Project Mangement - overview of the Risk Management knowledge area within project management. Describes the 7 processes within Project Risk Management and the process groups impacted.
Blog: https://agile-mercurial.com
YouTube: https://www.youtube.com/channel/UCPM82of2YuqIR1SgLGHa1eg
Twitter: https://twitter.com/agile_mercurial
Tumblr: https://agilemercurial.tumblr.com/
2. Project Risk
Management Overview
• The process of planning for risk
management, identifying risks,
analyzing potential impacts, and
response planning
• Work to increase the likelihood of
positive risk occurrence
• Work to prevent the occurrence of
negative risks
6. Risks
Uncertainty
•Lack of confidence in an event occurring
•Lack of knowledge or understanding of a possible event
Risk Factor
•Attributes of risk
•Probability, Occurrence Frequency, Possible Outcomes
Risk Averse
•Avoiding risk, inability to take risks
Risk Tolerance
•The acceptability or unacceptability of taking risks
Risk Threshold
•The point at which risks are not tolerated or not acceptable
8. 11.1 Plan Risk
Management
• Part of the Planning Process
Group
• The process of describing how risk
management activities will be
conducted
9. Risk Management Plan
Methodology
The tools and
approaches that the
project intends to use
while performing risk
management
Roles and
Responsibilities
Identify the resource
that will perform the
activity
Risk Budgeting
Plan for handling
contingency and
management
reserves
Timing
Frequency of risk
management activity
occurrence
Risk Categories
Types of risks
anticipated and the
classification of those
risks
10. Risk Management Plan
Stakeholder
Tolerances
How likely various
stakeholders are accepting
or unaccepting of risks
Reporting Formats
The documentation
procedures for the risk
management process
Probability and
Impact
Define the risk levels in
relation to the possible
probably or impact of a risk
Risk Tracking
The process of recording
and auditing risks
12. 11.2 Identify Risks
• Part of the Planning Process Group
• The process involved with figuring out which
risks are relevant to the project and
documenting them
• Concerned with documenting existing risks
• Risk identification should be a far reaching
and collaborative process
• Risks can be identified later or a risks
information can change - this is an ongoing
process
13. Risk Identification Techniques
Documentation
Reviews
Review project
documentations and
look for risks
Requirements or
Information
Gathering
Brainstorming, Root
Cause Analysis,
Delphi Technique,
Interviews, Checklist
Analysis, Assumptions
Analysis
Diagramming
Ishikawa diagram
(Cause and Effect)
and quality control
tools, SWOT analysis
Expert
Judgement
Identified risks from
experts in the field
Lessons Learned
Lessons learned from
prior projects
14. Risk Register
• The output of the Identify Risks process
• Contains information on the possible risks faced in the project
• Includes:
• List of risks that were identified
• The possible impact of the risk
• Possible identified causes of risks
• Responses to risks are added during the Plan Risk Response
process
16. 11.3 Perform Qualitative
Risk Analysis
• Part of the Planning Process Group
• Prioritizing risks by probability of occurrence
or the impact of the risks
• A high probability risk with a high impact will
likely be at the top of the list as a high priority
risk
• The likelihood of a risk occurring is a high
probability risk
• The risk impact is severity of the impact on
the project if the risk occurs
• Risks are rated by standard outlined in the
Risk Management Plan (Developed in the
Plan Risk Management process)
17. Techniques of Qualitative Risk
Analysis
Probability and
Impact Matrix
A method of sorting risks
that should be
standardized between
projects for future needs
Risk Data Quality
Assessment
The usefulness of the
information about risks and
how useful it is in risk
evaluation
Risk Categorization
Placing risks in similar
groups to help manage
risks and determine areas
of uncertainty or help find
find root causes of risks
Risk Urgency
Assessment
Identifying the sooner to
occur risks to ensure focus
is placed on upcoming risks
19. 11.4 Perform
Quantitative Risk
Analysis
• Part of the Planning Process Group
• Numerically analyzing risks by the impact of
the risk using metrics such as the cost of the
risk or the schedule delay of the risk
• Aids in decision making related to the risk
• Assists in creating costs and schedule
reserves
• Identifies the largest impact risks
• Less subjective than Qualitative Risk Analysis,
but more difficult to perform and not always
needed in a project with low risk/low time
duration
20. Techniques for Performing
Quantitative Risk Analysis
Probability
Distribution
Graphically display the
likelihood of risks to
occur over time
Sensitivity Analysis
Determine which risks
will have the highest
potential impact
Tornado Diagram
A graphical tool showing
positive and negative
risk impacts
21. Techniques for Performing
Quantitative Risk Analysis
• Expert Judgement
• Experts aid in the discovery of possible costs and schedule impacts to
risks bases on their own experience
• Expected Monetary Value (EMV) Analysis
• Calculates the average outcome on possible scenarios
• Positive values indicate a positive risk, while negative values indicate a
negative risk
• Modeling and Simulation
• Usually done by computer, it is used to find the potential impact of risks
on the project
• Monte Carlo Analysis – can provide the probability of completing a
project by the estimated completion date and the estimated budget
23. 11.5 Plan Risk
Responses
• Part of the Planning Process Group
• The process of creating plans for handling
positive and negative risks
• Goals include developing ways to improve the
likelihood of positive risk (opportunity) of
occurring and reducing the likelihood of
negative risk (threat) of occurring
• Develop contingency plans for risks if they do
occur
25. Negative Risks – Threats
• Escalate
• Risk is outside the scope of the project and not within the authority of the
project manager or team to handle, risk is escalated up
• Avoidance
• Work to eliminate the occurrence of the threat
• Transfer
• Shift the possible impact to a third party, such as insurance or contracting
out parts of the project transferring the risk to another entity
• Mitigate
• Reduce the likelihood of a risk occurring or reduce the impact of a risk on
the project
• Accept
• Accept that the risk may occur and deal with it when it happens
26. Positive Risks – Opportunities
• Escalate
• Risk is outside the scope of the project and not within the authority of the
project manager or team to handle, risk is escalated up
• Exploit
• Working to make sure that the risk occurs and exploiting the opportunity
• Enhance
• Increasing the likelihood of the opportunity’s occurrence
• Share
• Sharing the opportunity with a third party, usually merges multiple
advantages increasing the possibility of a positive risk occurrence
• Accept
• Accept the risk if/when it occurs, but not working to actively realize the
opportunity
27. Contingency Risk Response
• If a risk occurs, plans to handle or
correct the impact could be created for
severe risks
• Contingency Plans are developed to
respond to the occurrence of a risk
describe how the occurrence will be
handled
29. 11.6 Implement Risk
Responses
• Part of the Executing Process Group
• Risks responses plans are implemented to
handle or deal with risks
• The action of minimizing the threat or
maximizing the opportunities
• Implement approved change requests or
project document updates
31. 11.7 Monitor Risks
• Part of the Monitoring & Controlling Process
Group
• The process of monitoring or tracking
identified risks and identifying possible new
risks
• Evaluation of the risk management processes
• Reassess risks to determine their current
priority and update plans as needed
• Carry out audits of risks and ensure planned
responses are adequate
32. Sources
• A Guide to the Project
Management Body of
Knowledge – PMBOK 6th
Edition
• https://www.pmi.org/
Joshua Render
https://agile-mercurial.com