To be consistent with our principles, we need a systematic approach that allows us to focus time and resources on the highest priority risk elements. The power in the process is not in its complexityit's relatively simple and straightforwardthe power is in the management approach it inspires.
Let's review the essential steps for managing project risks:
The best risk profiles are ones that are specific to your industry, organization, and project type. |
caution
These steps are focused on qualitative analysis and are more than sufficient for most projects, especially if a team approach is taken for this process. However, if you are in a situation or industry that requires more precise risk analysis, you will need to leverage a second phase of analysis called numerical (or quantitative) analysis. Techniques such as decision tree analysis and Monte Carlo simulations are frequently used here. Please consult an advanced project risk management course or text for instruction in this area. |
Risk Response Options
Most people tend to think "mitigation" when they think of risk management. However, there are also four risk response options. Table 14.1 reviews each response strategy and provides examples of each.
Risk Response |
Description |
Examples/Notes |
---|---|---|
Avoidance |
Avoiding the risk. Changing the project plan to eliminate the risk. Changing the project plan to protect a project objective from the impact. |
Reducing the scope to remove high-risk tasks. Adding resources or time. Adopting a proven approach rather than new one. Removing a "problem" resource. |
Acceptance |
"Accepting" the consequences of the risk. The project plan is not changed to deal with the risk. A better response strategy cannot be identified. |
Active acceptance. Passive acceptance. No action. Contingency allowance (reserves). Notifying management that there could be a major cost increase if this risk occurs. |
Monitor and Prepare |
Accepting the risk for now. Closely monitor the risk and proactively develop alternative action plans if the event occurs. |
Contingency plan. Fallback plan. Establish criteria that will trigger the implementation of the response plans. |
Mitigation |
Taking action to reduce the likelihood the risk will occur. Taking action to reduce the impact of the risk. Reducing the probability is always more effective than minimizing the consequences. |
Adopting less complex approaches. Planning on more testing. Adding resources or time to the schedule. Assigning a team member to visit the seller's facilities frequently to learn about potential delivery problems as early as possible. Providing a less-experienced team member with additional training. Deciding to prototype a high-risk solution element. |
Transference |
Transferring ownership of the risk factor. Shifting the consequence of a risk and the ownership of the response to a third party. |
Outsourcing difficult work to a more experienced company. Fixed price contract Contracts, insurance, warranties, guarantees, and so on. Used most often for financial risk exposure. Does not eliminate the risk. |
Key Risk Management Tools
One aspect of the risk management process described in the PMBOK that many people find difficult to grasp initially is the reference to unfamiliar tools and techniques. Table 14.2 summarizes many of these tools and techniques to assist your learning and review process.
Risk Tool |
Description |
Notes/Examples |
---|---|---|
Risk profile |
A questionnaire or checklist to guide the identification of project risk factors. |
Should be industry, organizational and project type specific. |
Risk assessment |
Generally synonymous with risk profile. Frequently will contain criteria to establish Low, Medium, High risk levels. |
Often used interchangeably for risk profile or risk checklist. |
Risk Log |
Used to document the identified risks, probability score, impact score, priority, and planned response strategies. |
|
Risk management plan |
Describes how the risk management process will be structured and performed. |
Describes the process to be used. |
Risk response plan |
Describes the response strategies for identified risks. |
Risk Log Details action steps to be taken if risk event occurs. |
Probability/ impact matrix |
Used to establish general High, Medium, and Low classifications for a risk factor. Cross-references the probability score with the impact score. |
Generally developed at the organizational level to improve the consistency of risk rankings. |
The risk assessment questionnaire contains questions that pertain to project size, structure, and technology. The risk assessment questionnaire is broken down by risk categories, subcategories, and criteria that rate risk level according to low, medium, or high.
Part i. Project Management Jumpstart
Project Management Overview
The Project Manager
Essential Elements for any Successful Project
Part ii. Project Planning
Defining a Project
Planning a Project
Developing the Work Breakdown Structure
Estimating the Work
Developing the Project Schedule
Determining the Project Budget
Part iii. Project Control
Controlling a Project
Managing Project Changes
Managing Project Deliverables
Managing Project Issues
Managing Project Risks
Managing Project Quality
Part iv. Project Execution
Leading a Project
Managing Project Communications
Managing Expectations
Keys to Better Project Team Performance
Managing Differences
Managing Vendors
Ending a Project