Like a lot of things in life, risk management is about common sense, about doing simple things one at a time and about accomplishing something of good for the benefits of many.
Practice of risk management is in a way, very much like Kaizen practice, where a step by step actions are required to do what is right and to do things right.
3. No return
without risk
Fully
understand risk
Risk is
managed by
people
Question any
assumptions
Discuss Risks
openly
Diversify for
consistency
Show discipline
Be
approximately
right
Considering
risk and return
11. Do not be
too
confident
Allow for
pessimistic
view
Put risk as
agenda
number 4
Appreciate
the
messenger
Don’t
surprise the
Bosses
Ask Project
Sponsor to
make BIG
decision
15. List of Risks
Who is responsible?
Who bear the cost?
Who take credit for
success?
Optimise Risk
Reduce
Likelihood & Impact
Improve Control
Suggest alternate
16.
17. Treat all risks
equally?
What are the best
possible results?
Some risks have
higher impact and
probability
Be consistent
What may be on
‘critical path’
Risk Parameter
Gut feeling
Criteria
18.
19. Understand risk
Don’t jump into
conclusions
What a risk is all about
Think of effects and
causes
Respond
Immediately, over time
or consequences
Effect to time, cost or
quality?
What Cause precede
an Effect
20.
21. Activity which adds
value
Prevent threat
Minimize negative effect
Take advantage of BIG
opportunities
Focus on BIG wins
Avoid > Supplier,
contractor, technology
Minimise > Analyse
Likelihood and Impact
Accept > Difficult, Time
consuming, Expensive
22.
23. Book Keeping and
Log
View progress, tract
record
So we won’t forget
So we won’t be
blame
A Good Log
Risk description
Clarify risk owner,
cause and effect
A communication tool
24.
25. Track risks
Changes in
circumstances
Control still effective?
Status of mitigation
plan, tasks and
activities
Risk tasks
Review list of risks
and analysis
Which risks are
critical and likely to
happen
Generate, select and
response
26.
27.
28. Prepare for the worst
• To change, to renew
Pray for the best
• through habitual work
Notas del editor
Talking, discussing and writing on risk management is easy compared to actually doing something practical, realistic and of real value to further a project or business objective.
Nobody would dare argue that managing risks is a waste time but I have seen many wasting their time doing risk management for the sake of doing it to please demand of bosess.
Like a lot of things in life, risk management is about common sense, about doing simple things one at a time and about acomplishing something of benefit to money, peace of mind and other people well being.
Acting of risks on common sense basis will reduce chance of doing projects which is delivered late, cost much more, does not meet end user needs, very difficult to maintain, have a very short lifespan and become white elephant structures.
A step by step, simple guide to risk management can guide all of us to do what is right and to things right.
From https://www.riskmetrics.com/9rules
There is no return without risk. Rewards go to those who take risks.
Be transparent Risk should be fully understood.
Seek experience Risk is measured and managed by people, not mathematical models.
Know what you don't know Question the assumptions you make.
Communicate Risk should be discussed openly.
Diversify Multiple risks will produce more consistent rewards.
Show discipline A consistent and rigorous approach will beat a constantly changing strategy.
Use common sense It is better to be approximately right, than to be precisely wrong.
Return is only half the equation Decisions should be made only by considering the risk and return of the possibilities.
The benefits of risk management in projects can be many and significant.
We can make a lot of money if we deal proactively and prepare for uncertain project events.
We can minimise the impact of project threats and take advantage of any opportunities that occur.
We deliver project on time, on budget and with the quality results the project sponsor expected.
Team members will be much happier without "fire fighting" mode to repair the failures that could have been prevented.
Risk management Plan = What Plan? = Don’t expect to benefits from risk management.
Faulty approaches to risk management can be many:
No approach at all to risk management.
Running project with confident that no risks will occur
Put full trust in project manager with decades of experience.
Make risk management part of their day to day operations, project meetings and training of staff.
Identify risks = = open mind set = focuses on future scenarios = anything can happens.
Take advantage of people, papers and the internet.
Team members = personal experiences and expertise.
