A New Project Risk Management Model based on Scrum Framework and Prince 2 Methodology

With increasing competition in the software industry, software companies need to effectively manage the risks of software projects with minimal time and cost to deliver high quality products. High frequencies of warning errors and failures in software projects are indicative of human and financial costs in the software projects and teams. One of the reasons for the failure of software projects is the lack of risk management mechanism in the software development process, which can, in case of proper implementation of risk management, increase the success rate of such projects. In most projects, risk management activities are strongly confined to the adopted software methodology. Therefore, is needed a solution or model to overcome this constraint. Scrum is one of the most popular software development methodologies which has recently considered by software teams. This methodology seems not to have paid much attention to risk management. Focusing on this weakness, this research has been trying to provide a model for risk management with the participation of 52 Agile experts from six different countries using the Prince2 project management framework in Scrum methodology. The main goals of this model are to improve the coverage and appropriate risk management mechanism on software projects, increase the project’s success rate and to provide a good estimation of the required time, improve product quality and enhance quality parameters, such as the usability, flexibility, efficiency, and reliability. Keywords—Agile software development; risk management; risk management hybrid model; prince2; scrum; agile risk management


INTRODUCTION
American Project Management Institute (PMI) introduced risk management as one of the twelve principal levels of the general knowledge project [1].Risk management refers to all processes to identify, analyze, and respond to any uncertainty that includes maximizing the results of desirable events and minimizing adverse events results [2].Chawan et al. (2013) examined risk management models and the result of adverse events the basic steps such as risk identification, risk planning, risk assessment, risk mitigation and risk monitoring and control and concluded that different models and frameworks for risk management are tools for risk management and control in the critical conditions [3].
Traditional project management (waterfall approach) is suitable for the projects that are well defined areas and it has less complexity and uncertainty [4].At present, more complex projects and business environments with unique needs and capabilities are changing [5].Most customers cannot express all their needs clearly [6].One of the challenges of the traditional models, it needs very time and cost to writing the documentation of the project.The heavyweight methodologies, nature of software development, lead to unrealistic estimates in the design phase and inability to adapt to unforeseen changes in projects.So it is needed an approach to identify and solve these challenges and risks [7].
A review of previous studies shows that there is no a comprehensive model for risk management in the agile software development process [8]- [11].The evidence for this assertion, by reviewing the prior studies in the literature, is the enhancing the failures in software projects.
Results of proposed model and participation of 52 Agile experts from 6 different countries shows that the proposed model can reduce the risk of projects and increased the usability, flexibility, efficiency, and reliability.
The next section of this research is to investigate the importance of risk management and its challenges.Section III will be explaining the PRINCE2 method.Also, Section IV focuses on research method.In Section VI is explained the designing, analyzing, and results of the performance of the proposed model.Sections VI and VIII discuss the limitations and discussion of the study and Section IX explains the conclusion and future work of the research.

II. LITERATURE REVIEW
After Agile Manifesto was released, the discussion of agile project management was also raised [12].There are many types of research on the differences between traditional and agile development methods and new approaches to project management are needed [13]- [17].In agile methodologies, risk management has not been defined clearly.For example, Scrum framework has not formally described project risk management.Therefore, it is necessary, according to project requirements to be included processes for risk management in this framework [8].
Scrum has flaws and defects in project management and risk management in software projects [9].The absence of effective risk management techniques in agile software development caused many challenges in the software production process [10].In Scrum Framework, projects are broken into several sprints and can be performed in two to four weeks.However, for large projects, a large number of Sprints in Scrum cause difficult task management for Scrum www.ijacsa.thesai.orgdevelopment teams, which is one of the challenges and weaknesses in the scrum [11], [18], [19].
According to studies conducted the Scrum and Prince 2 methodologies are both process-oriented, which can overlap each other, so can be created a combine framework with them.
Nitin and Ugrasen (2015) introduced a framework called RBSM to risk management processes to improve the Scrum method in order to increase the success of projects.The purpose of this model is to create a general model to a quality and reliable productin in the organizations that use the agile methods [20].
Al-Zoabi (2008) introduced a framework with XP and Prince 2 standard that her aim was the flexible method to project management.The results indicated that using their proposed method in a real project provided high-quality software products at a lower cost and time [21].

III. PRINCE 2
Prince2 is a well-known standard in project management.Prince2 proposed in 1996 after PMBOK by APMG in the UK and has been expanded by the British state (Government).Prince2 is the result of managers, experts and consultants experience in the field of project management (OGC, 2009).Project management methodology success with Prince 2 that has created consisting of four integrated elements, principles, themes, processes and project environment [22]- [24].
Project management based on Prince2 has two parallel sections called themes and processes; each one divided into seven separate issues, and all moving to forward based on seven principles [25].Prince2 is a process-based approach in project management.In Prince2 there are seven processes, including a set of activities required for project control, management and successful delivery of the projects [23], [26], [27].The principles in Prince2 are definitive guidelines that show proximity and compliance in the project management based on Prince2.There are seven principles in Prince2 [23], [27].Themes, describing the components of project management must be used continuously and in parallel in the project [25], [27].The Prince2 framework is flexible and can be tailored to any size and type [23], [28].The proportionating element (of project environment) can be used as a framework for combining it with Scrum framework and to create an integrated model for risk management in agile software development.Prince2 describes how to divide a project into manageable steps.

