Presentation on theme: "Project Management. Risk Management Process Risk Uncertain or chance events that planning can not overcome or control."— Presentation transcript:
Risk Management Process Risk Uncertain or chance events that planning can not overcome or control.
Risk Management Process Risk Management A proactive attempt to recognize and manage internal events and external threats that affect the likelihood of a project’s success.
Risk Management Process Risk Management What can go wrong (risk event). How to minimize the risk event’s impact (consequences).
Risk Management Process Risk Management What can be done before an event occurs (anticipation). What to do when an event occurs (contingency plans).
The Risk Event Graph
Risk Categorization Known risks Those risks that can be uncovered after careful evaluation of the project plan, the business and technical environment in which the project is being developed, and other reliable information sources (e.g., unrealistic delivery date) Predictable risks Those risks that are extrapolated from past project experience (e.g., past turnover) Unpredictable risks Those risks that can and do occur, but are extremely difficult to identify in advance
Reactive vs. Proactive Risk Strategies Reactive risk strategies "Don't worry, I'll think of something" The majority of software teams and managers rely on this approach Nothing is done about risks until something goes wrong The team then flies into action in an attempt to correct the problem rapidly (fire fighting) Crisis management is the choice of management techniques
Reactive vs. Proactive Risk Strategies Proactive risk strategies Steps for risk management are followed (see next slide) Primary objective is to avoid risk and to have a contingency plan in place to handle unavoidable risks in a controlled and effective manner
Mitigating a risk refers to taking action to either reduce the likelihood that a risk (bad event) will happen and/or reduce the impact the risk has on the project. Contingency planning is developing a response if the risk occurs. Mitigating is preventive while contingency is reactive.
Risk Management’s Benefits A proactive rather than reactive approach. Reduces surprises and negative consequences. Prepares the project manager to take advantage of appropriate risks. Provides better control over the future. Improves chances of reaching project performance objectives within budget and on time.
The Risk Management Process
Managing Risk Step 1: Risk Identification Generate a list of possible risks through brainstorming, problem identification and risk profiling. Macro risks first, then specific events
Assess Probability & Impact Weighted Value Probability of Occurrence Benefit of Opportunity
Risk Assessment Form
Managing Risk (cont’d) Step 3: Risk Response Development Mitigating Risk (2-strategies) Reducing the likelihood an adverse event will occur. Reducing impact of adverse event. e.g. prototype e.g. two suppliers Transferring Risk Paying a premium to pass the risk to another party.
Managing Risk (cont’d) Step 3: Risk Response Development Avoiding Risk Changing the project plan to eliminate some of the risk or condition. e.g. selection of supplier Sharing Risk Allocating risk to different parties e.g. Research and development two institutions
Managing Risk (cont’d) Step 3: Risk Response Development Retaining Risk Making a conscious decision to accept the risk. e.g. earthquake
Contingency Planning Contingency Plan An alternative plan that will be used if a possible foreseen risk event actually occurs. A plan of actions that will reduce or mitigate the negative impact (consequences) of a risk event.
Contingency Planning Risks of Not Having a Contingency Plan Having no plan may slow managerial response. Decisions made under pressure can be potentially dangerous and costly.
Risk Response Matrix
1. Project Risk Management includes all of the following processes except: ARisk Monitoring and Control BRisk Identification C Risk Avoidance D Risk Response Planning E Risk Management Planning
2. A risk response which involves eliminating a threat is called: AMitigation BDeflection C Avoidance D Transfer E b and d
3. Deflection or transfer of a risk to another party is part of which of the following risk response categories? AMitigation BAcceptance C Avoidance D Analysis
7. The one document that should always be used to help identify risk is the: ARisk Management Plan BWBS C Scope Statement D Project Charter E Contingency Plan
8. Risks are accepted when: A You develop a contingency plan to execute should the risk event occur B You accept the consequences of the risk C You transfer the risk to another party D You reduce the probability of the risk event occurring E a and b
9. By using Project Risk Management techniques project managers can develop strategies that do all but which of the following: A Significantly reduce project risks B Eliminate project risks C Provide a rational basis for better decision making D Identifying risks, their impact(s), and any appropriate responses E None of the above