In this presentation, we will discuss about risk, project risk and four broad strategies to handle risk. We will also talk about the role of buffers and contingency plan in risk management, project tracking meetings.
To know more about Welingkar School’s Distance Learning Program and courses offered, visit:
http://www.welingkaronline.org/distance-learning/online-mba.html
2. Project Risk Management
What is Risk?
A risk is an likelihood of an event which can have
either a negative or positive impact on a project
(delivery or outcome).
Examples of Project Risks:
Absenteeism
Attention
Changes in scope
Breakdown of equipment
Relation related risk (Between client & Service
Providers)
3. Project Risk Management
A disciplined, though simple, approach to risk
management can reduce crisis management
and the clean ups that result. It will also
increase the chance of project success and
probably reduce the project manager's stress
level into the bargain. We will summaries the
process under these five headings: Measure,
Minimize, Mention, Monitor and Modify, which
you will notice make the easily remembered
acronym 'mmmmm'.
4. Project Risk Management
1. Measure
The project manager needs to measure, assess, understand:
· the risk that the project will exceed the budget he is
thinking of committing to
· the risk that the project will miss any dates he has in mind
· the risk that the project will fail to meet any other
commitments he is about to make.
Many organizations have checklists - things that have gone
wrong in previous similar projects - which are therefore
things that might cause problems in future projects. Some
organizations have several checklists reflecting the various
types of project they undertake. However, checklists (and
I've met PMs who have done this) can lead to the PM "filling
in the checklist", Cont…….
5. Project Risk Management
Risk Identification
filing it away and believing they have "done risk
management". Not terribly useful.
A better approach might be to invite the team and other
stakeholders to a Risk Identification Workshop. Brainstorm:
"team, what do we think could cause us problems, or even
cause us to fail?" When that has been exhausted, zip through
any checklists you've managed to lay your hands on to see if
they prompt anything you hadn't thought of.
Stakeholder managers who may have no direct project
role will need to be involved. Only a manager from the
relevant business department can tell you whether a
user provisionally assigned to your project has the
required skills, will genuinely be available, and will be
empowered to represent their part of the business.
6. Project Risk Management
Risk Check lists
Priorities the risks, listing first those which would
cause major problems and are most likely to happen.
These high impact, high probability risks will clearly
need most attention. You may well decide to ignore low
probability low impact risks to avoid cluttering up your
risk management process.
Tools which employ risk weighting and which calculate an
overall risk score in an apparently scientific way may add
value, but can obscure the fact that one single risk, which may
not even be considered in the tool, can make the whole project
a complete non-starter. Whatever techniques you use to assess,
measure and understand the risks - brainstorming, checklists,
tools.
7. Project Risk Management
Risk Classification
For example: define that user's role in writing, get a written
commitment from his boss that he will be available and
empowered to make decisions on behalf of his department.
Line up backfills for people you think might leave the team
during the project. Increase the budget to include contingency
tasks for risks that you can't eliminate at the start, i.e. tasks
that describe what you'll do if the risk bites you during the
project. Now, if you are an experienced PM you'll know how
to deal with most risks. If you're a novice you may have no
idea how to reduce the risk that, for example, too much
change to the Requirements during the project might cause
you to miss the proposed end date.
8. Project Risk Management
Risk Classification
Some companies record how projects deal successfully with
risks and make this information available to future project
managers. Getting a list of the dozen or so ways PMs have
reduced that change risk in the past could give you some very
useful pointers as to how you might reduce the risk in your
project.
Mention
Who owns the project risk, who ultimately is taking the risk?
The Project Sponsor. But many sponsors have no idea what
the risks might be, particularly if they are sponsoring
technical, e.g. IT, projects - and why should they? Project
managers have a duty to explain the risks to the sponsor
before the sponsor gives the go ahead. Cont….
9. Project Risk Management
Risk Classification
(Image you don't mention the risks and when it's all going
wrong you tell the sponsor that you knew all along it was high
risk - you're going to get shot and quite rightly too.)
But there are good ways and bad ways of presenting risks to
sponsors. Do not go in with 50 overheads listing hundreds of
risks. No. The way to do it is briefly to explain the process
you have used to identify and analyze the risks and then to
describe the major risks you initially foresaw. Then explain
what you have already done to eliminate or reduce some or
most of these major risks. This builds real credibility for the
next bit where you tell the sponsor about the high risks that
remain, the likelihood of their coming to fruition and the
consequence if they do.
10. Project Risk Management
Risk Control
If you were sponsor and you're told "this risk is almost
certain to happen and when it does your £5M project will be a
total write off", would you give the project the go ahead?
Probably not, unless the benefits are measured in billions and
it's worth the gamble. But the sponsor may accept the position
that if a particular risk should happen it would delay the end
date by a month - although he will of course exhort you to
meet the end date in spite of the risk.
Monitor
But that isn't the end of it. Far from it. Clearly we must
make sure we monitor and manage risks during the
project to make it less likely that they will happen and to
minimize the impact if they do.
11. Project Risk Management
Risk Control
Create a Risk Register which lists risks in priority
order. For each risk, the register might include:
• Risk number
· Description
· Consequence if risk happens
· Probability (high, medium or low)
· Planned actions to mitigate the risk
· Contingency plan (what you'll do if the risk
happens)
· Risk owner (a member of the project team)
· Status (e.g. closed: no longer a risk)
12. Project Risk Management
Risk Control
At weekly team meetings risk owners report,
briefly, on the status of their risks. What planned
(or unplanned) actions are being taken to reduce
the risk. Is the risk receding or growing? This
should ensure that the team is involved in risk
reduction activities and in refining the risk
management plan. Keep the register updated -
relegate receding risks, promote growing ones.