IV. RESEARCH METHODOLOGY
The present study is an applied empirical research in the field of software engineering.Fig. 1 shows the steps and processes adopted in the current research [29].

A. Data Collection
The questioner is one of the research tools in which the researcher designs a set of items (question) aiming to collect information on the respondents and statistically analyze the responses.In this research, for measurement of the attitudes, Likert scales were used [30].In this research the questionnaire items were designed in 5-and 7-option Spectrum.

B. Validity
Validity refers to the ability of the instrument to measure the attribute for the measurement of the test has been designed.In this research for validity measurement, a standard questionnaire was used.After the questionnaire was designed, it was given to a number of researchers and experts in the field of software engineering.After receiving the comments, corrective actions were made.

C. Reliability
Reliability refers to the accuracy of reliance and stability of test results.Cronbach's alpha was used to measure reliability in the present study.After the data collection process, reliability factor (Cronbach's alpha) was calculated using SPSS software.The result was 0.90 indicating the stability and internal consistency of the questionnaire.The Cronbach's alpha method is one of the most common methods to measure the reliability and validity of the questionnaire.This factor (coefficient) is used to get the respondents' impression of the items (questions).Evidently, the nearer Cronbach's alpha index to 1, the more internal correlation between the items and, as a result, the more It is clear any amount Cronbach's alpha is the index to 1 closer, the internal correlation between questions are more homogeneous.Cronbach's alpha values between 5.0 to 7.0 are average and acceptable, lower than 5.0 lacks reliability, more than 7.0 is good reliability, and higher than 9.0 is considered too high [31].

D. Selection of Research Target Population
The statistical universe and participants in this research include software development teams, senior and junior managers, executive managers, consultants, developers, Scrum Masters, customers, software companies and all stakeholders involved in projects.It should be noted that data were collected by sharing the questionnaire1 in professional online groups, and sites like Facebook, Google +, LinkedIn, Researchgate, Google group, Yahoo and social networks such as WhatsApp, Telegram, etc. as well as sending the questionnaire via email to software engineering expert.Finally, the questionnaire was responded by 52 people in six different countries, in professional groups of software engineering.In analyzing data from the questionnaire the characteristics of the respondents to the questionnaire, such as work experience in traditional and Agile software development, role or job, methods used in the organization, country of activity, the scope of the project by the organization, the number of employees and scale of enterprise have been shown in Table I. www.ijacsa.thesai.org

V. PROPOSED MODEL
According to product quick release in an iterative and incremental mode in Scrum, the Scrum methodology can be used in product delivery [32].In this idea, with using prince2 management features and scrum iterative delivery features can be introduced a combined model.With this idea, processes are run in different layers.By applying the features of different parts of Prince2 and dimensions of the Scrum framework with a focus on risk management can be provided an integrated model to identify or improve risk management.The integrated model Prince2 project management processes and Scrum process with the risk management approach in agile projects can increase the success rate of software agile projects [33].The proposed model has been shown in Fig. 2.
First, in the project charter, defined the obligations of individuals relative to the project can be defined.One weakness of Scrum is a severe attachment to team members leaving may result in the project stoppage and failure.These challenges of Scrum can be resolved by the project charter.The project manager begins the project with estimates of the needs and costs.Product Owner and Project Manager cooperate in the assessment and transparency requirements.In the process of directing the project, decisions are made to start the project and licenses are issued.Projects can be started when the project manager designs details and stages.After that, the project enters the initiation phase.One of the weaknesses of Scrum is a failure to identify area involved in the project.However, in the preparation phase (project initiation), the project scope can be partly identified.In determining the scope of the project, the risks can be better identified.The project manager must link process with Sprints.The product owner should also express their basic needs in the format of "Product Backlog".Scrum master and project manager design the sprints and facilitate the implementation of processes.Product owner and development team together, exchange ideas about "product Backlog" and the requirements that must be delivered in the next sprint.
In the boundary management process, risks are recorded and reported and by the process of directing project, the next stage of the project is done step by step.Process and "product Backlog" are prioritized by the product owner and planned on Sprint by Scrum Master and processes in the format of "Product Backlog" delivered to the development team and the development team will release the product.After the release, review and retrospective meetings are held, and if recompletion is required, the sprints are planned and developed.After the sprint review meeting, the project manager should prepare a special report on the project progress.Product Owner and Project Manager by using the burndown charts and weekly meetings evaluate the sprints and identify the project risks.In the proposed model, risks are recorded and updated in the initiation step, process control, and boundary management steps.In the end stage, reports are presented and these processes are performed iteratively and incrementally.www.ijacsa.thesai.org

A. Model Usability
Based on results in Table II, it is concluded that according to the Pearson correlation coefficient, usability between the model intelligibility and easy learning and the ability to implement the model gets the value of 0.698.Also, a decision criterion (Sig.) was close to 0.000, which is lower than 0.05.So there are significant correlations on the usability of the model.

