Managing Risk: Methods for Software Systems Development, Elaine Hall, Addison Wesley. This is the best small volume risk management book. Hall is associated with the SEI and presents an SEI oriented view of risk management. There are other views, but this is a good start.

Software Risk Management, Barry Boehm, IEEE Computer Society. This is the big volume risk management book. It contains many seminal papers on risk management. It is a bit dated, with courier type faces and facsimiles of documents, but still a good resource book.

Project and Program Risk Management: A Guide to Managing Project Risks and Opportunities, Max Wideman, 1998.

Managing the Software Process, Watts Humphrey, Addison Wesley. This is the foundation of the process improvement process. Humphery is the Chairman of the Software Engineering Institute and along with Barry Boehm are the fathers of the software engineering professional as practiced at TRW both in the height of the aerospace business and today. Other Humphrey books are worth reading as well.

Continuous Risk Management Guidebook. This is a bound version of the materials found at the SEI site. As the title says, it is a guidebook for managing risk in the software development domain. The processes described here can be used outside this domain as well. This book can be purchased from the Software Engineering Institute. If you're in the risk management business this is "must have" book, to be read cover to cover and used everyday.

Assessment and Control of Software Risks, Capers Jones. This is a primary source book from Capers Jones, who has many other publications relating to risk, metrics and general software management. This text is targeted at large complex project but contains many examples for smaller more agile development processes.

Software Engineering Risk Management: Finding Your Path Through the Jungle, Version 1.0, Dale Karolak, IEEE Computer Society. This is a book and software for general risk management. This is better than the Risk Radar from Software Program Managers Network, but it is also expensive ($150.00 or so for non-IEEE members).

"Large Scale Project Management is Risk Management," Robert N. Charette, IEEE Software, 13(4), July, 1996, pp. 110–117. Although targeted at large scale projects, the wisdom in this paper can be applied to nearly all projects.

Computer Related Risks, Peter Neumann, Addison Wesley, 1995. The book is based on a collection of mishaps and oddities relating to computer technology. It considers what has gone wrong in the past, what is likely to go wrong in the future, and what can be done to minimize the occurrence of further problems.

Risk Management for NASA/JPL Genesis Mission: A Case Study

Software Cost Risk Estimation and Management at JPL

Risk World journal

The following is a link to a useful bibliography on risk management, http://www.mc2consulting.com/riskmbib.htm. 

Resources from R.S. Pressman and Associates for Risk Management part of the larger reference library

Probabilistic Risk Assessment 

The Project Management Institute's Risk SIG

Center for Risk Management in Engineering Systems – UVa's internationally-recognized competence in "risk, uncertainty, and reliability" in engineering systems are central to the mission of our School of Engineering and Applied Science (SEAS) in two respects: (1) The assessment and management of risk, uncertainty, and reliability are critical to the success of any engineering venture today, including the strategic thrusts of SEAS. (2) In its own right, "risk, uncertainty, and reliability" is a significant, existing thrust of engineering research and education at UVa. Our development of theory and methodology at UVa in "risk, uncertainty, and reliability," and its transfer to engineering training and practice, is worthy and capable of continuing to increase the visibility and external support for the University's and SEAS's mission.

Reliability Engineering at the University of Maryland.

RiskWorld is a electronic magazine covering the news of risk management.

Risk Assessment and Risk Management at Sandia National Laboratories

RiskID Pro is a software risk management tool

NASA Continuous Risk Management

Center for Risk Management of Engineering Systems, University of Virginia

Basic Template for a Risk Management Plan, NASA Software Assurance Technology Center

Software Engineering Institute's Risk Management Site

Risk Doctor and Partners

Mitre Corporation's Risk Management site

NASA Risk Management Conferences

Software Assurance Technology Center - NASA Goddard Space Flight Center

System Risk Management Database – This database helps fulfill the goals and strategies of the NASA software strategic plan as put forth by the Software Working Group (SWG), and is based on the principles described in the SEI (Software Engineering Institute) Continuous Risk Management Guidebook.

Software Engineering Information Repository - Software Engineering Institute, Carnegie Mellon University. Registration required (no charge). Registered users have access to Software Risk Management section.

Software Reliability Engineering Information Center at the College of Engineering, University of Maryland.

Software Technology for Adaptable, Reliable Systems (STARS) - Defense Advanced Research Projects Agency (DARPA)

Center for Software Reliability - University of Newcastle, England

Continuous Risk Management (CRM) - Software Assurance Technology Center, Goddard Space Flight Center.

Risk Management - NASA Headquarters, Office of safety and Mission Assurance who assures the safety and enhances the success of all NASA activities through the development, implementation, and oversight of Agency–wide safety, reliability, maintainability, and quality assurance (SRM&QA) policies and procedures.

JPL Risk Management Guide - Jet Propulsion Laboratory is designed to educate, inform, and facilitate JPL engineers and managers in the use of Risk Management on JPL projects.

Life Cycle Risk Management - Johnson Space Center

NASA System Risk Management Database - Lewis Research Center helps fulfill the goals and strategies of the NASA software strategic plan as put forth by the Software Working Group (SWG), and is based on the principles described in the SEI (Software Engineering Institute) Continuous Risk Management Guidebook. The database in an Access 97 file that can be used to store system risk information and support the system risk management cycle.

NASA Goddard Space Flight Center Risk Management library

Program & Project Risk Management Resource Center - Ames Research Center is the host site for the Second Risk Management Colloquium which is an extension of the First Risk Management Colloquium hosted by NASA Ames. This colloquium has many good papers on the topic of risk management.

NASA Goddard Space Flight Center Office of Safety and Mission Assurance

Reliability & Maintainability Modeling - Power and Propulsion Office, Glenn Research Center ACARA (Availability, Cost, And Resource Allocation) is a program for analyzing availability, lifecycle cost (LCC), and resource scheduling for a system that undergoes periodic repair. It uses a combination of exponential and Weibull distributions to simulate the useful life of each system component. ACARA evaluates the availability of the system at each capacity level based upon a system block diagram representation. ACARA was developed by engineers at the NASA Lewis Research Center.

Reliability Engineering Office - Engineering and Mission Assurance Directorate (EMAD), Jet Propulsion Laboratory

Ames Program & Project Risk Management Ames Research Center (ARC)

NASA Program and Project Management and Requirements, NASA Policy Guideline 7120.5A

PMI Risk Management, Project Management Institute - Special Interest Group

SFOC Risk Management, United Space Alliance

RBAM site located at NASA GRC