New risks can always crawl out of the woodwork
as you go along - if they are significant add them
to the register.
13. Project Risk Management
Risk Control
Each month the project manager should report to
the sponsor on the status of key risks. With any
luck you'll be reporting your success in dealing
with the risks, but if risks are growing you should
obviously alert the sponsor to that
Modify
At the end of each stage of your project hold
a post mortem. Look at the risks you
identified at the outset. Record what you did
successfully to deal with each risk, what you
tried that did not work,
14. Project Risk Management
Risk Control
and what you would do next time with the
benefit of hindsight. These ways of
addressing risks will be useful not only to you
and your next project, but also to other
project managers.
Some organizations have a Project Support
or Project Assurance or similarly named
project management center of competence'.
If such exists in your organization, send your
list of addressing factors to them.
15. Project Risk Management
Risk Control
When a future project manager is starting a
project and has identified a risk he has no
idea how to mitigate, he can call up Project
Support and ask "what has worked well in
the past?"
Ideally Project Support will be proactive in
modifying the organisation's risk checklists.
They will add new risks that are actually
being experienced and delete risks that are
no longer applicable within the organization.
16. Project Risk Management
Risk Control
Ideally they would also seek out successful
strategies for addressing risks and
proactively feed these forward to future
projects.
No risk checklist will list all the risks that your
project faces: projects are all different, which
is why project management is such fun.
Project risk assessment is a "brain in gear"
activity: it is not about filling in a checklist
and forgetting it.
17. Four Broad Strategies For
Handling Risk
Based on the foregoing the Four Broad Strategies
For Handling Risk of any kind are:
•Risk Avoidance: do not tend that path at all.for
example do not allow employers to enter external
CD’s & floppies or remove all those drives.
•Risk Migration: Either reduce the possibility of the
risk or reduce its impact,again going back to same
example,we may allow to use CD”s etc but
installing anti virus software
18. Four Broad Strategies For
Handling Risk
•Risk Transfer: The organizers can either bind
subcontractors & mange to share part of the risk
with them.
For example some part of subcontractor payment
linked with successful completion of the project.
The other way of transferring risk to take insurance
Key man insurance takes care of loss of key person
•Risk acceptance:
Here considering the low impact of the risk the
organization decide not to any thing but take the
risk and absorb financially
19. Role of Buffers & Contingency
plans in risk Management
Two common ways of dealing with project related
risks are
•Working out suitable Contingency plans
•Putting Buffers
A Contingency plan is a standby plan which can
be activated once the normal course is affected.
If Power failure is a known risk in a region the
manager will Provide Standby generator. A standby
Generator set is a example of Contingency plans
Conducting Mock drills is a good practice
to reduce panic & galvanize the team into action
20. Role of Buffers & Contingency
plans in risk Management
A clear contingency plan must be defined for
construction & software industry
A Project manager builds suitable buffer to Reduce
impact of risk to project.
The combination of which two concepts can be
used for working out approximate buffers
Pure Duration estimate & specific mapping of
task. Thus we can decide on the buffer by
Identifying which tasks are affected
Access the extent of impact due to that risk by
quantifying & providing appropriate amount of
buffer
21. Role of Buffers & Contingency
plans in risk Management
Type of Buffers
Buffers can be three types:
Resource buffers:I.e providing more resources as
people,equipment etc.
Time buffers:Task expected to finish in four
days
& one more day as buffer
Natural buffers:Usually plan is prepared on
normal working day i.e 8 hours a day/5 days a
week it can stretched to 10 to 14hoursday & six
days/week
22. Role of Buffers & Contingency
plans in risk Management
Where to place Buffers ?
It is good practice to place buffers at following
places.
• Project end buffer :This is a buffer which
prevents the project does not cross the final date.
Project end buffer is a type of time buffer
•Milestone and phase end buffers: To prevents a
delay in one phase or a milestone eating time of
next phase or milestones,it is important to place a
buffer in terms of time/resources.
23. Role of Buffers & Contingency
plans in risk Management
Where to place Buffers ?
• Task level buffers : We use pure estimates and
add buffers to those tasks which are likely to be
impacted by risk.
•Buffering the tasks on critical path :Most
important tasks which are on the critical path must
be buffered by resources buffers to ensure tere is no
delay on the critical path
•Buffering the tasks on Non-critical path:There is
slack in terms of time in this path ,hence non
critical path is subject to variation
24. Project Tracking meeting
Project tracking meeting is best place to identify
risk which is likely to hit the project in the near
future.each project team member is aware of the
risks likely emerge in his work area or tasks.
Hence good project managers should use project
tracking meetings not to review stsus but as to
identify sources of risk.
Having identified the risk there has to be a formal
process for managing risks.
25. Project Tracking meeting
Usually risk management involves the
following steps
Risk Identification
Risk Quantification
Risk Classification
Risk response development
Risk response execution
Risk response Monitoring
Risk Closure
26. Project Tracking meeting
A properly defined process
which takes the project from risk
detection to closure will help in
gliding over eventually,during
the closure of the project
28. “Like” us on Facebook:
p // /
http://www.facebook.com/welearnindia
“Follow” us on Twitter:
http://twitter.com/WeLearnIndia
http://twitter com/WeLearnIndia
Watch informative videos on Youtube:
http://www.youtube.com/WelingkarDLP