Professional Documents
Culture Documents
Overview
23/05/2014
The objectives of Project Risk management are to increase the probability &
impact of positive events (opportunities), and decrease the probability &
impact of events adverse to the project (threats)
What is risk?
A risk is an uncertain event that could have a positive or negative effect on your
project
* This means there is a probability between 1-99% that the event could occur
If there is a 0% chance of an event occurring, there is no risk
(example; there is a 0% chance your project will be adequately funded, this is not
a risk, it is a reality)
If there is a 100% chance of an event occurring, this would be an issue, not a risk
Risks with negative consequences are called threats
Risks with positive consequences are called opportunities (Yes, risk can be good!
Stop thinking of risk as bad, and start thinking of it in terms of probabilities!)
23/05/2014
Types of Risk
Risks can be broken out into two primary types
Pure Risk risk with potential loss only
ex. Fire, theft, personal injury
Business Risk (speculative risk) risk with potential loss or gain
ex. A highly skilled employee becomes available to work on your project,
reducing your schedule time, the tax rate changes, a new server costs less
(or more) than you budgeted for
23/05/2014
Considerations
Look for risks caused by things like poor project management, dependency
on uncontrollable external resources, concurrent multiple projects, etc.
Project sponsor
Management
Project manager
Project team
Procurement deparment
Marketing deparment
Other deparment
Salespeople
Legal counsel
Project manager of previous,
similar projects
Customer
Customers competition
End users
Suppliers and vendors
Expert
Public
23/05/2014
Project constraints
Assumptions
WBS
Network Diagram
Plans
Resource
Communications
Quality
Procurement
by Rita Mulcahy
Elmer Zapata Ramrez, PMP, PMI -RMP
23/05/2014
Risk identified
Plan for how
and who will be
involved in risk
management
Short list of
risk through
qualitative and
quantitative
analysis
Potential risk
owners
Triggers
Potential
response
plans
Risks
eliminated by
changing the
project
management
plan
Additional
wachtlist items
What to do if an
identified risk
ocurrs:
contingency
plans
Probability
and impacts
reduced by
changing the
project
management
plan
What to do if
the contingency
plan is no
effective:
fallback plans
Residual risks
Risk
register
Final Project
management plan
Risk monitoring
and control
People to wacht
over each risk:
risk owners
Wachtlist of
non-top risks
23/05/2014
23/05/2014
23/05/2014
Adapt any policies and procedure for risk to the needs of the project
Tailor risk management activities to the needs of the project to make sure the level,
type, and visibility of activities are commensurate with:
The type an size of the project
The experience of the project team
The importance of the project to the organization
The number of times risk owners were not prepared to handle an identified risk
Etc
23/05/2014
The risk tolerance of your project sponsors and stakeholders In order to gain buy-in,
you need to create a plan your sponsors can support. It is not likely they will support
a plan that is in opposition to their agenda or is out of their comfort zone
The size and value of your project there is a cost to risk management, you shouldnt
spend more on preventing the risk than the cost of the risk occurring
The methodology you will use the methodology you use is not as important as
gaining agreement and buy-in on the methodology chosen
Sources of risk risk categories; think of all possible areas or events that could
introduce risk to your project
10
23/05/2014
11
23/05/2014
Sponsor
Project Manager
Risk team
Team
Risk Owner
Other Stakeholders
Identify Risks
As needed
As needed
As needed
12
23/05/2014
Confusing Terms
Risk rating: is a number between 1 and 10 chosen to evaluate the probability
or impact of the risk.
Risk score for each risk: to calculate this, you multiply probability times
impact. This gives you a numerical value for each risk. That value is then
compared to other risks in the project to determine the risk ranking for
each risk within the project.
Risk score for the project: To obtain the project risk score, you add up the risk
scores for each risk in the project.
Risk ranking within the project: to rank risks, you compare the risk scores for
all the risk. The risk with the hightest risk score becomes the hightest
ranking risk, the next hightest becomes second, etc
Risk ranking compared to other projects:
Identify Risks
13
23/05/2014
Identify Risks
Objectives
Identify and record a long list of threats and opportunities for the project
and by work package; long means hundreds of risks.
