Upload
anand-shah-pmp
View
54
Download
0
Embed Size (px)
DESCRIPTION
Know your risk appetite
Citation preview
Author- Anand Shah Subject- Risk Appetite [email protected]
+91 940 863 5561 Page 1
Know your Risk Appetite!
Categories – Risk management, who is
responsible, need to manage at tolerable level,
importance of informed decision.
Risk is an event which is not yet occurred and once it is occurred then it is an Issue.
We all have been doing risk management throughout our lifetime, knowingly or
unknowingly. When we were student, few were studying consistently from day one of
the semester and few of us when exams approaching. Result is more dependent
upon how proactively we identify and effectively analyse the risk along with efficient
implementation of the strategy.
Concept of risk management is same and applies in all areas as it is. Only in case of
Organization, Risk management is more of a collaboration approach rather than
individual. It is an activity to improve quality, productivity and work/life balance in
organization. If we consider Software water flow model then PM/BA performs risk
management to make sure that Arch/Designer can perform well and this goes on for
Arch/Designer to make developer’s life smoother and in turn tester in a successive
chain approach and any deviation can result into more rework and impact on quality.
So is it only senior team members are responsible for identifying and mitigating risk
or people implementing plans are responsible?
It is everyone’s job at all levels in order to work
as a Team. Collaboration and communication
plays a vital role, how we manage risk in larger
context. Everyone needs to know Risk Appetite
(generally guidelines/policy) of the organization
and then perform risk management within
control limits specified. Risk management is
mandatory and beneficial at individual, team,
project and organization level irrespective of
employee role, responsibility and designation.
It is an integral part of every business
processes in organization.
Author- Anand Shah Subject- Risk Appetite [email protected]
+91 940 863 5561 Page 2
Like every country has traffic rules and system in place and every driver needs to
follow these rules along with their hazard perception skills. Similarly Organizations
have Risk management policy and standard defined. Every employee of organization
need to compliance with this policy along with their hazard perception skills specific
to their expertise/domain. Expert says that known roads and improved hazard
perception skills of employee will lead to high maturity organization. This is the
reason all organizations are moving towards standards like ISO, CMMi so that new
joiner can understand the process faster if they work in similar standard with their
previous organization. Every organisation has customized model for risk
management primarily depends upon organization size, budget, business and risk
adopting threshold. Almost all methodology like Agile, Scrum, PMP, Prince2, Six
Sigma and CMMi are developed around Risk Management framework.
It is important to train everyone to
identify/manage/escalate the Risk as per
organization standard/policy. For e.g. Software
Company may not have critical risk with regards to
adopting technology as this is its primary domain
but the same can be a critical risk for Government
organization. Defining risk management policy
includes appetite, threshold, strategy, categories,
do’s & don’t, tolerance level and escalation
procedures. We cannot mitigate all the risk but
always can communicate/escalate to respective
stakeholders as appropriate. Risk can be
escalated at every level and mitigated at every
level as it is a job of everyone in the project team.
It is not enough to just identify the risk but also to develop plans and consider
important decisions in order to avoid/transfer the risks or convert them into
opportunity. Processes are used to overcome people dependency on the project.
Risk management ensure that succession plan is created and implemented at
individual level to make sure that project is more process centric and not people.
Author- Anand Shah Subject- Risk Appetite [email protected]
+91 940 863 5561 Page 3
There are number of methods of managing risks and more one uses statistical and
industry proven approach then decisions are more aligned with business needs.
Sometimes it is best to take decision based upon past/current experience in
organization instead of getting into statistical method and justify the decision as a
team. But many a times, we cannot take decision just on perception/experience and
requires proven method/science/evidence to reach to a decision. For example, pilot
cannot take decision that today, I am ready and safe to travel from one place to
another as this decision requires number of parameters like weather, flight
condition/readiness, fuel, satellite, software, hardware and many more. Also this
decision requires at each and every flight departure. Here, industry using rigorous
statistical risk management process to see if the acceptance level is met as per
airlines risk management policy. Benefits of using standard process are to take
consistent safer decision along with business benefits.
There is no right or wrong framework and it needs to be customized depends upon
project and organizations resource maturity and adoptability level. To know more
about organization operating model please refer my blog on the same. Industry
statistics claim that more effort requires on risk management front at the beginning of
the project to increases success ratio of the project as it is more manageable at early
stage. But that does not mean, Risk management effort decreases most of the times
as project moves forward.
Author – Anand Shah PMP & Prince2 Practitioner
Visit for more blogs @ in.linkedin.com/in/anandshah09/ or On Slideshare