1. 4/3/2011
Project Management
Knowledge Areas
Section – 3
Chapter – 11
Project Risk Management
Session Objectives…
1. To identify the project Risk management
knowledge area’s processes
2. How to plan Risk Management for the project
3. How to identify Risk
4. How to perform Qualitative Risk Analysis
5. How to perform Quantitative Risk Analysis
6. How to plan risk Responses
7. How to perform Risk Monitoring and
Control
1
2. 4/3/2011
Project Risk Management
Exam Objectives
1. Planning for Risk Management
2. Identifying Risks
3. Creating a Risk Register
4. Performing Qualitative Risk Analysis
5. Performing Quantitative Risk Analysis
6. Planning for Risk Responses
7. Monitoring and controlling Risks
Project Risk Management
The Project Risk Management Knowledge
area, discusses the processes of
Plan Risk management
Identify Risks
Perform Qualitative Risk analysis
Perform Quantitative Risk analysis
Plan Risk responses
Monitor and Control Risks
2
3. 4/3/2011
Project Risk Management
What is Risk?
Risk is unplanned event or condition that
can have a positive or negative effect on its
success
Not all Risks are bad, and are seen as a
Threat
Risk is uncertainty
Plan Risk Management
The process is to decide
How to approach
How to conduct
Risk management activities
Exam point to remember
The objective of Risk Management Planning is to
ensure that the level, type and visibility of Risk
Management are commensurate with both the
risk and importance to the project to the
organization, to provide sufficient resources and
time for risk management activities and to
establish an agreed-upon basis for evaluating risks.
3
4. 4/3/2011
Plan Risk Management
• 1. Project Scope
Statement
• 2. Cost Management Plan
• 3. Schedule Management
Plan
• 4. Enterprise
Environmental Factors
• 5. Organizational Process
Assets
Tools &
Techniques
• 1. Risk Management Plan
• 1. Planning Meetings and
Analysis
Input
Output
Plan Risk Management
Inputs
1. Project Scope Statement
2. Cost Management Plan
3. Schedule Management Plan
4. Enterprise Environmental Factors
5. Organizational Process Assets
4
5. 4/3/2011
Plan Risk Management
Tools and Techniques
1. Planning Meeting and Analysis
Outputs
1. Risk Management Plan
Risk Management Plan
Contains…
Methodology
Roles and Responsibility
Budgeting
Timing
Risk Categories
Definitions of Risk Probability and Impact
Probability and Impact Matrix
Revised stakeholders’ tolerances
Reporting formats
Tracking
5
7. 4/3/2011
Plan Risk Management
Probability : Is the chance that something is likely to
happen
Ranked as “Very Unlikely” to “Almost
Certainty”
Impact: The resultant of the probable event, is
measured as impact
Negative for threats or
Positive opportunities
Ranked as “Very Low”, “Low”, “Moderate”,
“High”, “Very High”
Probability and Impact Matrix
Defined Conditions for Impact Scales of a Risk on
Major Project Objectives
Project
Very Low
Objectives / .05
Low
/ .10
Moderate
/ .20
High
/ .40
Very High
/ .80
Cost
Time
Scope
Quality
7
8. 4/3/2011
Probability and Impact Matrix
Legend - Watch list - Moderate - High
Alert
Defined Conditions for Impact Scales of a Risk on
Major Project Objectives
Probability/i / .05
mpact
/ .10
/ .20
/ .40
/ .80
Very Low
Low
Moderate
High
Very High
Identify Risk
The process of
Identifying the Risks
Documenting their characteristics
The process is repetitive
8
9. 4/3/2011
Identify Risk
Risks may be found
1. Budgets/funding
2. Schedules
3. Scope or requirement changes
4. Project plan
5. Project management processes
6. Technical issues
7. Personnel issues
Identify Risk
Risks may be found
8. Hardware
9. Contracts
10. Political
11. Business risk
12. Legal
13. Environmental
9
11. 4/3/2011
Identify Risk
Inputs
7. Schedule Management Plan
8. Quality Management Plan
9. Project Documents
10. Enterprise Environmental Factors
11. Organizational Process Assets
Identify Risk
Tools and Techniques
1. Documentation Reviews
2. Information Gathering techniques
Brainstorming
Delphi technique
Interviewing
Root Cause Identification
11
12. 4/3/2011
Identify Risk
Tools and Techniques
3. Checklist Analysis
4. Assumptions Analysis
5. Diagramming Techniques
Cause-and-Effect diagrams
System or Process Flow charts
6. SWOT Analysis
7. Expert Judgment
Identify Risk
Outputs
1. Risk Register
List of identified Risks
List of Potential Responses
Root causes of Risks
Updated Risk Categories
12
13. 4/3/2011
Perform Qualitative Risk Analysis
Qualitative Analysis is a subjective approach
to prioritizing risks.
