Have you got these software risks covered?
Software development is full of risks that threaten to derail your project at every step. Whether it’s technical debt or creating a product that nobody likes, understanding and mitigating these risks is crucial for long-term success.
This blog explores six significant risks that software development projects commonly encounter. We delve into strategies that minimise their impact and maximise the chances of project success. And, ultimately, why saving money on software development might cost you big overall.
In this article:
- Risk #1:Technical Debt
- Risk #2: Reliability issues
- Risk #3: Running overtime/overbudget
- Risk #4: Non-compliance
- Risk #5: Not satisfying stakeholders /not achieving business goals
- Risk #6: Not satisfying end-users
- Can you afford the cost of failure?
Risk #1: Technical debt
Imagine running a commercial kitchen and not washing the dishes as you go. Before too long, you’ll have piles of dirty crockery, your pans and surfaces will be caked with grime, and the quality and speed of your cooking will suffer.
In software development, this is called ‘technical debt’. Rather than piles of washing up, it refers to the cost of making your product software or architecture maintainable again. This could be a result of the following:
- Poor code quality, including “bodge jobs” or fixes that were only meant to be temporary.
- Unresolved defects
- No documentation
- Insufficient testing
Superhero developers, who tend to work with a “build now, fix later” ethos, are particularly prone to accumulating this backlog of issues.
Mitigation
The best way to tackle technical debt is to make sure it’s not allowed to build up in the first place. This takes a bit of extra time, effort, and expense, but you’ll take far fewer risks and get a far better outcome.
A Lean-Agile work methodology promotes working in short sprints and includes a full product cycle within each. That means creating a working product iteration, testing it, reviewing the code and design, and more, every two weeks (or however long a project’s sprints are).
The result is high-quality, maintainable, well-documented code that carries less short- and long-term risk.
Risk #2: Reliability
Reliability is among the most essential qualities of any product—software or otherwise. Suppose your device gets into a customer’s hands and they find a serious bug. In that case, it will damage your company’s reputation and diminish the chance of them buying from you again. And the cost of a product recall could be devastating.
Worse still, for devices in safety-critical spaces, such as medical, aerospace, or automotive, a single failure could lead to death or serious injury.
Mitigation
Lean principles state that you should do all you can to maximise the quality of the product at every step of development. In short: reliability is not something you can retrofit to a project.
For Bluefruit, this means using every tool and quality practice at our disposal—Test-Driven Development (TDD), Behaviour-Driven Development (BDD), living documentation, retrospectives, an Agile methodology, and more—to ensure that problems are found early and not buried.
But let’s not forget your greatest quality assurance asset: people.
If an end-user finds a significant problem with your code, there’s a good chance that someone on the development team was already aware of it.
So why didn’t they speak up?
There are several possible reasons. For example, a team member might:
- spot a senior colleague’s error and not feel empowered to point it out
- make a mistake and hide it for fear of punishment, or
- predict a potential problem but not want to bring down team morale.
A work environment with good psychological safety encourages everyone to ask questions and raise concerns without fear of judgment or negative repercussions, no matter their position or seniority. This way, individuals will raise the flag if they spot something amiss—or even have their suspicions—rather than allowing future reliability issues to be buried.
Risk #3: Non-compliance
As you might expect, risk is much more acute in regulated spaces such as medical. Failure here could mean that you complete your product on time and on budget… only for it to fail to pass an audit and never get to market.
There are strict requirements for device compliance: things you must document, practices you must follow, and so on.
However, a common issue we see with prospective clients is that their teams have a deadline—perhaps a show or clinical trial date—and decide that they can put quality checks off until later. In doing so, they build up technical debt. The very real risk here is that these checks don’t get done or they’re a rush job hastily tacked on at the end of the project.
Mitigation
Quality practices are significantly more effective if you do them at the time, while relevant information is still fresh in a team’s mind.
A key principle of the Agile methodology is about making changes quickly and efficiently. If a project review generates actions requiring you to make a significant change, it is much easier and less costly to implement these early. The same goes for code reviews and unit testing.
However, these each require that teams have sufficient capacity and capability. That’s why having a full team mix, including analysts and testers, is so important.
You should also ensure you’re testing the right things.
TDD is an Agile software development process that promotes a test-first approach—that is, writing tests based on project requirements before you write a single line of code. It prompts up-front conversations to clarify how the feature is intended to function.
This means you’re testing against what you intend the software to do, not what your software already does. Simply put, test-first ensures that features are well tested, helping towards verification and validation. While BDD is ‘building the right thing’, TDD is ‘building the thing right’.
Risk #4: Running over budget/over schedule
One of the most common software development risks, ‘over budget’ means different things to different people. For a start-up, it probably means the company is out of money. For larger businesses, it means the project may not recover its costs if it goes to market. Either way, the outcome is the same: struggle and failure.
