Highest Voted 'risk' Questions - Software Engineering Stack Exchange

27

votes

7 answers

Safely fixing production database data

Bugs happen and sometimes data has to be fixed in production. What is the safest way to go about this from a big company standpoint? Are there tools that can help? Here are some considerations driving this requirement... We need to log who ran the…

database risk

asked Aug 12 '13 at 12:45

Andrew White

429
4
6

23

votes

8 answers

Are IT and software industry getting more and more litigious?

The last couple of years I've been observing an exponential growth in the news related IT companies and individuals taking their cases to court, on one side, and the questions concerning legal matters everywhere on the web, on the other side. I very…

business legal startup risk

asked May 09 '11 at 12:06

user8685

23

votes

3 answers

Check-list to avoid vendor lock-in?

Is there a set of industry-approved rules to avoid vendor lock-in? I mean, something one can show to a manager, or other decision maker, that is easy to understand and easily verifiable. Are there any universally accepted set of rules, a checklist…

management risk

asked Oct 24 '12 at 04:32

Tulains Córdova

39,201
12
97
154

14

votes

4 answers

Should internal code be shared with non-developers in an organisation?

Where I work, we have a lot of developers and an awful lot of code running our proprietary applications used by staff & customers alike. We also have a lot of smart support staff that like to understand the inner workings of our systems to better…

open-source security enterprise-development risk

asked Feb 14 '12 at 07:00

Mark McDonald

241
1
4

13

votes

8 answers

Punishing users for insecure passwords

I'm thinking about limiting the rights of users who choose insecure passwords (insecurity of a password being determined by length, how many types of characters (upper/lower case, numbers, symbols, etc.) are used, and whether it can be located in a…

security passwords authorization risk permissions

asked Jul 12 '11 at 12:12

Carson Myers

2,480
3
24
25

11

votes

7 answers

Are end-to-end and integration tests worth it for non-mission critical stuff?

It's well known that end-to-end and integration tests are costly. Of course if we develop applications where people might die if things go wrong it's a worthwhile investment. However in applications where errors are not the end of the world, would…

testing qa pricing risk

asked Mar 13 '19 at 08:14

Marc

223
1
5

7

votes

3 answers

Measuring risk of source code changes?

My manager asked me to write a estimation of work hours and a risk estimation of source code changes for a defined task. While the first is no problem for me and there are many resources on the web, I cannot get my head around the latter one. I…

project-management risk

asked Jul 05 '11 at 10:38

Bertolt

173
5

7

votes

4 answers

Why must API keys be kept private?

I have worked with public API's in only one small project, but I recently learned that if one were to distribute a project with API keys inside this is a security risk. So I have two questions: What does an API key contain that would pose a…

api security risk

asked Jul 24 '19 at 12:05

Ethan

105
1
1
3

5

votes

5 answers

Does the size of a project make it riskier to deploy?

I was arguing this point with my boss the other day. He claims that the larger the code base the riskier the deployment. I argued that this is not true, though I see why he might think that. In my experience the size of the code base doesn't matter…

deployment sdlc risk

asked Dec 05 '19 at 11:13

John S

159
2

3

votes

5 answers

What is the business cost of anemic domain model

I am looking to quantify the cost or problems of bad software development practices. Specifically can software that has been developed resulting in an anemic domain model be quantifiable in terms of business cost or risk? My initial thoughts (which…

architecture business domain-driven-design risk

asked Jan 17 '13 at 23:35

Kane

799
1
10
15

2

votes

2 answers

Risk of NuGet package adding new reference DLL

Had an interesting discussion with our architect. It was related to replacing a plain DLL reference with a NuGet package. His worry was "If it is possible for single NuGet package to add multiple DLL references, then NuGet package authors can decide…

dependencies nuget upgrade risk

asked Jan 23 '20 at 06:41

Euphoric

36,735
6
78
110

2

votes

1 answer

Is there an SWE principle associating project size and risk?

I think it is well understood that the risk in a software engineering project increases with the size of the project, and the slope of the scale exceeds linear. As the number of features increase, not only will an estimate increase, but the margin…

risk

asked Oct 28 '16 at 20:45

John Wu

26,032
10
63
84

0

votes

1 answer

Risk Analysis in Open Source Community Driven Projects

I'm looking for perspectives on how risk analysis is performed when there's not precisely a "dollar value" associated with the risk, as in an Open Source project. Traditionally, risk analysis takes the form of Asset Value X Annual Probability of…

open-source security risk risk-assesment

asked Jul 09 '17 at 21:08

Purpose CyberSpace

9
1

Questions tagged [risk]