Identifying and understanding architectural risks in software evolution: an empirical study

Software risk management studies commonly focus on project level risks and strategies. Software architecture investigations are often concerned with the design, implementation and maintenance of the architecture. However, there has been little effort to study risk management in the context of software architecture. We have identified risks and corresponding management strategies specific to software architecture evolution as they occur in industry, from interviews with 16 Norwegian IT-professionals. The most influential (and frequent) risk was “Lack of stakeholder communication affected implementation of new and changed architectural requirements negatively”. The second most frequent risk was “Poor clustering of functionality affected performance negatively”. Architects focus mainly on architecture creation. However, their awareness of needed improvements in architecture evaluation and documentation is increasing. Most have no formally defined/documented architecture evaluation method, nor mention it as a mitigation strategy. Instead, problems are fixed as they occur, e.g. to obtain the missing artefacts