing Monte Carlo process simulations to gain insight
into the time and effort expected to complete a project and its Eelko Neven C11 Framework Agile 1
distribution. The model parameters that can pose a risk are the Eric Willeke J4 Framework Agile 1
error in the estimated effort to be developed, variations in
Tools and
developer assignments for these features, and obstacles related to Gloria Piedad Gasca C6 Framework Traditional 1
developer availability and work completion [42]. However, this
model still needs improvement by conducting more evaluations on Henk Jan Klein
Ikkink C11 Framework Agile 1
case studies. And scale the model from one team to multiple teams
involved in one or more projects. Deployment
Irum Inayat C10 and Quality Agile 1
Article (J7) proposes a risk management framework for the ISD
(Incremental Software Development) process that estimates risk Jacek Dominiak J4 Framework Agile 1
exposure for a project. The framework offers appropriate risk Tools and
reduction strategies and works with the risk assessment module Jezreel Mejía C6 Framework Traditional 1
[58]. However, this proposed framework does not yet link the
Jorge Luis Victória
various planning stages with identifying risks at different project Barbosa J5 Tools Scrum 1
stages. It is still necessary to add features in distributed
development to the risk assessment results. Deployment
Kamran Ghane C3 and Quality Agile 1

Vol. KHAZANAH INFORMATIKA | ISSN: 2621-038X, Online ISSN: 2477-698X

 Risk Development Risk Development
Full Name Paper Management Method Score Full Name Paper Management Method Score
Kuanysh Deployment
Yersakhanov C4 Tools Traditional 1 and
Tauqeer Hussain C7 Framework Traditional 1
Le Dinh Huynh C12 Deployment Traditional 1
Urvashi Rathod J1 Framework Agile 1
Lodovica Marchesi J6 Tools Scrum 1
Victor Muntés-
Mandira Roy J7 Framework Agile 1 Mulero J4 Framework Agile 1
Maria Ilaria Lunesu J6 Tools Scrum 1 Wan Suzila Wan
Husin C9 Framework Traditional 1
Deployment
Maryam Zahid C10 and Quality Agile 1 Yazriwati Yahya C9 Framework Traditional 1

Maya Daneva C11 Framework Agile 1 Yerzhan Seitkulov C4 Tools Traditional 1

Michael Kuipers C11 Framework Agile 1 Yolanda Meredith Tools and

García C6 Framework Traditional 1
Michele Marchesi J6 Tools Scrum 1
Tools and
Mirna Muñoz C6 Framework Traditional 1 Only Nabendu Chaki has published two articles (C1 and J7),
focusing on research on deployment and quality of risk
Deployment management in software development projects.
Muhammad Hammad C10 and Quality Agile 1
4. Discussion
Deployment, Traditional,
Nabendu Chaki C1, J7 Framework Agile 2 From January 2016 to September 2021, we see trends in risk
Naveed Ahmad J2 Tools Agile 1 management research in software development projects focusing
on Agile development methods and risk management tools.
Nilam Nur Amir Fourteen articles (C3, C4, C5, C7, C8, C9, C11, J1, J2, J3, J4, J5, J6,
Sjarif C9 Framework Traditional 1
and J7) carried new frameworks, conceptual models, and software
Novarun Deb J7 Framework Agile 1 tools.
Nurulhuda Firdaus
Mohd Azmi C9 Framework Traditional 1
The current issue, many researchers are trying to integrate risk
management explicitly in every process of the software
Oscar Ripolles J4 Framework Agile 1 development life cycle in the Agile methodology by creating a
Tools and comprehensive risk management framework, considering that the
P. Gouthaman C5 Framework Agile 1 Agile and Scrum methods do not have a specific process for risk
Peter Matthews J4 Framework Agile 1 management [66]. So there is a need to integrate risk management
into it explicitly.
Phan Duy Hung C12 Deployment Traditional 1
Several SLRs have been carried out by other researchers, with
Ranjan Dasgupta C1 Deployment Traditional 1
the following results:
Rituparna Chaki J7 Framework Agile 1
[67] identified challenges in the context of Global Software
Roberto Tonelli J6 Tools Scrum 1 Development (GSD) with Software Project Management (SPM)
Robson Lima J5 Tools Scrum 1 activities that include an integrative framework. The difference with
Seema Sharma C2 Human error Traditional 1 this paper is that the researcher did not examine research on tools
in risk management and only examined 15 articles.
Seilkhan Boranbayev C4 Tools Traditional 1
[68] research on applying risk mitigation techniques in Agile
Shilpi Sharma C13 Tools Agile 1
GSD to increase time efficiency, acquire more resources, lower
Smrati Gupta J4 Framework Agile 1 costs, and maintain a competitive advantage. However, it only
Sonia Ayachi focuses on 53 papers discussing Agile methods.
Ghannouchi C8 Framework Scrum 1
[69] looked for potential studies in 45 articles discussing the
Suprika Vasudeva identification process in risk management and activation of risk
Shrivastava J1 Framework Agile 1 management using the ISO 31000 standard, which differs from this
Suresh Tools and paper which does not compare the use of the ISO standard.
Sankaranarayanan C5 Framework Agile 1
Suriayati Chuprat C9 Framework Traditional 1 5. Conclusion
Syrine Chaouch C8 Framework Scrum 1 There are seven articles (C5, C7, C8, C11, J1, J4, and J7) that
are very interesting to be explored further. The framework
Tanzila Saba J2 Tools Agile 1
proposed by these articles deserves to be tested in-depth.