Make sure all risk are in the cause-risk-effcet format
Understand the risk
Identify Risks
This is the phase where you work with your team to identify as many risks as
possible
Things to remember
Identify Risks cant be completed without the project scope statement and
Work Breakdown Structure (WBS)
Identify Risks happens at the onset of the project and throughout the project
Risks can be identified at any time and during any phase of the project
Risk management is an iterative process, you should work to identify risk
during any changes to the project, working with resources, and when dealing
with issues
14
23/05/2014
Identify Risks
Inputs to identify risks
Project Chapter
Risk Management Plan
Outputs from project planning
List of common risk categories
Historical records and project documents
Stakeholder register
Identify Risks
Methods of documenting Risk
Forms
Checklists
Sticky notes
15
23/05/2014
Identify Risks
Techniques to identify risk
Brainstorming - the free-flow of ideas on risk, done with the project team,
stakeholders, subject matter experts, and experienced resources
Delphi technique an anonymous surveying of experts in which information
is sent to a group of experts on the risk. The experts each provide input, the
responses are compiled and then sent back to all of the experts for further
review; the process is repeated until consensus is reached.
Interviewing interviews of experts, project stakeholders, or associates who
have worked on similar projects in order to discover risks
Assumptions & constraints Analysis what assumptions have you made or
been given about your project? Are they valid? If not, you could have risk
Identify Risks
Techniques to identify risk
Root Cause Analysis Determining the cause of the risk; you might be able
to identify more risks this way or you might be able to eliminate the risk by
eliminating the cause
SWOT Analysis An analysis of the strengths, weaknesses, opportunities
and threats on your project
Checklist Analysis after you have identified your categories of potential
risks on your project, you create a checklist of these categories to make sure
youre not neglecting any area where risk can hide
16
23/05/2014
Identify Risks
Techniques to identify risk
Document review
FMEA / Fault tree analysis
Force field analysis
Industry knowledge base
Influence diagrams
Nominal group technique
Post project review / lessons learned / historical information
Identify Risks
Techniques to identify risk
Prompt lists
Questionaire
RBS
Cause and effect diagrams
System dynamics
WBS review
* Whenever possible, deal with the cause, not the effect
17
23/05/2014
Risk Factors
When analyzing your risk, you should be aware of the following risk factors
-
Expected timing, when in the project lifecycle the risk is likely to occur
Frequency or the event, how often the risk is expected to occur on the
project
Identify Risks
Outputs of Identify Risks
Risk Register
- List of risks
- List of potential responses
- Root causes of risks
- Updated risk categories
18
23/05/2014
19
23/05/2014
20
23/05/2014
21
23/05/2014
22
23/05/2014
23
23/05/2014
24
23/05/2014
25
23/05/2014
Probability
Impact
EMV
20%
$ (100,000.00)
$(20,000.00)
90%
10,000.00
$ 9,000.00
5%
30,000.00
$ 1,500.00
65%
$ (75,000.00)
$(48,750.00)
Total
$(58,250.00)
26
23/05/2014
27
23/05/2014
Setup Cost
Make
Buy
Cost/Unit
Units Needed
Defects/Unit
Defect
Cost
Total Cost
$200,000
$27.50
500,000
$13,750,000
20/10,000
$1,375.00
$13,951,375
$0
$30.00
500,000
$15,000,000
10/10,000
$1,500
$15,001,500
28
23/05/2014
29
23/05/2014
30
23/05/2014
31
23/05/2014
32
23/05/2014
33
23/05/2014
34
23/05/2014
35
23/05/2014
36
23/05/2014
37
23/05/2014
Risks
Risk response plans
Risk owners
Triggers
Contracts
Wachtlist
Time and cost reserves
38
23/05/2014
Requested Changes
Recommended Corrective & Preventive Actions
Updates to the Project Management Plan
Organizational Process Assets Updates
Risk Governance
39
23/05/2014
Risk Governance
Its extends throughout the project.
Risk governance involves oversight of the entire risk management process, making
sure the risk management activities are consistent, and that they are continuously
improved throughout the organization.
Risk Governance
Standards, Policies, Procedures, and Practices
40
23/05/2014
Risk Governance
Creation of Metrics
Metrics are standards of performance that, once evaluated, tell how work is
performing against the Plan and help you to measure the progress and to warn of
potential problems.
Risk Governance involves the creation of metrics for risk management activities in
the Organization.
Risk Governance
Lessons Learned Management
To ensure that lessons learned related to risk management are captured on all
projects and then made available for use on other projects.
Should include:
What went right?
What went wrong?
What would be done differently if the project could be done again?
41
23/05/2014
Questions?
42