The goal of software development teams should never be “Being Agile.” The goal should be to deliver software to help the organization further its goals. That’s why so many Agile adoption efforts fail — because there is/was a belief that once you are Agile everything will be great! The truth is, once you’ve found the development practices — regardless of Agile — to help you meet your organization’s goals in a better way, everything will be great.

There’s quite a bit of risk management inherently built into agile principles and practices, but there doesn’t seem to be any explicit risk management discipline.

How do we integrate risk management within the iterative cycles of agile development?

  1. Make it visible. Put it on the wall for all to see. For the team, project manager, product owner, etc to see every day in the daily stand-up meeting.
  2. Make it collaborative. Allow anyone to add a new risk or add comments on an existing risk any time they want.
  3. Make it visual. Chart out the risk on a graph and rate the risk 1-9. Make it clear and not cluttered on a white board.
  4. Scorecard – as well as asking what went well, what didn’t go so well, what would we do differently in the next iteration – Facilitate the team’s thought process to actively identify risks. Add them to the risk log on the wall.
  5. Include it in the product backlog (‘feature’ list). If it’s appropriate to do something to mitigate a risk and reduce its likelihood, or to prepare contingency for the risk, add the actions to the Product Backlog for the project and prioritize them along with the features.
  6. Review it daily. In the daily stand-up meetings – as well as asking what have you done since the last meeting, what will you do before the next meeting, and if there anything holding up your progress – also ask each team member if there’s anything that could prevent them from meeting their goals. This will encourage a little proactive thought, not just reactive when progress is blocked.

In other words, on major projects particularly, make risk management part of your everyday business.