Vol. KHAZANAH INFORMATIKA | ISSN: 2621-038X, Online ISSN: 2477-698X

 This SLR will be used for further research to strengthen the [16] P. Kumar, S. Gupta, M. Agarwal, and U. Singh, “Categorization
theoretical basis, compare research results, and describe the and standardization of accidental risk-criticality levels of human
shortcomings of previous research. error to develop risk and safety management policy,” Safety Science,
vol. 85, pp. 88–98, Jun. 2016, doi: 10.1016/j.ssci.2016.01.007.
This literature research is not perfect because the authors have [17] E. Han, A. V. M. Ines, and W. E. Baethgen, “Climate-Agriculture-
difficulty accessing several international journals fully. Other Modeling and Decision Tool (CAMDT): A software framework
researchers can use different methods like SPIDER (sample, for climate risk management in agriculture,” Environmental Modelling
& Software, vol. 95, pp. 102–114, Sep. 2017, doi:
phenomenon of interest, design, evaluation, research type) to get 10.1016/j.envsoft.2017.06.024.
more significant results. [18] C. F. Oduoza, O. Odimabo, and A. Tamparapoulos, “Framework
for Risk Management Software System for SMEs in the
References Engineering Construction Sector,” Procedia Manufacturing, vol. 11,
[1] S. L. Fahrenkrog, D. Bolles, J. D. Blaine, and C. Steuer, no. June, pp. 1231–1238, 2017, doi:
“PMBOK®guide: an overview of the changes,” Project Management 10.1016/j.promfg.2017.07.249.
Institute, Newtown Square, US, 2004. [19] S. V. Shrivastava and U. Rathod, “A risk management framework
[2] S. Chaouch, A. Mejri, and S. A. Ghannouchi, “A framework for for distributed agile projects,” Information and Software Technology,
risk management in Scrum development process,” in Procedia vol. 85, pp. 1–15, 2017, doi: 10.1016/j.infsof.2016.12.005.
Computer Science, 2019, vol. 164, pp. 187–192. doi: [20] W. S. Wan Husin, Y. Yahya, N. F. Mohd Azmi, N. N. Amir Sjarif,
10.1016/j.procs.2019.12.171. S. Chuprat, and A. Azmi, “Risk management framework for
[3] L. Sarigiannidis, P. D. Chatzoglou, and others, “Software distributed software team: A case study of telecommunication
development project risk management: A new conceptual company,” in Procedia Computer Science, 2019, vol. 161, pp. 178–186.
framework,” Journal of Software Engineering and Applications, vol. 4, doi: 10.1016/j.procs.2019.11.113.
no. 05, p. 293, 2011. [21] V. Vujović et al., “Project planning and risk management as a
[4] S. Rizky and others, “Konsep dasar rekayasa perangkat lunak,” success factor for IT projects in agricultural schools in Serbia,”
Jakarta: Prestasi Pustaka, 2011. Technology in Society, vol. 63, no. August, p. 101371, Nov. 2020, doi:
10.1016/j.techsoc.2020.101371.
[5] T. Rudy, “Manajemen Proyek Sistem Informasi, bagaimana
mengolah proyek sistem informasi secara efektif & efisien,” Andi [22] A. S. Filippetto, R. Lima, and J. L. V. Barbosa, “A risk prediction
Offset: Yogyakarta, 2016. model for software project management based on similarity
analysis of context histories,” Information and Software Technology, vol.
[6] D. Crnković and M. Vukomanović, “Comparison of Trends in 131, Mar. 2021, doi: 10.1016/j.infsof.2020.106497.
Risk Management Theory and Practices Within the Construction
Industry,” Elektronički časopis građevinskog fakulteta Osijek, no. [23] U. I. Janjua, J. Jaafar, and F. W. Lai, “Expert’s opinions on
December 2016, pp. 1–11, 2016, doi: 10.13167/2016.13.1. software project effective risk management,” in 2016 3rd
International Conference on Computer and Information Sciences
[7] J. Partogi, “Manajemen Modern dengan Scrum,” Yogyakarta: (ICCOINS), Aug. 2016, pp. 471–476. doi:
Penerbit Andi, 2015. 10.1109/ICCOINS.2016.7783261.
