Problem
1. How can we manage risk, or how is risk managed within a software organization?
2. Why is following a process important for achieving successful risk management results?
3. Why should risk management include an analysis of items that could go right in addition to items that could go wrong?