A key innovation in SARM is its use of a standard risk model in the trade-off analysis. Whereas other architecture review methods adopt the concept of utility and explore how different solution options represent alternative trade-offs of utility with respect to different quality characteristics, SARM looks at the trade-off of risk. One reason for adopting this approach came from practical experience – we found that stakeholder participants in workshops found the concept of utility somewhat abstract, whereas the language of risk was well understood, and was to be found in everyday use in the corporation.
SARM has adopted a widely used formula for expressing risk:
Risk Exposure = Risk Impact x Risk Likelihood
This approach was developed first by the Dutch mathematician David van Dantzig for use in 1953 in the Delta Works civil engineering project – the construction of dams and levees in The Netherlands to protect the country from flood risk. The formula has been widely adopted by those wishing to describe and quantify risks. If you are interested in learning more about the topic of Risk Management, we recommend Management of Risk, originally published by the UK Government’s Office of Government Commerce.
The default risk model used in SARM ican be found in the Risk Table worksheet of the tool:
You can change the numeric scales used for Impact and Likelihood by editing the table directly. You can also choose different words that are associated with each level, and change the thresholds that determine whether a risk falls into the Red, Amber or Green categories by adjusting the Thresholds in cells C12 and C13.