The ultimate aim of software engineering methods and tools is to reduce risks associated with the development of software products. Accepted risk management procedures recognize that software development is inherently risky, however fail to take into account the changing nature of both software products and the organizations undertaking their development. SE research has traditionally focused on the needs of very large corporations undertaking equally mammoth and complex development projects, thus most tools and methods are predicated on this model. Yet most software development is undertaken by small to medium enterprises. Consequently, these development efforts are either undertaken with little or no adherence to any SE standard process or by attempting to tailor processes intended for larger organizations. Neither of these alternatives is ideal, with both introducing new elements of risk. The rise of the Internet as a platform for commercial applications has partly driven this move away from monolithic software development and has also contributed to the proliferation of software products built using COTS components. Clearly there is a risk involved in the use of components not developed specifically for a particular application while Internet applications introduce an. entirely new set of possible risks. These newer risk factors directly affect the quality of the software product and the paper discusses these factors in detail, showing how they contribute to making software development today an even riskier proposition than previously.