Programmer Musings

Review of Waltzing with Bears

Waltzing with Bears
Tom DeMarco & Timothy Lister
Dorset House Publishing, 2003

The authors of Peopleware are back to tackle the topic of risk management. Given their earlier works, you would expect DeMarco and Lister to provide good insights into the topic and clear explanations. In that, you will not be disappointed with this book.

The book explains why you should do risk management, how to do risk management, and how to test the management you are doing. Surprisingly, the book also tells you when you might not want to do risk management and some of the politics that can surround this topic. The authors describe many facets of some corporate cultures that work to defeat the management of risk. They also explain why taking risks is critical to success and how to judge acceptable risks from foolhardy ones. As you would expect, the authors are clear in their explanations and instructions.

The book references an accompanying website that lists various risk management tools including an risk simulation tool supplied by the authors. This tool may be used to map the uncertainty in your project's estimates. Understanding this uncertainty is the heart of risk management.

The only complaint I have with the book is in the area where I feel I am the weakest. The authors acknowledge that many of the problems in risk management are problems with corporate culture or attitudes of the various stakeholders in the project. Unfortunately, their advice on dealing with these issues is extremely vague compared to the more technical aspects of risk management. I understand that this is the part that is the hardest to quantify, but it may be where we need the most advice. I suppose that actual project managers may have a better idea of how to deal with these issues and do not need more instruction. But, for me, this seemed to be an area where the book was lacking.

In general, I feel this is a great book for anyone who must manage a project or who needs to track the risks on a project. If your focus in most projects is purely in the area of code, you may not get as much out of the book. However, if you need to lead a team or manage a project, this book is a great way to become familiar enough with risk management to possibly succeed. I would definitely recommend the book to senior developers and junior to intermediate project managers. More senior project people may already be aware of the issues covered in the book, but may benefit from the fresh treatment.