Book Review : Managing Software Quality And Business Risk


Managing Software Quality And Business Risk

  • Author: Martyn Ould
  • Publisher: John Wiley and Sons
  • Published: 1999
  • Edition: 1
  • Pages:
  • Target Audience :Managers and Quality Professionals
  • Contents:

    1: Introduction
    2: Building The Boat
    3: Icebergs Ahead! Business Risk
    4: Planning for Risk Management
    5: Software Quality
    6: Rivets or Welding? Planning for Quality Achievement
    7: Is It Watertight? Planning for Quality Control
    8: Stopping the Rust: Planning for Quality Preservation
    9: Pushing the boat out: Crewing and provisioning
    10: The hand on the tiller and the captain's log
    11: Blocks on the slipway
    12: Diary of a voyage
    13: Resume of the planning process

Review Date:  12/10/2001 15:07:43
Short Summary:
We can achieve quality when we understand what we are doing and what is required
Short Description:
Quality Understanding 

Quality is a nebulous topic, we know it when we see it but it is hard to define what it is. However there are ways of ensuring that what we produce is more likely to be perceived as having quality than not, and that is what this book deals with.

The author obviously had exposure to mathematics and formal techniques but the real world is a subjective, changeable, place and this book deals with the techniques of quality on a human level.

Quality can be achieved by taking the time out to understand what we have to do and the risks associated with doing it. By being open and honest about the risks, documenting and taking advice on those risks then we can define strategies for dealing with them.

Plans are products of the development process and are there to document our decisions, to communicate our expectations and our requirements. But they have to be flexible as they are built on estimates, and as the project proceeds, our initial project estimates are rarely the ones that we would have chosen (given the hindsight of experience). We should do everything that we can to ensure that our estimates are based on a good understanding of the risks and the requirements and the processes that are used to do the development.

A high level focus is adopted by the book which views all the steps in the development process and the actions taken, from the point of view of risk and quality. This gives each presentation of familiar techniques a slightly different flavour than found in many software management books. Lifecycle models are presented as processes for reducing risk and details the circumstances surrounding when we should use them, e.g. depending on the solidity of our understanding, the need for a single complete deliverable rather than small incremental releases. Each of the sections is presented in a nutshell format from high above and then expanded.

The process of managing and understanding is split into:

  1. Risk Planning; understanding the risks, their dependencies and mitigation approaches.
  2. Quality Planning; what level of quality do we want, how can we build that level in, how can we check that we have achieved that level, and how can we ensure that the level of quality remains in the product.
  3. Resource Planning; what do I need and when do I need it, what will I do and when will I do it

You can see from the contents that the book takes us through the process from start to finish and the text is liberally peppered with heuristics and tales from experience outlining good advice. Every chapter has a summary at the end that removes the tales and leaves us with the basic essentials of that step.

The references are presented at the end of each chapter. They are very much aimed at the manager and are full of classic (older) texts, unfortunately there are only 2 testing references and these are fairly structural academic papers by Chow (1978) and McCabe (1985). This doesn't detract from the information presented as the actual text is timeless (in software development terms) but when it comes to follow on reading there may well be more relevant texts.

Modelling is presented as a basic tool to achieve quality. The risk identification process results in a model of risk which we can assess, build on, and track. The lifecycle we follow is a model for reducing risk and knowing what to do next. Quality V&V techniques are more effective when they consider the models being used to construct the system. Estimates are models of our goals. The resource plan is a model of how we expect the development to proceed and we use it to track the actuals of the past in order to manage the future.

The final chapter presents a summary of the techniques and products used throughout the book.

This is a valuable read because of its unrelenting focus on quality, risk and planning and the amount of anecdotal experience presented.