There was a company (XYZ Cruise Lines) in the vacation industry that had a reservations system for their cruise operations that was designed for agents to book cruise passengers for individual bookings within 5 to 7 minutes. This system created a competitive advantage among travel agents as they could book their clients fast from the start of the process to the payment screen. Their largest competitor had a reservation system that took approximately 15 minutes, which was a clear competitive advantage for XYZ Cruise Lines. However, the competitor had an automated process to check in customers at the pier and provided an electronic boarding pass where the passengers would carry an identification card with a magnetic strip to allow for faster embarkation of the ship at the pier and at the ports of call. XYZ Cruise Lines was still utilizing a manual system for embarkation and utilized paper boarding passes. Because customers tend to remember any bad experiences with the beginning (embarkation process) and the end (disembarkation process) of the trip more than during the trip, the embarkation process caused a lot of dissatisfaction, especially among those passengers who sailed with the competitor in the past. In an effort to improve the process, a state-of-the art ship embarkation system was being developed. This new planned system would allow the passengers to be processed faster for the embarkation process and a plastic card with a magnetic strip would be activated and utilized as the electronic boarding pass. Additionally, this same card would also be utilized as the point of sale purchase card, creating a cashless process for the passengers to buy drinks and other extras on board the ship during the voyage. This would further XYZ as the competitive leader in the industry.

This new system would have to communicate with the current reservations system via satellite connectivity. This software development project had four main components: (a) ship embarkation system, (b) point of sale system (POS), (c) satellite technology utility for connectivity from the HQ's reservations system to the ship, and (d) upgrade to the existing reservations system to generate the upload to the ship's embarkation and POS systems. All components were completed by December 1^st and were ready for the integration testing process so that the project can be implemented on December 15^th just before the start of the busy season, at which time further software project implementations were not permitted for 6 months due to the heavy volume impacting the reservations system.

When it came time for the integration testing, the upgrade for the reservations system could not be made for the test environment because the upgrade was not moved to the quality control environment and the software changes were still in the programmer's work file. No other developer or anyone in IT management had access to these files. The programmer that worked on these changes had a heart attack and was in the hospital. As a result, the project manager informed everyone that they were going to miss the deadline and now had to wait 6 more months before this project could be implemented and the business sponsor was furious.

The quality assurance manager asked the reason for the missed deadline, and when she heard the story, she asked the IT project manager for the risk management plan. He said that they do not believe in planning for risk events because this was a negative process and they support a positive approach towards the systems development process. Because there was not a risk matrix created and the risk for the developer to have a heart attack was not considered, the project was delayed and the company lost an opportunity to improve their competitive advantage, which equated to millions of dollars in potential future bookings.

After reading the quality assurance manager's report, senior management asked the following questions.

1. What are the project risk management processes as described in thePMBOKGuide?
2. Explain why a project manager, or any stakeholder, should not view risk planning for projects as only a negative activity?
3. Did the organization follow due diligence regarding the creation of a risk management plan, assess all major risks, and develop appropriate risk responses and a plan for monitoring risks? Explain your rationale.
4. Should the risk event have been identified in the beginning by practicing sound quality control? Why or why not with details?
5. What are some contingency plans or actions that could have been taken to limit the impact of this possible risk event and other such related events, such as a key team member leaving for any reason? Is there a quality management component that should be considered (If so, discuss what it entails)?
6. What would be your quality assurance recommendations for such projects in the future based on this case?