The Need For Proper Management
Every project faces a considerable amount of risk right from the start till its end. A risk may or may not be unforeseen and can pose itself as an opportunity or a threat to the project. Risks may be business risks (with gains or losses) or pure risks (only losses) based on the scenario. In nature, they may be scope risks (with technical, performance or quality issues), external risks, organizational risks or exclusively project management risks.
Management of project risks is a process of project risk identification and assessment before measures to contain them are adopted.
A) Project Risk Identification
There are a number of steps to identifying risks in a project. The different approaches to project risk management identification are given below.
- Information Gathering Techniques
Documentation reviews - Reviews similar risks from past documents and measures taken to contain risks.
Brainstorming – This is team work where every member of the team gives their input of all possible risks and ways to handle them.
Interviewing – This is a process of calling in experts who are well versed in a particular project for input and feedback on what risks and advantages may be expected from a project. This is a method of getting professional feedback.
Delphi technique - Similar to brainstorming in nature, the Delphi technique is a way of data collection from members anonymous to each other.
SWOT Analysis - This analysis is based on studying the Strengths, Weaknesses, Opportunities and Threats of a project. In this case, the many project documents are used for the analysis.
- Other Identification techniques
Check Lists - A head-start list for scoring out all possible risks, Check lists are predetermined and a helpful way to begin an analysis.
Assumption Analysis - Studies of the scope of the project can give rise to many assumptions. Assumptions can pose possible risks that can be analyzed for possibilities of threats or opportunities.
Diagramming Techniques - Diagramming techniques are a systematic and illustrative way of explaining lists, jotting them in a graphical manner and showing relationships between risks. It may also show a sequence of risks arising from an initial, unattended risk.
B) Project Risk Assessment
Once the risks are identified, they are prioritized according to their severity and need for attention based on Qualitative and Quantitative Analysis. Different approaches to project risk management assessment are outlined below.
- Qualitative Analysis
Qualitative Analysis is a way of evaluating a risk based on its probability and impact. Based on the project, impact may be categorized as High, Medium and Low (and/or with a range of values in between too.) Severity of impact may be based on the impact of the risk affecting the scope, cost, schedule or resources of the project. This analysis also indicated the attention the risk requires ranging from urgent attention, recommended attention, vigilance, etc.
- Quantitative Analysis
Quantitative Analysis is a numerical analysis of risk probability against project objectives. It outlines:
- Individual probability of objective
- A quantified value of the risk related to cost, resources and time
- High priority risks and assigns numerical values for the impact
- Identifiable and realistic targets for cost, schedule and resources.
Additional Risk Management Contributions
In any given project, there are many variables that contribute to project risk management, some of them being the stakeholders themselves. A list of risk management approaches in the execution phase are outlined below.
Stakeholder involvement : All stakeholders must play a keen role in identifying risks and/or contributing to its management.
Project Manager’s role: A Project Manager is expected to be equipped with tools and techniques to identify risks and many be called upon for feedback, suggestions or measures to handle risks once identified.
Ownership: When risks can be identified and assigned to a particular stakeholder or project phase, there should be someone to take ownership of it or contribute towards its handling.
Communication: Communicating risks and making every player in the team aware of possible risk, their impact and probability, and also inviting suggestions for risk management is imperative in any project.
Adaptation: When you cannot eliminate a risk, make the risk bend around you and work to your advantage. This may involve changing the cost, time and resources variables; provided the scope of the project is not altered.
Document Risks: All identified risks have to be documented. Against each identified risk, there should be a member assigned as being responsible or answerable (according to the RACI matrix), time frame for risk management, measures adopted / not adopted, etc. This not only acts as current project analysis for success, but may also be used for future projects as a guideline.
Systematic Phase Analysis: When a risk is identified, always consider its probable impact on a phase. When a connection can be made, analyze its sequence in the next phase and the phases after that. This will give you an idea of how severe the impact may be, how much of triple constraint is going to be affected and whether the project will be a success or not.
Francesco Marino / FreeDigitalPhotos.net
This post is part of the series: Risk Management Plan - A Working Example
This series discusses how to create a risk management plan and provides a working example.