search menu icon-carat-right cmu-wordmark

A Taxonomy of Operational Risks

Technical Note
This report presents a taxonomy-based method for identifying and classifying risks to operational aspects of an enterprise.
Publisher

Software Engineering Institute

CMU/SEI Report Number
CMU/SEI-2005-TN-036
DOI (Digital Object Identifier)
10.1184/R1/6571787.v1
Subjects

Abstract

In 1993, the Carnegie Mellon Software Engineering Institute (SEI) developed a taxonomy-based method for facilitating the systematic and repeatable identification of risks associated with the development of a software-dependent project. Since then, this method has also been used in the Software Risk Evaluation process to identify risks associated with the development of software-intensive systems. 

Recently, organizations that employ software-intensive systems have requested that the SEI help identify a baseline set of risks associated with missions performed at operational sites (e.g., satellite ground stations, military units, and customer service units). While the concepts embodied in the software-based taxonomy apply in this context, the taxonomy presented in this report has been constructed to better suit an operational environment.

This report presents a taxonomy-based method for identifying and classifying risks to operational aspects of an enterprise. It defines the key sources of risk associated with the mission, work processes, and constraints of an operational organization and establishes a structure for representing operational risks by grouping them into distinct classes, elements, and attributes. In addition, the appendix of this report contains a short taxonomy-based questionnaire that can be used by personnel at operational sites to identify and categorize risks.

Cite This Technical Note

Gallagher, B., Case, P., Creel, R., Kushner, S., & Williams, R. (2005, September 1). A Taxonomy of Operational Risks. (Technical Note CMU/SEI-2005-TN-036). Retrieved March 2, 2024, from https://doi.org/10.1184/R1/6571787.v1.

@techreport{gallagher_2005,
author={Gallagher, Brian and Case, Pamela and Creel, Rita and Kushner, Susan and Williams, Ray},
title={A Taxonomy of Operational Risks},
month={Sep},
year={2005},
number={CMU/SEI-2005-TN-036},
howpublished={Carnegie Mellon University, Software Engineering Institute's Digital Library},
url={https://doi.org/10.1184/R1/6571787.v1},
note={Accessed: 2024-Mar-2}
}

Gallagher, Brian, Pamela Case, Rita Creel, Susan Kushner, and Ray Williams. "A Taxonomy of Operational Risks." (CMU/SEI-2005-TN-036). Carnegie Mellon University, Software Engineering Institute's Digital Library. Software Engineering Institute, September 1, 2005. https://doi.org/10.1184/R1/6571787.v1.

B. Gallagher, P. Case, R. Creel, S. Kushner, and R. Williams, "A Taxonomy of Operational Risks," Carnegie Mellon University, Software Engineering Institute's Digital Library. Software Engineering Institute, Technical Note CMU/SEI-2005-TN-036, 1-Sep-2005 [Online]. Available: https://doi.org/10.1184/R1/6571787.v1. [Accessed: 2-Mar-2024].

Gallagher, Brian, Pamela Case, Rita Creel, Susan Kushner, and Ray Williams. "A Taxonomy of Operational Risks." (Technical Note CMU/SEI-2005-TN-036). Carnegie Mellon University, Software Engineering Institute's Digital Library, Software Engineering Institute, 1 Sep. 2005. https://doi.org/10.1184/R1/6571787.v1. Accessed 2 Mar. 2024.

Gallagher, Brian; Case, Pamela; Creel, Rita; Kushner, Susan; & Williams, Ray. A Taxonomy of Operational Risks. CMU/SEI-2005-TN-036. Software Engineering Institute. 2005. https://doi.org/10.1184/R1/6571787.v1