Upload
trinhhuong
View
214
Download
0
Embed Size (px)
Citation preview
Profit to the PeopleTM
Drive Away the Skeletons in the Closet: Risk Management Will Set You Apart!
October 2015
Profit to the PeopleTM
[Background Slide]
2
Profit to the PeopleTM
The Predicament
• Difficult to transition from risk management theory to practice
• Hard to find tried and true approaches to managing risk
• Sometimes it seems project managers are the only ones who
think about risk
• And sometimes we don’t think about it enough
3
Profit to the PeopleTM
The Solution
• Use a common risk language
• Apply risk management approach
within your Project Lifecycle
• Consider the Risk Management Plan
template
4
Profit to the PeopleTM
Common Risk Language
5
Term DefinitionAssumption Expectation that one situation will occur over another
Constraint A limit the project must operate within and relaxing these could facilitate achieving the objectives or enhancing
project outputs
Critical Success Factor A mandatory project accomplishment
Issue A situation that arises from a risk being realized; issues are not project risks as they have already occurred and
uncertainty no longer exists
Known Risks Risks that have been identified and analyzed, making it possible to plan responses for those risks
Overall Project Risk The effect of uncertainty on the project as a whole; it is more than the sum of the known risks
Risk An uncertain event or condition that, if it occurs, has a positive or negative effect on one or more project objectives
Risk Appetite The degree, amount, or volume of risk than an organization or individual will withstand
Risk Cause A situation that creates the possibility of negative or positive outcomes; causes can be grouped into risk categories
that are referred to as the “risk model” or “risk breakdown structure”. This helps the project team look at many
sources from which project risk may arise.
Risk Conditions Aspects of the project’s or organization’s environment that contribute to project risks, such as immature project
management practices, lack of integrated management systems, concurrent multiple projects, or dependency on
external participants who are outside the project’s direct control
Risk Impact The result of a risk occurring; risks can impact scope, cost, schedule, quality or performance
Risk Tolerance Limits to monitor that actual risk exposure so that it stays within an organization’s risk appetite. Exceeding risk
limits will typically act as a trigger for management action.
Profit to the PeopleTM
Standard Risk Management Approach
6
Project Phase Risk Management Inputs Risk Mgmt Tools
& Techniques
Risk Mgmt
Outputs
Initiation • Business Case
• Other project deliverables as available
• Templates
• Expert Judgment
• Meetings
• Risk Assessment
Planning • Client-Signed SOW or Project Charter
• Risk Assessment
• Stakeholder Register
• Risk Appetite Statements
• Other project deliverables as available
• Templates
• Expert Judgment
• Meetings
• Risk Management
Plan
Execution • Client-Signed SOW or Project Charter
• Risk Management Plan
• Risk Model
• Risk Assessment
• Stakeholder Register
• Risk Appetite Statements
• Other project deliverables as available
• Risk Model Review
• Facilitated Sessions
• Regular Risk
Management Meetings
• Periodic Risk
Assessments
• Expert Judgment
• Risk Register
Monitoring and
Control
• Risk Register
• Risk Likelihood and Impact Matrix (Risk
Management Plan)
• Risk Model
• Risk Categorization
• Risk Probability and
Impact Assessment
• Sponsor Review
• Updated Risk
Register
• Updated Project
Plan
Profit to the PeopleTM
Risk Management Plan
• Which objectives will be assessed for risk exposure?
• Who will participate in the risk management process? What are
the roles and responsibilities?
• Which approaches, tools, and data sources will be used for risk
identification and assessment?
• How will we report and monitor project risks?
