Which of the following is the biggest risk and using end-user development to create a new information system?

The system-development life cycle enables users to transform a newly-developed project into an operational one.

The System Development Life Cycle, "SDLC" for short, is a multistep, iterative process, structured in a methodical way. This process is used to model or provide a framework for technical and non-technical activities to deliver a quality system which meets or exceeds a business"s expectations or manage decision-making progression.

Traditionally, the systems-development life cycle consisted of five stages. That has now increased to seven phases. Increasing the number of steps helped systems analysts to define clearer actions to achieve specific goals.

Similar to a project life cycle (PLC), the SDLC uses a systems approach to describe a process. It is often used and followed when there is an IT or IS project under development.

The SDLC highlights different stages (phrases or steps) of the development process. The life cycle approach is used so users can see and understand what activities are involved within a given step. It is also used to let them know that at any time, steps can be repeated or a previous step can be reworked when needing to modify or improve the system.

Share this infographic on your site

Following are the seven phases of the SDLC

This is the first phase in the systems development process. It identifies whether or not there is the need for a new system to achieve a business"s strategic objectives. This is a preliminary plan (or a feasibility study) for a company"s business initiative to acquire the resources to build on an infrastructure to modify or improve a service. The company might be trying to meet or exceed expectations for their employees, customers and stakeholders too. The purpose of this step is to find out the scope of the problem and determine solutions. Resources, costs, time, benefits and other items should be considered at this stage.

2. Systems Analysis and Requirements

The second phase is where businesses will work on the source of their problem or the need for a change. In the event of a problem, possible solutions are submitted and analyzed to identify the best fit for the ultimate goal(s) of the project. This is where teams consider the functional requirements of the project or solution. It is also where system analysis takes place—or analyzing the needs of the end users to ensure the new system can meet their expectations. Systems analysis is vital in determining what a business"s needs are, as well as how they can be met, who will be responsible for individual pieces of the project, and what sort of timeline should be expected.

There are several tools businesses can use that are specific to the second phase. They include:

• CASE (Computer Aided Systems/Software Engineering)
• Requirements gathering
• Structured analysis

3. Systems Design

The third phase describes, in detail, the necessary specifications, features and operations that will satisfy the functional requirements of the proposed system which will be in place. This is the step for end users to discuss and determine their specific business information needs for the proposed system. It"s during this phase that they will consider the essential components (hardware and/or software) structure (networking capabilities), processing and procedures for the system to accomplish its objectives.

4. Development

The fourth phase is when the real work begins—in particular, when a programmer, network engineer and/or database developer are brought on to do the major work on the project. This work includes using a flow chart to ensure that the process of the system is properly organized. The development phase marks the end of the initial section of the process. Additionally, this phase signifies the start of production. The development stage is also characterized by instillation and change. Focusing on training can be a huge benefit during this phase.

5. Integration and Testing

The fifth phase involves systems integration and system testing (of programs and procedures)—normally carried out by a Quality Assurance (QA) professional—to determine if the proposed design meets the initial set of business goals. Testing may be repeated, specifically to check for errors, bugs and interoperability. This testing will be performed until the end user finds it acceptable. Another part of this phase is verification and validation, both of which will help ensure the program"s successful completion.

6. Implementation

The sixth phase is when the majority of the code for the program is written. Additionally, this phase involves the actual installation of the newly-developed system. This step puts the project into production by moving the data and components from the old system and placing them in the new system via a direct cutover. While this can be a risky (and complicated) move, the cutover typically happens during off-peak hours, thus minimizing the risk. Both system analysts and end-users should now see the realization of the project that has implemented changes.

7. Operations and Maintenance

The seventh and final phase involves maintenance and regular required updates. This step is when end users can fine-tune the system, if they wish, to boost performance, add new capabilities or meet additional user requirements.

Importance of the SDLC

If a business determines a change is needed during any phase of the SDLC, the company might have to proceed through all the above life cycle phases again. The life cycle approach of any project is a time-consuming process. Even though some steps are more difficult than others, none are to be overlooked. An oversight could prevent the entire system from functioning as planned.

Systems development specialists at Innovative Architects possess extensive experience in managing these type of projects. If you have a situation at your organization and you think a customized software solution may be what you need, contact us today. Consultants at Innovative Architects will be able to quickly guide you through each of these steps, ensuring you can have your new system online as soon as possible.

Reading time: about 7 min

Posted by: Lucid Content Team

Mark Zuckerberg, the founder of Facebook, once said, “The biggest risk is not taking any risk. In a world that's changing really quickly, the only strategy that is guaranteed to fail is not taking risks.”

While this advice isn't new, we think you’ll agree that there are some risks your company doesn’t want to take: Risks that put the health and well-being of your employees in danger.

These are risks that aren’t worth taking. But it’s not always clear what actions, policies, or procedures are high-risk. 

That’s where a risk assessment comes in.

With a risk assessment, companies can identify and prepare for potential risks in order to avoid catastrophic consequences down the road and keep their personnel safe.

During the risk assessment process, employers review and evaluate their organizations to:

• Identify processes and situations that may cause harm, particularly to people (hazard identification).
• Determine how likely it is that each hazard will occur and how severe the consequences would be (risk analysis and evaluation).
• Decide what steps the organization can take to stop these hazards from occurring or to control the risk when the hazard can't be eliminated (risk control).