Since ‘time is money’, it’ll come as no surprise that running behind schedule puts a greater strain on a budget and increases the risk of failure.
Mitigation
This is where an Agile approach to software development really comes into its own. User stories allow developers to prioritise features and ensure that a minimum marketable product (MMP) is available as soon as possible. Working software is delivered each iteration, enabling stakeholders and users to get hands-on with it and potentially release that version if the deadline needs to move forwards. Subsequent iterations test and improve on this design as remaining time and budget allow.
When a Waterfall methodology runs out of money, you may be left with a product that doesn’t even work yet or hasn’t been tested. With a Lean-Agile approach, you may even learn that an early version of your product meets all your customers’ needs, and no further development is needed.
However, to work within a budget and deliver quality software on time, it’s crucial that a development team works well together.
This is somewhere superhero contractors simply cannot compete. They might work well individually, but they won’t have the cohesion of an established team with high psychological safety. That takes time; they must first establish work processes and a team culture while also learning how to work with each other.
Workers report 50% higher productivity when psychological safety is present.
As a company, we put a lot of effort into this. We ensure that our teams are productive, comfortable, and confident, so they can hit the ground running. And in doing so, we vastly de-risk client projects.
Risk #5: Not satisfying stakeholders/not achieving business goals
There are usually quite a few people with a vested interest in any given software development project. Excluding, for now, the end-users (we’ll talk about them shortly), you might have to balance the expectations of:
- a director (who wants it delivered within budget)
- a financial investor (who wants to maximise returns on their money)
- a production manager (who wants X number of units produced each year), and
- a salesperson (who wants certain features).
They each have valid requirements, but you can’t necessarily give everyone everything they want 100% of the time while fulfilling business goals. The risk here is that, unless carefully managed, stakeholders could feel that they’re not being listened to or communicated with effectively. This could, in turn, result in losing their support, an unhappy working relationship, and potential resistance when it comes to future projects.
Mitigation
Stakeholder engagement practices, such as workshops, allow you to speak with all stakeholders, discuss their requirements, and agree on outcomes.
Working in sprints then allows you to provide regular updates to show that their requirements are being met. This could be Three Amigos and planning sessions, feedback loops, product demos, or progress reports to show that everything is running to budget.
Risk #6: Not satisfying end users
What if you create a product, on time, under budget, meeting all compliance needs, and free of any major bugs… but your customers hate it? In some ways, this is as serious as having a major bug discovered after going to market.
This could happen for several reasons. Maybe the display is hard to read in low-light environments where it’s being used. Maybe it features a touchscreen, but your users typically wear gloves. Maybe it’s just too slow or tricky to update.
Whatever the reason, it’s not good. If your end-users don’t like your product, there’s a good chance they’re going to have second thoughts about buying anything else from you in future. Your reputation is going to suffer if they leave negative reviews.
Given no other choice, many developers might be tempted to hazard a guess at what the end user wants. However, that is taking a massive risk.
Mitigation
It takes a team with a UX skillset to make informed, evidence-based decisions on how user interactions should behave.
This includes:
- User research: Who is the user? What other equipment or products are they using? What does their typical work environment look like? What does their work involve? Is the environment wet? Are they wearing gloves?
- User trials: The product lifecycle allows teams to test early versions of the product with real users. They can try different user interfaces, observe interactions, and use this to refine the application.
UX is invaluable, but it can’t necessarily anticipate how successful things will be in the real world. For that, you need to see how real users get on with a working device or prototype.
Agile’s iterative development process allows teams to get their product into the hands of users early on and gain valuable feedback to help guide development.
Can you afford the cost of failure?
There are lots of ways to reduce risk and improve your software project’s chances of success. But, ultimately, it boils down to investing in quality—both in people and work practices. Doing things right may cost a little more in the short term, but you stand to reap dividends in the future.
And with so much on the line, can you afford not to?
What happens when psychological safety is neglected and risk isn’t managed?
In this blog post, we touched upon the benefits of psychological safety and described how empowered team members reduce software risks. But what does low psychological safety look like in the real world?
Our free ebook, Why is psychological safety critical to managing software risk?, goes into more detail about the benefits of building an empowered work culture. But it also features case studies of two major businesses with low psychological safety, and the deadly consequences.
Download your copy of Why is psychological safety critical to managing software risk? today to learn:
- The importance of the four stages of psychological safety.
- How psychological safety impacts risk in teams and whole organisations.
- Practices that help reduce risk and drive innovation.
Download your ebook and answer:
Did you know that we have a monthly newsletter?
If you’d like insights into software development, Lean-Agile practices, advances in technology and more to your inbox once a month—sign up today!
Find out more