7
Profit to the PeopleTM
Establishing Risk Management Roles &
Responsibilities
8
Role ResponsibilitiesProject Sponsor
or Project Owner• Facilitate Risk Assessment in the project initiation phase and assist team with proper interpretation
• Formally or informally, establish risk appetite within the project team
• Provide guidance to project team, as needed, related to risk management
• Act as escalation point, as needed, related to risk management
Project Manager • Ensure Risk Management Plan is consistent and integrates appropriately with other PM plans
• Analyze the Risk Assessment, determine how the known risks affect how risk should be managed on the project
• Build risk plans into project plans, as appropriate
• Own formal risk communications with project sponsor/owner and other team members, leveraging Risk Manager
as appropriate
• Assign risks to team members
Risk Manager • (Functional role that may be assigned to any project team member, including but not limited to the PM)
• Analyze the Risk Assessment, determine how the known risks affect how risk should be managed on the project
• Develop Risk Management Plan
• Facilitate sessions to identify risk, if appropriate
• Create and manage the Risk Register; monitor risks
• Regularly review risks with project team
• Ensure project team effectively and efficiently uses risk tools
• Assist Project Manager with building significant risk plans into the project plan
Project Team
Members• (Includes those filling roles described above)
• Identify and analyze risks
• Volunteer to own risks in accordance with project role and skills/knowledge
• Own and manage assigned risks
• Keep Risk Manager informed of risk status
Profit to the PeopleTM
Defining Risk Scope & AppetiteWhat are the types of risks (cost, time, quality, scope) to be managed
and the organization’s sensitivity to the impacts associated with the risk?
9
Project
Objective
Risk Appetite Risk Tolerance
Cost If cost variances will exceed 5%, must notify
project sponsor
Time
Quality
Scope
Profit to the PeopleTM
Stating Risks
• Risk Meta-Language Technique (Hillson, 2004, p.73)
• State risks as follows to ensure the cause, risk and impact is
clearly identified
• As a result of <definite cause>, an <uncertain event> may occur,
which would lead to <effect on the project objectives>.
• Example: As a result of not being able to control the availability of
our project resources, we may have to develop the critical data
interfaces with less experienced staff, which would affect our
ability to deliver the complete interface solution for the project
• Sometimes you can address one cause and eliminate multiple
risks. This language helps group by cause to see the
opportunities to do this.
10
Profit to the PeopleTM
Identifying Risks – Risk Model
• Provides categories and sources of risk that may relate to the
project
• Assists in identifying risks that might otherwise by overlooked
• Helps categorize risks in the Risk Register
• Not only should individual risks be assessed and evaluated, but
any categories with a high number of risks should be considered
as red flags that need more analysis
11
Profit to the PeopleTM
Identifying Risks – Facilitated Session
• Approach like a Joint Application Design (JAD) session
• Determine which objectives will be assessed for risk exposure
(cost, time, quality, scope)
• Review inputs
– Project scope statement
– Review assumptions and constraints
– Review critical success factors
– Review Risk Assessment
• Risk analysis can be iterative; later in project:
– Review business and technical requirements
– Review work breakdown structure (can create a risk breakdown
structure)
12
Profit to the PeopleTM
Identifying Risks – Other
• Recurring Risk Management meetings
• Periodic Risk Assessments, tailored to current project lifecycle
phase if desired
• Review Assumptions
– Instability: How likely are they to be false?
– Sensitivity: If false, what is the impact to project objectives?
• Review Constraints
– Instability: How likely are they to be removed or relaxed?
– Sensitivity: What will the impact be?
• Review Critical Success Factors
– Instability: How likely is it they will not be met?
– Sensitivity: What will the impact be?
13
Profit to the PeopleTM
Assessing Risks
14
Customize the probability and impact scales for the client/project as needed
• Probability
– Timeframe should be based on the project, such as “What is the
probability of the risk occurring within a one-year timeframe?”
• Impact
– If the risk occurs, what is the impact?
Profit to the PeopleTM
Assessing Risks (continued)
15
• Heat Map
– Impact and Probability are multiplied to obtain a risk score that can be
mapped
Warning: This heat map makes (qualitative) risk management appear
more scientific than it is!!
Profit to the PeopleTM
Treating and Managing Risks
• First, check to see if risk is within appetite
• If it is not, determine the treatment for the risk
16
Negative Risks Positive Risks
• Avoid – Eliminate the risk • Exploit – Make the risk happen
• Transfer – Make another party
responsible
• Share – Involve others to own
opportunity
• Mitigate – Reduce probability
and/or impact
• Enhance – Increase probability
and/or impact
• Passively Accept – Do nothing,
handle only if risk occurs
• Accept – Do nothing, enjoy if risk
occurs
• Actively Accept – Create
contingency plans (can include
cost reserve)
Profit to the PeopleTM
All this….for what???
• More positive risks have been realized
• Fewer negative risks have been realized
• The project was delivered successfully!
17
Profit to the PeopleTM
[Contact Information]
18