Risk assessment should be built into which of the following systems development phases to ensure that risks are addressed in a development project?
Answer options:
A. Programming
B. Specification
C. User testing
D. Feasibility
Answer correct:
D
Risk should be addressed as early as possible in the development cycle. The feasibility study should include risk assessment so that the cost of controls can be estimated before the project proceeds. Risk should also be considered in the specification phase where the controls are designed, but this would still be based on the assessment carried out in the feasibility study. Assessment would not be relevant in choice A or
C.