Experts = track record with similar type of project.
Discuss past incidences = Traps = BIG opportunities = have not cross other’s mind.
Interviews and brainstorming = common methods.
Old project plans, project plan, business case, resource planning, websites = good references = read between the lines.
Not possible = identify all project risks before they occur = be prepared for many.
Project managers in failed project = Unaware of the big disaster that was about to happen.
Someone has actually did see the problem coming = didn't inform the project manager.
Team meeting = project risks = default agenda = not the final item on agenda.
Note down everybody comment with appreciation and without critisicm.
Focus communication efforts on the big risks = don't surprise the boss, the project sponsor or the customer!
Ask Sponsor to make decisions on the top risks = don’t assume too much power.
Project risks = negative connotation = "bad guys" that can harm your project.
Better approach = positive risks = the project opportunities = uncertain events that may be beneficial = “good guys" = complete faster, better and more profitable.
Project teams = struggle with to do = overloaded with urgencies = only negative risks matter
Create short time for opportunities =a high pay-off = small investment in time or resources.
A list with risks = starting point.
Make clear who is responsible for what risk!
Pain = risk is not taken care of properly.
A risk owner for each risk
The risk owner =to optimise the risk = tasks to decrease threats and enhance opportunities = responsible for financial loss = responsible for financial gain.
I treat all risks equally = project life simple.
For better results = some risks have a higher impact than others.
Spend time on the risks that can cause the biggest losses and highest gains.
Check for showstoppers that could distrupt project.
Risks can be prioritised on gut feeling or on a set of criteria.
Criteria = effects of a risk and the likelihood that it will occur.
Prioritisation measure = consistently = focus on the big risks.
Understanding nature of a risk = precondition for a good response.
Examine individual risks = don't jump to conclusions = knowing what a risk is about.
Risk analysis occurs at many different levels = think about the effects and the causes that can make it happen.
Effects = describe what can take place immediately after a risk occurs and what effects happen as a result of the primary effects or because time elapses.
Risk analysis = show magnitude of effect in category like costs, lead time or product quality.
Focus on causes = events that precede a risk occurrence.
List causes and the circumstances that decrease or increase the likelihood.
Risk analysis = investigate entire project = total budget needed or the date the project will finish = do a simulation to show how likely it is that you finish on a given date or within a certain time frame or for a given project costs.
Risk analysis = insights = necessary input = effective responses = optimise risk response.
Implementing activity = adds value.
Prevent a threat occurring = minimise negative effects = map, prioritise and understand risks = sound risk response plan = focuses on the big wins.
Deal with threats =three options =risk avoidance, risk minimisation and risk acceptance.
Avoiding risks = organise project = changing supplier, adopting a different technology
Fatal risk = terminate project.
Minimise risks.
Prevent a risk = influencing the causes
Decreasing the negative effects = risk analysis
Accept a risk.
Effects on the project are minimal
Control = difficult, time consuming or relatively expensive.
Conscious choice to accept a certain risk.
Responses for risk opportunities = reverse of threats.
Seeking risks of gain
maximising opportunities
Ignoring small opportunities
Bookkeeping = risk log = view progress = we won't forget
A communication tool = informs team members and stakeholders.
Risks descriptions,
Clarifies ownership issues
Analyse causes and effects.
Administrative tasks = bookkeeping = Big pays off = large number of risks.
Without record of risks = easier to blame = things go wrong.
Record project risks = effective responses = a track record of excellence = Even if things goes wrong.
Doing projects is taking risks.
Risk register = track risks + associated tasks.
Tracking tasks = day-to-day job.
Integrating risk tasks = daily routine = easiest solution = identify or analyse risks or to generate, select and implement responses.
Tracking risks differs from tracking tasks.
Focuses on the current situation of risks.
Which risks are more likely to happen?
Has the relative importance of risks changed?
Pay attention to the risks that matter most for your project value.
Risk rules = guidelines on how to implement successful project risk management plan.
We can always improve.
Kaizen approach:
Measure the effects of your risk management efforts and
Continuously implement improvements to make it even better.