Risk Monitoring and Control (RM&C) The purpose of Risk Monitoring and Control is to monitor the risk management plan and to identify, analyze, and plan for new risks while keeping track of existing risks and risk responses. Risk Monitoring and Control activities include: Testing project assumptions Identifying risk changes and their trends Verifying compliance with Risk Management policies Updating and modifying contingency reserves as needed
Just as it is critical to keep the project plan up to date and to continuously monitor project performance, the Risk Management Plan and the Risk Register must be frequently reviewed and periodically updated to realize the benefits of the prior Risk Management Processes: Risk Management Planning, Risk Identification, Qualitative Risk Analysis, Quantitative Risk Analysis, and Risk Response Planning. It is especially important to update the Risk Management Plan when: There are large variances between the project plan or Risk Management Plan and the actual project performance, There are surprises (both good and bad), Significant changes are made to scope or schedule or budget, There is a change in the external and/or internal environmentregulatory, legal, market, etc., or A change in one or more key project personnel has occurreda key team member, project customer, project sponsor, or key stakeholder.
Why would these situations trigger a close look at the Project Management and Risk Management Plans? Because any of these events could affect project risks and/or be an indicator that: Things are different than previously believed, Assumptions in the Project and Risk Management Plans are no longer valid, or There is an increased chance of changes to the project objectives due to new players on the project. (No matter how well project deliverables and acceptance criteria have been documented, different interpretations can occur when new people turn up.)
In a project where there are a lot of changes, or toward the end of a project implementation when there are frequent small changes or rapid workarounds, it is a good idea for the project manager to raise the project team's awareness and sensitivity to identify changes that affect or change project risk. Risk Monitoring and Control Inputs Inputs include: Risk Management Plan Updated from the Risk Response Plan Risk Register Also updated from the Risk Response Plan Approved Change Requests that may affect the original plans Work Performance Information Actual performance, such as costs and completion dates, and the need for corrective action when substandard performance is discovered
Risk Monitoring and Control Tools and Techniques Throughout the project life cycle, the project team should have an awareness of risks and how they can change over time. Risk Reassessment As mentioned earlier in this chapter, reassessing risk should occur as often as needed based on the volatility of environment or "surprises." Risk Audits An examination of the effectiveness of the risk responses. This data is needed for future projects and adjustments to the current project. Variance and Trend Analysis Tools such as earned value analysis can uncover future potential threats to the cost and schedule objectives. Technical Performance Measurement Similar to earned value analysis, this tool can help forecast success against functionality by comparing technical accomplishments to the project schedule. Reserve Analysis Comparing the amount of contingency reserves that remain during various points of execution to the upcoming risks to determine if the current reserve amount is too large or too small.
Most project teams will reassess the risk management plan periodically during execution and review the Risk Register at project team meetings. Proactive project managers do not wait for problems to look at these items. They are proactively looking ahead and evaluating the impact of changes to the project environment as they occur. Change management impact should also consider the change to the risk status as well as schedule and budget. Risk Monitoring and Control Outputs Outputs of Risk Monitoring and Control include: Updated Risk Register Outcomes of the risk activities and updated values or data used to revise the selected risk responses or identified risks as needed. Agreed upon Changes Responding to risks may require changes to the project plan using the Integrated Change Control Process. Recommended Corrective Actions Contingency plans and workaround plans that are needed to address risks that were not previously identified and those unknowns that were acknowledged in the contingency reserves. Recommended Preventive Actions Actions that bring the project back into line with the project management plan. Reassessing risk on a routine basis may uncover emerging risks before the obvious problems (impacts) are visible. Updated Organizational Process Assets Documentation of the results of all the Project Risk Management Processes can be converted to lessons learned, templates, processes, and other tools that can be used on future projects. Updated Project Management Plan Approval of changes submitted to the Integrated Change Control Process will be revised to reflect changes as needed.
|
