7Risk Categorization Known risks Those risks that can be uncovered after careful evaluation of the project plan, the business and technical environment in which the project is being developed, and other reliable information sources (e.g., unrealistic delivery date)Predictable risksThose risks that are extrapolated from past project experience (e.g., past turnover)Unpredictable risksThose risks that can and do occur, but are extremely difficult to identify in advance
8Reactive vs. Proactive Risk Strategies Reactive risk strategies"Don't worry, I'll think of something"The majority of software teams and managers rely on this approachNothing is done about risks until something goes wrongThe team then flies into action in an attempt to correct the problem rapidly (fire fighting)Crisis management is the choice of management techniques
9Reactive vs. Proactive Risk Strategies Steps for risk management are followed (see next slide)Primary objective is to avoid risk and to have a contingency plan in place to handle unavoidable risks in a controlled and effective manner
10Mitigating a risk refers to taking action to either reduce the likelihood that a risk (bad event) will happen and/or reduce the impact the risk has on the project.Contingency planning is developing a response if the risk occurs.Mitigating is preventive while contingency is reactive.
11Risk Management’s Benefits A proactive rather than reactive approach.Reduces surprises and negative consequences.Prepares the project manager to take advantage of appropriate risks.Provides better control over the future.Improves chances of reaching project performance objectives within budget and on time.
17Managing Risk (cont’d) Step 3: Risk Response DevelopmentMitigating Risk (2-strategies)Reducing the likelihood an adverse event will occur.Reducing impact of adverse event.e.g. prototypee.g. two suppliersTransferring RiskPaying a premium to pass the risk to another party.Mitigate means to make less severe
18Managing Risk (cont’d) Step 3: Risk Response DevelopmentAvoiding RiskChanging the project plan to eliminate some of the risk or condition.e.g. selection of supplierSharing RiskAllocating risk to different partiese.g. Research and development two institutionsMitigate means to make less severe
19Managing Risk (cont’d) Step 3: Risk Response DevelopmentRetaining RiskMaking a conscious decision to accept the risk.e.g. earthquakeMitigate means to make less severe
20Contingency Planning Contingency Plan An alternative plan that will be used if a possible foreseen risk event actually occurs.A plan of actions that will reduce or mitigate the negative impact (consequences) of a risk event.
21Contingency Planning Risks of Not Having a Contingency Plan Having no plan may slow managerial response.Decisions made under pressure can be potentially dangerous and costly.
24A Risk Monitoring and Control B Risk Identification C Risk Avoidance 1. Project Risk Management includes all of the following processes except:A Risk Monitoring and ControlB Risk IdentificationC Risk AvoidanceD Risk Response PlanningE Risk Management PlanningC
252. A risk response which involves eliminating a threat is called: A MitigationB DeflectionC AvoidanceD TransferE b and dC
263. Deflection or transfer of a risk to another party is part of which of the following risk response categories?A MitigationB AcceptanceC AvoidanceD AnalysisA
277. The one document that should always be used to help identify risk is the: A Risk Management PlanB WBSC Scope StatementD Project CharterE Contingency PlanB
288. Risks are accepted when: A You develop a contingency plan to execute should the risk event occurB You accept the consequences of the riskC You transfer the risk to another partyD You reduce the probability of the risk event occurringE a and bE
299. By using Project Risk Management techniques project managers can develop strategies that do all but which of the following:A Significantly reduce project risksB Eliminate project risksC Provide a rational basis for better decision makingD Identifying risks, their impact(s), and any appropriate responsesE None of the aboveB