[8] B. Verma, M. Dhanda, B. Verma, and M. Dhanda, “A review on [24] T. Lueddemann, S. Sahin, J. Pfeiffer, and T. C. Lueth,
risk management in software projects,” International Journal, vol. 2, “Experimental evaluation of a novel ISO 14971 risk management
pp. 499–503, 2016. software for medical devices,” in 2016 IEEE/SICE International
[9] Romi Satria Wahono, “A Systematic Literature Review of Software Symposium on System Integration (SII), Dec. 2016, pp. 162–167. doi:
Defect Prediction: Research Trends, Datasets, Methods and 10.1109/SII.2016.7843992.
Frameworks,” Andi Offset, vol. 1, no. 1, pp. 1–16, 2015, [Online]. [25] Y. Hsu, M.-F. Hsu, and S.-J. Lin, “Corporate risk estimation by
Available: combining machine learning technique and risk measure,” in 2016
https://www.researchgate.net/publication/275945834_A_Syste IEEE/ACIS 15th International Conference on Computer and Information
matic_Literature_Review_of_Software_Defect_Prediction_Resea Science (ICIS), Jun. 2016, pp. 1–4. doi: 10.1109/ICIS.2016.7550763.
rch_Trends_Datasets_Methods_and_Frameworks
[26] K. Ghane, “Quantitative planning and risk management of agile
[10] B. Kitchenham and S. Charters, “Guidelines for performing software development,” in 2017 IEEE Technology and Engineering
systematic literature reviews in software engineering,” 2007. Management Society Conference, TEMSCON 2017, Jun. 2017, pp. 109–
[11] S. Sharma and B. Ram, “Causes of human errors in early risk 112. doi: 10.1109/TEMSCON.2017.7998362.
assesment in software project management,” in ACM International [27] A. Aslam et al., “Decision Support System for Risk Assessment and
Conference Proceeding Series, 2016, vol. 04-05-Marc, pp. 1–11. doi: Management Strategies in Distributed Software Development,”
10.1145/2905055.2905069. IEEE Access, vol. 5, pp. 20349–20373, Oct. 2017, doi:
[12] R. Gandhi, M. Germonprez, and G. J. P. Link, “Open Data 10.1109/ACCESS.2017.2757605.
Standards for Open Source Software Risk Management Routines,” [28] M. Pasha, G. Qaiser, and U. Pasha, “A Critical Analysis of
in Proceedings of the 2018 ACM Conference on Supporting Groupwork, Software Risk Management Techniques in Large Scale Systems,”
Jan. 2018, pp. 219–229. doi: 10.1145/3148330.3148333. IEEE Access, vol. 6, no. c, pp. 12412–12424, 2018, doi:
[13] N. D. Linh, P. D. Hung, V. T. Diep, and T. D. Tung, “Risk 10.1109/ACCESS.2018.2805862.
Management in Projects Based on Open-Source Software,” in [29] A. Boranbayev, S. Boranbayev, A. Nurusheva, K. Yersakhanov,
Proceedings of the 2019 8th International Conference on Software and and Y. Seitkulov, “A Software System for Risk Management of
Computer Applications, Feb. 2019, vol. Part F1479, pp. 178–183. doi: Information Systems∗,” in IEEE 12th International Conference on
10.1145/3316615.3316648. Application of Information and Communication Technologies, AICT 2018
[14] S. Santos, F. Carvalho, Y. Costa, D. Viana, and L. Rivero, “Risking: - Proceedings, Oct. 2018, pp. 1–6. doi:
A game for teaching risk management in software projects,” in 10.1109/ICAICT.2018.8747045.
Proceedings of the XVIII Brazilian Symposium on Software Quality, Oct. [30] P. Gouthaman and S. Sankaranarayanan, “Agile software risk
2019, pp. 188–197. doi: 10.1145/3364641.3364662. management architecture for IoT-fog based systems,” in Proceedings
[15] C. M. Tae, P. D. Hung, and L. D. Huynh, “Risk Management for of the International Conference on Smart Systems and Inventive Technology,
Software Projects in Banking,” in PervasiveHealth: Pervasive ICSSIT 2018, Dec. 2018, pp. 48–51. doi:
Computing Technologies for Healthcare, Feb. 2020, pp. 65–69. doi: 10.1109/ICSSIT.2018.8748457.
10.1145/3387263.3387268.