B. Flexibility of Model
The results in Table III show that the flexibility of the model, the ability of different process adoption, and interaction of the model gets the value of 0.864.Also, a decision criterion (Sig.) was close to 0.000, which is lower than 0.05.So there are significant correlations on the flexibility of the model.

C. Model Performance
The results in Table IV show that according to Pearson's correlation coefficient between the ability of the product, quick delivery and timely delivery with the ability of optimal use of all the project resource gets the value of 0.434.Also, decision criterion (Sig.) is 0.001, which is lower than 0.05 and www.ijacsa.thesai.orgPearson correlation coefficient between the ability of the product, quick delivery and timely delivery with the ability to create a commercially valuable product gets the value of 0.309.Also, decision criterion (Sig.) is 0.026, which is lower than 0.05 and Pearson's correlation coefficient between the ability to optimal use all resources of the project with the ability to create a commercially valuable product gets the value of 0.596.Also, decision criterion (Sig.) was close to 0.000, which is lower than 0.05 Therefore, between these three factors, there are significant correlations effective on the model performance.

D. Reliability of the Model
Based on the results in Table V, it is concluded that the reliability of the model according to the Pearson correlation coefficient between satisfaction with a product created in the software life cycle model with confidence in the risk identification, analysis, and control gets the value of 0.323.Also, a decision criterion (Sig.) was close to 0.000, which is lower than 0.05.So‫و‬ there are significant correlations on the reliability of the model.

VII. DISCUSSION
After reviewing and evaluating the model parameters some of the most important qualitative results are shown in Fig. 3.The results showed that the proposed model can have usability in the projects at 59.92 percent.If teams and companies have more information on the model to increase the model intelligibility and learnability and ability to implement and execute it, usability will also increase.Results showed that the proposed model can be flexible at 57.28 percent.By increasing, the correctness of performance and different process compatibility, the flexibility of the model also will be increased.www.ijacsa.thesai.org The results showed that the proposed model has a 71.94 percent performance.With increase the ability on the timely and quick delivery of product, and the most optimal use of all the project resources, and increase the ability to establish a more commercially valuable product, the rate of efficiency as well.
The results showed that the proposed model has 72 per cent reliability.With increase satisfaction of products created in the software life cycle and confidence for identification, analysis, and control of the risks by the proposed model, the reliability will be increased.

VIII. RESEARCH LIMITATIONS
One of the limitations of this study is the lack of similar work in this field.Also, for evaluation of the proposed model through questionnaire constantly had faced the lack of the cooperation and follow up.Many items of the questionnaire may prolong the research conduction time, some respondents may have provided false responses and responses precision has been influenced.Another limitation of the research is the lack of expertise and lack of their knowledge in the field of risk management in Prince2 and Scrum.However, this study does not claim that the results could the global model for all the teams because team's organizational cultures are different.

IX. CONCLUSION AND FUTURE WORK
According to the studies in the field of risk management and Agile Scrum methodology in future research can be combined with project management standards.Such as PMBOK, P2M, OPM3, PRINCE2 and Agile methods such as Scrum, DSDM, XP, ASD that have more focus on project management processes to create hybrid models to identify and reduce the risks of software projects.Also, using project management standards and agile methods can be created the models and ways to improve project management and assurance quality in agile software development.
In this study, using risk management techniques with Scrum framework and project management standard Prince2, suggested a model to increase in the success rate projects.There are some of scrum weak points causing risk increase in software development.The proposed model covered the weaknesses and this covering reduces the risk of the project failures.Some of the important results include: covering of risk management at 67.4%, increasing project success about 75.4%, the ability to provide a quality product at 75%, and the reliability to identify, analyze, and control the risks at 85.71%.

Fig. 2 .
Fig. 2. The proposed model of risk management based on Scrum with using Prince2.

Fig. 3 .
Fig. 3.The most important results of the qualitative parameters of the proposed model.

TABLE II .
RESULT OF PEARSON CORRELATION COEFFICIENT BETWEEN MODEL INTELLIGIBILITY, EASY LEARNING OF THE MODEL, THE ABILITY TO IMPLEMENT, AND EXECUTE THE MODEL

TABLE III .
RESULT OF DIFFERENT PROCESSES, ADAPTION AND INTERACTION OF THE MODEL

TABLE IV .
RESULT OF PEARSON CORRELATION COEFFICIENT BETWEEN THE ABILITY OF THE PRODUCTS QUICK DELIVERY, AND TIMELY DELIVERY, ABILITY OF OPTIMAL USE OF ALL THE PROJECT RESOURCES AND ABILITY TO CREATE A COMMERCIALLY VALUABLE PRODUCT

TABLE V .
RESULT OF PEARSON CORRELATION COEFFICIENT BETWEEN SATISFACTION WITH PRODUCTS CREATED IN THE SOFTWARE LIFECYCLE WITH CONFIDENCE IN THE RISKS IDENTIFICATION, ANALYSIS, AND CONTROL