It’s important to note the difference between hazards and risks. A hazard is anything that can cause harm, including work accidents, emergency situations, toxic chemicals, employee conflicts, stress, and more. A risk, on the other hand, is the chance that a hazard will cause harm. As part of your risk assessment plan, you will first identify potential hazards and then calculate the risk or likelihood of those hazards occurring.

The goal of a risk assessment will vary across industries, but overall, the goal is to help organizations prepare for and combat risk. Other goals include:

• Providing an analysis of possible threats
• Preventing injuries or illnesses
• Meeting legal requirements
• Creating awareness about hazards and risk
• Creating an accurate inventory of available assets
• Justifying the costs of managing risks
• Determining the budget to remediate risks
• Understanding the return on investment

Businesses should perform a risk assessment before introducing new processes or activities, before introducing changes to existing processes or activities (such as changing machinery), or when the company identifies a new hazard.

The steps used in risk assessment form an integral part of your organization’s health and safety management plan and ensure that your organization is prepared to handle any risk.  

Preparing for your risk assessment 

Before you start the risk management process, you should determine the scope of the assessment, necessary resources, stakeholders involved, and laws and regulations that you’ll need to follow. 

Scope: Define the processes, activities, functions, and physical locations included within your risk assessment. The scope of your assessment impacts the time and resources you will need to complete it, so it’s important to clearly outline what is included (and what isn’t) to accurately plan and budget. 

Resources: What resources will you need to conduct the risk assessment? This includes the time, personnel, and financial resources required to develop, implement, and manage the risk assessment. 

Stakeholders: Who is involved in the risk assessment? In addition to senior leaders that need to be kept in the loop, you’ll also need to organize an assessment team. Designate who will fill key roles such as risk manager, assessment team leader, risk assessors, and any subject matter experts. 

Laws and regulations: Different industries will have specific regulations and legal requirements governing risk and work hazards. For instance, the Occupational Safety and Health Administration (OSHA) sets and enforces working condition standards for most private and public sectors. Plan your assessment with these regulations in mind so you can ensure your organization is compliant. 

5 steps in the risk assessment process

Once you've planned and allocated the necessary resources, you can begin the risk assessment process.

Proceed with these five steps.

1. Identify the hazards

The first step to creating your risk assessment is determining what hazards your employees and your business face, including:

• Natural disasters (flooding, tornadoes, hurricanes, earthquakes, fire, etc.)
• Biological hazards (pandemic diseases, foodborne illnesses, etc.)
• Workplace accidents (slips and trips, transportation accidents, structural failure, mechanical breakdowns, etc.)
• Intentional acts (labor strikes, demonstrations, bomb threats, robbery, arson, etc.)
• Technological hazards (lost Internet connection, power outage, etc.)
• Chemical hazards (asbestos, cleaning fluids, etc.)
• Mental hazards (excess workload, bullying, etc.)
• Interruptions in the supply chain

Take a look around your workplace and see what processes or activities could potentially harm your organization. Include all aspects of work, including remote workers and non-routine activities such as repair and maintenance. You should also look at accident/incident reports to determine what hazards have impacted your company in the past.

Use Lucidchart to break down tasks into potential hazards and assets at risk—try our free template below.

As you look around your organization, think about how your employees could be harmed by business activities or external factors. For every hazard that you identify in step one, think about who will be harmed should the hazard take place.

3. Evaluate the risks and take precautions

Now that you have gathered a list of potential hazards, you need to consider how likely it is that the hazard will occur and how severe the consequences will be if that hazard occurs. This evaluation will help you determine where you should reduce the level of risk and which hazards you should prioritize first.

Later in this article, you'll learn how you can create a risk assessment chart to help you through this process.

4. Record your findings

If you have more than five employees in your office, you are required by law to write down your risk assessment process. Your plan should include the hazards you’ve found, the people they affect, and how you plan to mitigate them. The record—or the risk assessment plan—should show that you:

• Conducted a proper check of your workspace
• Determined who would be affected
• Controlled and dealt with obvious hazards
• Initiated precautions to keep risks low
• Kept your staff involved in the process

To help you craft your risk assessment plan, you can visualize and document processes using Lucidchart. Sign up for your free account today!

5. Review your assessment and update if necessary

Your workplace is always changing, so the risks to your organization change as well. As new equipment, processes, and people are introduced, each brings the risk of a new hazard. Continually review and update your risk assessment process to stay on top of these new hazards.

How to create a risk assessment chart

Even though you need to be aware of the risks facing your organization, you shouldn’t try to fix all of them at once—risk mitigation can get expensive and can stretch your resources. Instead, prioritize risks to focus your time and effort on preventing the most important hazards. To help you prioritize your risks, create a risk assessment chart.

The risk assessment chart is based on the principle that a risk has two primary dimensions: probability and impact, each represented on one axis of the chart. You can use these two measures to plot risks on the chart, which allows you to determine priority and resource allocation.

By applying the risk assessment steps mentioned above, you can manage any potential risk to your business. Get prepared with your risk assessment plan—take the time to look for the hazards facing your business and figure out how to manage them.

Now it's time to create your own risk management process, here are five steps to get you started.