Integrated system of methods for automating the evaluation of risk management effectiveness in software quality assurance systems
Main Article Content
Abstract
Relevance: The paper addresses the problem of quantitative evaluation of risk management effectiveness in software quality assurance systems under the increasing complexity of software products and the need to integrate risk management activities into the Software Development Life Cycle. Traditional approaches based on expert judgment and periodic audits are shown to lack measurable outcomes and fail to establish causal relationships between risk response actions and changes in key quality metrics. Aim of the article: The purpose of the study is to propose and validate a integrated system of methods for evaluating risk management effectiveness through the integration of technical and economic indicators. Tasks: The research focuses on integrating a risk register, dynamic software quality metrics (defect density, test coverage, mean time to failure, security incident rate), and cost indicators associated with mitigation activities into a unified assessment framework. Methods: A mathematical model is developed to describe the interaction between risk exposure, management actions, and the evolution of quality metrics within a sprint-based Software Development Life Cycle. The integrated system of methods is implemented as a software prototype of a Decision Support System module that enables automated risk monitoring. Scientific novelty: The study lies in the development of an Integrated system of methods that formalizes the interaction between a risk register, a dynamic quality metrics model, and an integral effectiveness criterion. This Integrated system of methods ensures reproducibility and comparability of results by creating a unified algorithmic framework for sprint-based evaluation. Practical: significance: The proposed approach is applicable within Decision Support System environments, Continuous Integration and Continuous Deployment pipelines, and software monitoring tools for continuous quality assurance. Results: Simulation results demonstrate balanced improvements in quality metrics, a decrease in overall risk exposure, and higher integrated effectiveness values for the risk-aware strategy compared to the baseline approach. Conclusions: An Integrated Risk Management Effectiveness Index is introduced, combining normalized quality improvements, reduction of risk criticality, and economic factors into a single interpretable indicator for automated managerial analysis.