According to probability and potential
impact, identified risks are rated
The ranking categorizes into
That require additional analysis
That may proceed directly to risk
response planning
That are not critical
And prioritizes risks
Perform Qualitative Risk Analysis
•
•
•
•
1. Risk Register
2. Risk Management Plan
3. Project Scope Statement
4. Organizational Process
Assets
Input
Tools &
Techniques
• 1. Risk probability And Impact
Assessment
• 2. Probability and Impact
Matrix
• 3. Risk Data Quality
Assessment
• 4. Risk Categorization
• 5. Risk Urgency Assessment
• 6. Expert Judgment
• 1. Risk Register
• Updates
Output
13
14. 4/3/2011
Perform Qualitative Risk Analysis
Inputs
1. Risk Register
2. Risk Management Plan
3. Project Scope Statement
4. Organizational Process Assets
Perform Qualitative Risk Analysis
Tools and Techniques
1. Risk Probability and Impact
Assessment
2. Probability and Impact Matrix
3. Risk Data Quality Assessment
4. Risk Categorization
5. Risk Urgency Assessment
6. Expert Judgment
14
15. 4/3/2011
Perform Qualitative Risk Analysis
Outputs
Updated Risk Register
Relative ranking or priority list of risks
Risks grouped by categories
List of risks requiring responses in the
near term
List of risks for additional analysis and
response
Watch-lists of low priority risks
Trends in qualitative risk analysis results
Perform Quantitative Risk
Analysis
Quantitative Risk Analysis tries to numerically
assess the probability and impact of the identified
risks
The objectives of quantitative risk analysis are
Ascertain the likelihood of project success
Determine the risk exposure
Determine the likely amount of contingency
reserve needed
Determine the risks with largest impact on
the project
15
16. 4/3/2011
Perform Quantitative Risk Analysis
• 1. Risk Register
• 2. Risk Management Plan
• 3. Project Cost
Management Plan
• 4. Schedule Management
Plan
• 5. Organizational Process
Assets
Input
Tools &
Techniques
• 1. Data Gathering And
Representation Techniques
• 2. Quantitative Risk Analysis
And Modeling techniques
• 3. Expert Judgment
• 1. Risk Register
• Updates
Output
Perform Quantitative Risk Analysis
Inputs
1. Risk Register
2. Risk Management Plan
3. Project Cost Management Plan
4. Project Schedule Management Plan
5. Organizational Process Assets
16
17. 4/3/2011
Perform Quantitative Risk Analysis
Tools and Techniques
1. Data Gathering and Representation
Techniques
Interviewing
Probability Distributions
Expert Judgment
Perform Quantitative Risk Analysis
Tools and Techniques
2. Quantitative Risk Analysis and
Modeling
Techniques
Sensitivity Analysis
Expected Monetary Value Analysis
Decision Tree Analysis
Modeling and Simulation
3. Expert Judgment
17
18. 4/3/2011
Perform Quantitative Risk Analysis
Outputs
1. Updated Risk Register
Probabilistic Analysis of the Project
Probability of Achieving Cost and
Time Objectives
Prioritized list of quantified risks
Trends in Quantitative Risk Analysis
Results
Perform Quantitative Risk Analysis
Buy or
Build
Decision Tree Analysis
Decision Name
Buy
200,000
Build
190,000
Probability of On-Time
Completion
Strong
85%
Weak 15%
Strong
75%
Weak 25%
170,000
30,000
142,500
47,500
Best Decision
18
19. 4/3/2011
Plan Risk Responses
Risk response planning is all about options and
actions
It involves activities
How to decrease the possibility of risks
How to reduce the impact of the risk if has
to happen
Effectiveness of Risk Response will control
number of risks that occur
Exam Point:- Planned risk responses must be
appropriate to the significance of the risk, cost
effective in meeting the challenge, timely, realistic with
the project context, agreed upon by all parties
involved, and owned by a responsible person.
