A layered approach to managing risks in OSS projects
Document typeConference report
Rights accessOpen Access
In this paper, we propose a layered approach to managing risks in OSS projects. We define three layers: the first one for defining risk drivers by collecting and summarising available data from different data sources, including human-provided contextual information; the second layer, for converting these risk drivers into risk indicators; the third layer for assessing how these indicators impact the business of the adopting organisation. The contributions are: 1) the complexity of gathering data is isolated in one layer using appropriate techniques, 2) the context needed to interpret this data is provided by expert involvement evaluating risk scenarios and answering questionnaires in a second layer, 3) a pattern-based approach and risk reasoning techniques to link risks to business goals is proposed in the third layer.
CitationFranch, X., Kenett, R., Mancinelli, F., Susi, A., Ameller, D., Ben-Jacob, R., Siena, A. A layered approach to managing risks in OSS projects. A: International Conference on Open Source Systems. "Open source software: Mobile open source technologies: 10th IFIP WG 2.13 International Conference on Open Source Systems, OSS 2014, San José, Costa Rica, May 6-9, 2014: proceedings". San José: Springer, 2014, p. 168-171.