To completely understand the role of Risk Management in Open Source Software, it is
necessary to define Open Source Software first. Open Source Software is the type of
software that is made by an individual and/or entity which can be readily used, amended and
even enhanced by other parties for their own purposes – even to the point of modifying the
Open Source Software into a new form so that these other parties can redistribute it
themselves. The source code of Open Source Software is usually provided through a license or
can be availed of under a public domain arrangement.
When one has been able to access Open Source Software, one even has the legal capacity to
market his own version of the software if he wishes. So where does Risk Management come in?
Risk Management is important when one has created Open Source Software in case the parties
that will use your Open Source Software opt to use it in ways that can be detrimental to
other people. For example, perhaps you have created Software 123 and allowed it to be
posted in the public domain. However, perhaps another party has downloaded Software 123,
amended it and embedded a virus into it somehow then released this new version as Open
Source Software as well. What if someone gets that new version, uses it and his computer
system suffers irreparable damage – would you (being the original author of the original
Software 123) be at risk somehow from litigation from the end user of the tampered version?
This is why many software developers do not create Open Source Software and protect
themselves with copyright and licensing agreements – they want to protect their product and
themselves from people who have evil intent.
As its name implies, Project Management is the process by which a project is initiated so
that resources can be gathered, managed and used with an eye towards completing the project
within limitations of scope, cost, quality, and time.
Risk Management, on the other hand, is the process by which an organization tries to
foresee any potential risks which may impact on its system and wreak negative effects, so
that the organization can prevent or minimize the effects of these future risks.
When Risk Management is integrated into Project Management, the planners of the project
need to identify and predict future risks which may affect the progress and outcome of the
project. When Risk Management is adopted, the planners of the project can then outline the
necessary steps that should be applied when risky situations crop up and threaten to derail
the progress of the project.
Risk Management becomes integral to Project Management when failure to successfully
implement the project will result in significant harm to the project and its implementing
organization. For example, if the project concerns constructing a school building, if risks
are not adequately addressed, the construction of the building could have serious
structural faults that may later result in physical harm to the occupants of the school
building – the children and their teachers. Possible risks that may result to such a
negative outcome could be: lack of supply of the appropriate construction materials;
contractors using inferior materials instead; and contractors padding the construction
budget so that inferior materials are bought though the documents show appropriate
materials having been purchased. Though it is impossible to foresee all possible risks,
planners have to stay on their toes so that they can try to minimize the level of risk
faced by the project.