Vol. KHAZANAH INFORMATIKA | ISSN: 2621-038X, Online ISSN: 2477-698X

[31] O. E. Lieh and Y. Irawan, “Exploring Experiential Learning Model [46] A. Stavert-Dobson, “Software Testing in Clinical Risk
and Risk Management Process for an Undergraduate Software Management,” 2016, pp. 233–247. doi: 10.1007/978-3-319-26612-
Architecture Course,” in 2018 IEEE Frontiers in Education Conference 1_16.
(FIE), Oct. 2018, vol. 2018-Octob, pp. 1–9. doi: [47] D. Książkiewicz, “Risk Factor Classification GEMIO in the
10.1109/FIE.2018.8659200. Planning Phase of Logistic Project Management,” M. Bąk, Ed.
[32] Y.-T. Chen, “Modeling Information Security Threats for Smart Cham: Springer International Publishing, 2016, pp. 211–219. doi:
Grid Applications by Using Software Engineering and Risk 10.1007/978-3-319-26848-4_19.
Management,” in 2018 IEEE International Conference on Smart Energy [48] Y.-S. Chen, C.-K. Lin, and H.-M. Chuang, “Improving Project
Grid Engineering (SEGE), Aug. 2018, pp. 128–132. doi: Risk Management of Cloud CRM Using DANP Approach,” in
10.1109/SEGE.2018.8499431. Lecture Notes in Electrical Engineering, vol. 375, 2016, pp. 1023–1031.
[33] A. Senkov, “Intelligent Software Platform and End-Point Software doi: 10.1007/978-981-10-0539-8_100.
for Risk Management,” in 2018 International Multi-Conference on [49] V. Boyko, N. Rudnichenko, S. Kramskoy, Y. Hrechukha, and N.
Industrial Engineering and Modern Technologies (FarEastCon), Oct. 2018, Shibaeva, “Concept Implementation of Decision Support
no. 16, pp. 1–5. doi: 10.1109/FarEastCon.2018.8602702. Software for the Risk Management of Complex Technical
[34] M. Hammad, I. Inayat, and M. Zahid, “Risk management in agile System,” in Advances in Intelligent Systems and Computing, vol. 512,
software development: A survey,” in Proceedings - 2019 International 2017, pp. 255–269. doi: 10.1007/978-3-319-45991-2_17.
Conference on Frontiers of Information Technology, FIT 2019, Dec. 2019, [50] K. A. Demir, “3PR Framework for Software Project Management:
pp. 162–166. doi: 10.1109/FIT47737.2019.00039. People, Process, Product, and Risk,” 2017, pp. 143–170. doi:
[35] V. Muntés-Mulero et al., “Agile risk management for multi-cloud 10.1007/978-3-319-54325-3_7.
software development,” IET Software, vol. 13, no. 3, pp. 172–181, [51] E. E. Odzaly, D. Greer, and D. Stewart, “Agile risk management
Jun. 2019, doi: 10.1049/iet-sen.2018.5295. using software agents,” Journal of Ambient Intelligence and Humanized
[36] V. G. Psoyants, A. I. Taganov, A. N. Kolesenkov, and I. v. Computing, vol. 9, no. 3, pp. 823–841, Jun. 2018, doi:
Bodrova, “Risk Management Technology of Software Project 10.1007/s12652-017-0488-2.
Sustainability in Fuzzy Conditions,” in 2019 8th Mediterranean [52] T. Hussain, “Risk management in software engineering: What still
Conference on Embedded Computing (MECO), Jun. 2019, no. June, pp. needs to be done,” in Advances in Intelligent Systems and Computing,
1–4. doi: 10.1109/MECO.2019.8760176. 2019, vol. 857, pp. 515–526. doi: 10.1007/978-3-030-01177-2_37.
[37] V. Machado, P. Afonso, and H. Costa, “Risk Catalogs in Software [53] Y. M. García, M. Muñoz, J. Mejía, G. P. Gasca, and A. Mireles,
Project Management,” in 2019 XLV Latin American Computing “Application of a risk management tool focused on helping to
Conference (CLEI), Sep. 2019, vol. 2019-Janua, pp. 1–10. doi: small and medium enterprises implementing the best practices in
10.1109/CLEI47609.2019.9089044. software development projects,” in Advances iGarcía, Y. M., Muñoz,
[38] F. Wiesweg, A. Vogelsang, and D. Mendez, “Data-driven Risk M., Mejía, J., Gasca, G. P., & Mireles, A. (2018). Application of a risk
Management for Requirements Engineering: An Automated management tool focused on helping to small and medium enterprises
Approach based on Bayesian Networks,” Proceedings of the IEEE implementing the best practices in software development projects. Advances in
