Two-Minute Drill

q

Risk management planning is determining how the risk management activities within the project will take place. It is not the response or identification of risks, but the determination of how to manage project risks.

q

Risk management planning is accomplished through planning meetings with the project team, management, customers, and other key stakeholders.

q

Utility function is a person's willingness to accept risks

q

The output of risk management planning is the risk management plan.

q

Risks are uncertain events that can affect a project's objectives for good or bad.

q

Risks can be placed into four different categories: Technical, quality, or performance risks; project management risks; organizational risks; and external risks.

q

Project files from published information and previous projects can serve as input to risk identification.

q

The Delphi Technique allows participants to identify risk anonymously without fear of embarrassment. A survey allows results to be shared with all participants for comments on each other's anonymous input. Rounds of surveying and analysis can create consensus on the major project risks.

q

Triggers are warning signs that a risk is about to happen or has happened.

q

Risks are evaluated for their impact and likelihood.

q

Risks can be ranked by ordinal ranking by using such indicators as very low, low, moderate, high, and very high.

q

Risks can also be analyzed using a cardinal ranking system of numerical values that are assigned to each risk based on its impact and probability.

q

An overall project risk ranking can be used to compare the current projects with other projects in the organization.

q

The risks can be moved into quantitative analysis for further study.

q

Risks are assigned numeric values. Such as: there is a 50 percent likelihood that the risk will occur, causing a $10,000 cost.

q

The Monte Carlo simulation can determine the likelihood of the project's success, predict the costs of a specific risk exposure, and identify realistic time, scope, and cost objectives. Interviews with stakeholders and subject matter experts are an excellent start for quantitative risk analysis.

q

Decision trees help determine the cost, benefit, and value of multiple decisions. They are based on the cost of the decision and the probability of completing an objective.

q

Risk response planning focuses on reducing threats and increasing opportunities as a result of risks. Risk thresholds, defined in risk management planning, describe the acceptable level of risk within a company.

q

Risk owners are the individuals or groups that are responsible for a risk response, and should participate in the risk response planning

q

Risk avoidance changes the project plan to avoid the risk, as well as conditions that promote the risk, or it attempts to reduce the risk's impact on the project's success.

q

Risk transference moves the risk consequence to a third party. The risk doesn't go away, just the responsibility of the risk. Though ultimately, the performing organization still retains the ultimate accountability and results of the risk event.

q

Risk mitigation involves actions designed to reduce the likelihood of a risk occurring, reduce the impact of a risk on the project objectives, or both.

q

Risk acceptance acknowledges the risk exists but the risk is not worthy of a more in-depth response, or a more in-depth response is not available for the risk.

q

Residual risks are risks that remain after avoidance, transference, mitigation, and acceptance. Secondary risks are new risks that arise from a risk response.

q

Identified risks must be tracked, monitored for warning signs, and documented. The responses to the risks are monitored and documented as successful or less successful than expected.

q

Issue logs, action-item lists, jeopardy warnings, and escalation notices are all types of communication reports the project team and risk owners must use to document and track identified risks.

q

Risk response audits measure the success of the responses and the effectiveness of the cost, scope, and quality values gained or lost by the risk responses.

q

Earned value analysis can measure project performance, but it can also predict and signal pending risks within the project.

q

As unexpected risks arise, the project team may elect to use workarounds to diminish the impact and probability of those risks. Workarounds, however, should be documented and incorporated into the project plan and risk response plan as they occur.