Plan Risk Responses
• 1. Risk Management Plan
• 2. Risk Register
Tools &
Techniques
• 1. Strategies For negative risks
or Threats
• 2. Strategies for positive risks
or Opportunities
• 3. Contingent Response
Strategies
• 4. Expert Judgment
Input
• 1. Updated Risk Register
• 2. Updated Project
Management Plan
• 3. Risk-related Contract
Decisions
• 4. Project Document Updates
Output
19
20. 4/3/2011
Plan Risk Responses
Inputs
1. Risk Management Plan
2. Risk Register
Plan Risk Responses
Tools and Techniques
1. Strategies for Negative Risks or
Threats
Avoid
Transfer
Mitigate
Accept
20
21. 4/3/2011
Plan Risk Responses
Tools
2.
3.
4.
and Techniques
Strategies for Positive Risks or
Opportunities
Exploit
Share
Enhance
Accept
Contingent Response Strategies
Expert Judgment
Plan Risk Responses
Outputs
1. Updated Risk Register
2. Updated Project Management Plan
3. Risk – Related Contract Decisions
4. Project Document Updates
21
22. 4/3/2011
Plan Risk Responses
Risk Transfer
Insurance
Performance Bonds
Warranty
Guaranty
Fixed-Price contracts
Plan Risk Responses
Risk Mitigation
An effort to reduce the probability,
impact or both of an identified risk.
Ex:
Developing prototypes, simulations.
Adding activities to reduce the risk
probability or impact.
22
23. 4/3/2011
Plan Risk Responses
Risk Acceptance
Is the process of simply accepting the
risk because
No other option
Risk may be small probability, impact
or both
Passive acceptance requires no action
Active acceptance requires developing
a contingency plan if the risk occurs
Plan Risk Responses
Residual Risks
The remains of the risk after
avoidance, transfer, or mitigation
Secondary Risks
The risks that are resulted from risk
responses
Secondary
Risk
Risk
Solution
Secondary
Risk`
23
24. 4/3/2011
Monitor & Control Risks
The process is for:
Monitoring identified risks triggers at the
thresholds
Controlling identified risks with
responses
Scouting for new risks that may creep up
The objectives are to
Confirm risk responses are implemented
as planned
Determine if risk responses are effective
or new responses are needed
Monitor & Control Risks
The objectives are to
Validate the project assumptions
Monitor risk triggers
Monitor for new risks
Confirm policies and procedures
24
25. 4/3/2011
Monitor & Control Risks
•1. Risk Management Plan
•2. Risk Register
•3. Approved Change requests
•4. Work performance
Information
•5. Performance reports
Tools &
Techniques
•1. Risk Reassessment
•2. Risk Audits
•3. Variance and Trends Analysis
•4. Technical Performance
Measurement
•5. Reserve Analysis
•6. Status Meetings
Input
•1. Updated Risk Register
•2. Requested Changes
•3. Recommended Corrective
Actions
•4. Recommended Preventive
Actions
•5. Updated Organizational
Process Assets
•6. Updated Project Management
Plan
Output
Monitor & Control Risks
Inputs
1. Risk Management Plan
2. Risk Register
3. Approved Change Requests
4. Work Performance Information
5. Performance Reports
25
27. 4/3/2011
Project Risk Management
To Sum Up….
1. We identified the project Risk management
knowledge area’s processes
2. We know how to do Risk Management for the
project
3. We know how to do Risk Identification
4. We know how to perform Qualitative Risk
Analysis
5. We know how to perform Quantitative Risk
Analysis
6. We know how to do risk Response Planning
7. We know how to perform Risk Monitoring and
Control
Questions ?
27