Upload
others
View
8
Download
3
Embed Size (px)
Citation preview
http://institute.agileriskmanagement.org/ Copyright © 2014. All Rights Reserved.
Risk Management in Agile Projects ISACA After Hours Seminar
Zurich, Switzerland 16.08.2016
Dr. Alan Moran
(IARM, Managing Director)
http://institute.agileriskmanagement.org/ Copyright © 2014. All Rights Reserved.
About the IARM
• The Institute for Agile Risk Management (IARM) is a Swiss based
institution that exists to promote the principles and practices of agile management.
• Broad range of activities including consultancy and training in topics relating to agile (e.g., risk, finance, governance).
• Publication of books and whitepapers on agile project and risk management, the agile enterprise and related topics as well as appearances at public events and conferences.
• Further details can be found at http://institute.agileriskmanagement.org/
http://institute.agileriskmanagement.org/ Copyright © 2014. All Rights Reserved.
My Biopic
http://www.linkedin.com/in/agility
Experience IT Manager with extensive experience of product development and service delivery spanning both public and private sectors. Agilist, author and Managing Director of the IARM.
Dr. Alan Moran MBA CITP CISM CRISC
AgilePM, DSDM Adv. Practitioner, Scrum PSM
http://institute.agileriskmanagement.org/ Copyright © 2014. All Rights Reserved.
Agile
http://institute.agileriskmanagement.org/ Copyright © 2014. All Rights Reserved.
Our Changing World
0
5
10
15
20
25
30
35
40
1980s 1990s 2000s 2010s
WWW .com Bubble
Internet Penetration (% of Global Population)
0
500
1000
1500
2000
2500
3000
3500
4000
Intel PC Clock Speed (MHz)
Fortune 1000 Replacement Rates (%)
http://institute.agileriskmanagement.org/ Copyright © 2014. All Rights Reserved.
Drivers of Change
Extended Enterprise Mass Customisation
Globalisation Digitialisation
http://institute.agileriskmanagement.org/ Copyright © 2014. All Rights Reserved.
What is Agile?
Agile is a product development and project management method that is
characterised by iterative and incremental practices that seek to exploit
feedback cycles together with flexible and collaborative organisational
structures (e.g., self-organisation, cross functionality, adaptive planning) as a
mechanism for coping with change and uncertainty.
http://institute.agileriskmanagement.org/ Copyright © 2014. All Rights Reserved.
The Agile Manifesto (Preferences)
We are uncovering better ways of developing
software solutions by doing it and helping others do it.
Through this work we have come to value:
Individuals and interactions over processes and tools
Working software over comprehensive documentation
Customer collaboration over contract negotiation
Responding to change over following a plan
That is, while there is value in the items on the right,
we value the items on the left more.
http://institute.agileriskmanagement.org/ Copyright © 2014. All Rights Reserved.
Self-Organisation and Internal Autonomy
http://institute.agileriskmanagement.org/ Copyright © 2014. All Rights Reserved.
Example: Scrum
http://institute.agileriskmanagement.org/ Copyright © 2014. All Rights Reserved.
Where is Agile Found?
Agile features prominently in a number of industries (e.g., IT, manufacturing,
Fashion, Retail) and has become a hallmark of innovative organisations
seeking to cope with marketplace turbulance.
http://institute.agileriskmanagement.org/ Copyright © 2014. All Rights Reserved.
Agile Insights
• Richness of dialog promotes the understanding that enhances innovation
(i.e., feedback loops, learning effects)
• Delays erode value (e.g., writing of full up-front specification)
• Segregation introduces barries and latency (e.g., systems thinking)
• Appropriate self-organisation and empowerment improves motivation
http://institute.agileriskmanagement.org/ Copyright © 2014. All Rights Reserved.
Risk
http://institute.agileriskmanagement.org/ Copyright © 2014. All Rights Reserved.
Risk Defined
Risk is “uncertainty that matters”, i.e., uncertainty that if realised impacts one or more objectives in either a negative (i.e., threat) or a positive (i.e., opportunity) manner.
http://institute.agileriskmanagement.org/ Copyright © 2014. All Rights Reserved.
Agile and Risk
• “A project risk is something that may happen and, if it does, it will have a detrimental effect”
• Risk is “an exposure to a potentially negative outcome”
• Risk in the context of projects with “dynamic requirements” with “customers [who] need a new system by a specific date” that is a “new challenge for your software group”
• The “first iteration will immediately expose the risks, wherever they may lie”
• “more often than not high risk work items also prove to be of high value”
http://institute.agileriskmanagement.org/ Copyright © 2014. All Rights Reserved.
Sources of Project Risk*
Requirements Technical Project Approach
Schedule Supplier People
*Research based on IT project risk excl. enterprise risk which includes systemic financial and L&C risks.
http://institute.agileriskmanagement.org/ Copyright © 2014. All Rights Reserved.
Agile Risk Management
http://institute.agileriskmanagement.org/ Copyright © 2014. All Rights Reserved.
Agile Risk Management
http://institute.agileriskmanagement.org/ Copyright © 2014. All Rights Reserved.
Agile Risk Management Features
• Cyclical Cadence to Risk Management Practices
• What/Why Risk Identification Technique ( Risk Statements)
• Risk Tasking (e.g., tasks on a Product Backlog)
• Risk Tagging (i.e., marking how tasks are to be accomplished)
• Risk Burndown
• Risk Walling
http://institute.agileriskmanagement.org/ Copyright © 2014. All Rights Reserved.
What’s “Agile” About Agile Risk Management
• Social nature and characteristics of team risk culture.
• Collective ownership of risks by all members of the team.
• Cadence of risk management activities (e.g., risk workshop at the start of each iteration).
• Agile approach to tending to risks (e.g., what/why, risk tagging etc.)
• Visualization of distribution of risk and reward (e.g. risk walling, risk burndown).
http://institute.agileriskmanagement.org/ Copyright © 2014. All Rights Reserved.
Handling Contract Risk
• Agile Contracting suggests the use of risk sharing strategies
• Key agile parameters often feature in contracting (e.g., team velocity, iterations with exit clauses)
• Agile principles are often cited (e.g., ownership and client responsibility, manner in which delay erodes value, uncertainty as a learning opportunity)
http://institute.agileriskmanagement.org/ Copyright © 2014. All Rights Reserved.
Delay Erodes Value
http://institute.agileriskmanagement.org/ Copyright © 2014. All Rights Reserved.
Working with Options
http://institute.agileriskmanagement.org/ Copyright © 2014. All Rights Reserved.
Further Information
See the IARM website for further publications and articles
http://institute.agileriskmanagement.org/