International Conference on Requirements Engineering, vol. 2020-Augus, Intel, 2018, vol. 746, pp. 429–440. doi: 10.1007/978-3-319-77712-
pp. 125–135, 2020, doi: 10.1109/RE48521.2020.00024. 2_41.
[39] A. Puri and S. Sharma, “Risk Management in Software [54] P.-F. Gu, J.-Z. Tang, W.-H. Chen, and others, “Risk Analysis and
Engineering Using Big Data,” in Proceedings of International Conference Management of Software V&V Activities in NPPs,” in International
on Intelligent Engineering and Management, ICIEM 2020, Jun. 2020, pp. Symposium on Software Reliability, Industrial Safety, Cyber Security and
63–68. doi: 10.1109/ICIEM48762.2020.9160170. Physical Protection for Nuclear Power Plant, 2018, pp. 123–128.
[40] E. Khanna, R. Popli, and N. Chauhan, “Artificial Intelligence [55] O. L. Loaiza and J. M. de León, “Adaptation of open up in the
based Risk Management Framework for Distributed Agile scrum framework to improve compliance in scope, risk
Software Development,” in 2021 8th International Conference on Signal management and delivery times in software development
Processing and Integrated Networks (SPIN), 2021, pp. 657–660. projects,” in Proceedings of the Computational Methods in Systems and
[41] B. Tenbergen and N. R. Mead, “Adapting a Software Acquisition Software, 2019, pp. 404–418.
Curriculum to Instruct Supply Chain Risk Management in a [56] D. Ionita, C. van der Velden, H. J. K. Ikkink, E. Neven, M.
Project-Based Software Development Course,” in 2021 Third Daneva, and M. Kuipers, “Towards risk-driven security
International Workshop on Software Engineering Education for the Next requirements management in agile software development,” in
Generation (SEENG), 2021, pp. 36–40. Lecture Notes in Business Information Processing, 2019, vol. 350, pp.
[42] M. I. Lunesu, R. Tonelli, L. Marchesi, and M. Marchesi, “Assessing 133–144. doi: 10.1007/978-3-030-21297-1_12.
the Risk of Software Development in Agile Methodologies Using [57] L. Ferreira, A. Pilastri, C. Martins, P. Santos, and P. Cortez, “A
Simulation,” IEEE Access, vol. 9, pp. 134240–134258, 2021, doi: Scalable and Automated Machine Learning Framework to Support
10.1109/ACCESS.2021.3115941. Risk Management,” in Lecture Notes in Computer Science (including
[43] S. M. Avdoshin and E. Y. Pesotskaya, “Software Risk subseries Lecture Notes in Artificial Intelligence and Lecture Notes in
Management: Using the Automated Tools,” in CEUR Workshop Bioinformatics), vol. 12613 LNAI, 2021, pp. 291–307. doi:
Proceedings, vol. 963, 2016, pp. 85–97. doi: 10.1007/978-3-319- 10.1007/978-3-030-71158-0_14.
23929-3_8. [58] M. Roy, N. Deb, A. Cortesi, R. Chaki, and N. Chaki,
[44] B. Roy, R. Dasgupta, and N. Chaki, “A Study on Software Risk “Requirement-oriented risk management for incremental software
Management Strategies and Mapping with SDLC,” in Advances in development,” Innovations in Systems and Software Engineering, vol. 17,
Intelligent Systems and Computing, vol. 396, Springer Verlag, 2016, pp. no. 3, pp. 187–204, Sep. 2021, doi: 10.1007/s11334-021-00406-6.
121–138. doi: 10.1007/978-81-322-2653-6_9. [59] J. Finger, K. Ross, I. Häring, E.-M. Restayn, and U. Siebold,
[45] M. Felderer, F. Auer, and J. Bergsmann, “Risk Management “Open Chance and Risk Management Process Supported by a
During Software Development: Results of a Survey in Software Software Tool for Improving Urban Security,” European Journal for
Houses from Germany, Austria and Switzerland,” vol. 10224, J. Security Research, vol. 6, no. 1, pp. 39–71, Apr. 2021, doi:
Großmann, M. Felderer, and F. Seehusen, Eds. Cham: Springer 10.1007/s41125-021-00072-6.
International Publishing, 2017, pp. 143–155. doi: 10.1007/978-3- [60] E. Patelli, A Multi-Disciplinary Software Suite for Uncertainty
319-57858-3_11. Quantification and Risk Management, no. November. Cham: Springer
International Publishing, 2016. doi: 10.1007/978-3-319-11259-6.

Vol. KHAZANAH INFORMATIKA | ISSN: 2621-038X, Online ISSN: 2477-698X

[61] A. K. Chinemeze and B. C. Mbam, “Impact of Risk
Managementon Software Projectsin Nigeria Using Linear
Programming,” no. 7, pp. 142–147, 2019, [Online]. Available:
https://www.researchgate.net/profile/Kyrian-Adimora-
2/publication/347937527_U0807186192/links/5fe8dfd9299bf14
088503489/U0807186192.pdf
[62] A. Iordache and A. Woinaroschy, “Drinking Water Quality Risk
Management. Risk Analysis of Nitrogen Groundwater
Contamination Using Analytica Software,” Revista de Chimie, vol.
70, no. 11, pp. 3971–3976, Dec. 2019, doi:
10.37358/RC.19.11.7684.
[63] W. Khan, “A Review on Some Pertinent Software Security Risk
Management Frameworks,” no. September 2020, pp. 5–10, 2021.
[64] J. Nyfjord, “Towards integrating agile development and risk
management,” Institutionen för data-och systemvetenskap (tills m
KTH), 2008.
[65] Schwaber Ken and Sutherland Jeff, “Panduan Definitif untuk
Scrum: Aturan Permainan,” Scrum.Org, no. November, pp. 1–17,
2020.
[66] A. Moran, “Agile risk management,” in Agile Risk Management,
Springer, 2014, pp. 33–60.
[67] M. el Bajta and A. Idri, “Identifying Risks of Software Project
Management in Global Software Development: An Integrative
Framework,” in Proceedings of the 13th International Conference on
Intelligent Systems: Theories and Applications, Sep. 2020, pp. 1–5. doi:
10.1145/3419604.3419780.
[68] M. A. Rafeek, A. F. Arbain, and E. Sudarmilah, “Risk mitigation
techniques in agile development processes,” International Journal of
Supply Chain Management, vol. 8, no. 2, pp. 1123–1129, 2019.
[69] J. Masso, F. J. Pino, C. Pardo, F. García, and M. Piattini, “Risk
management in the software life cycle: A systematic literature
review,” Computer Standards and Interfaces, vol. 71. Elsevier B.V.,
Aug. 01, 2020. doi: 10.1016/j.csi.2020.103431.

Vol. KHAZANAH INFORMATIKA | ISSN: 2621-038X, Online ISSN: 2477-698X