Presentation is loading. Please wait.

Presentation is loading. Please wait.

Dr. Nguyen Hai Quan  Problems that haven’t happened yet  Why is it hard?  Some are wary of bearing bad news ◦ No one wants.

Published byMelvin Austen Gardner Modified over 8 years ago

Similar presentations

Presentation on theme: "Dr. Nguyen Hai Quan  Problems that haven’t happened yet  Why is it hard?  Some are wary of bearing bad news ◦ No one wants."— Presentation transcript:

1 Dr. Nguyen Hai Quan Email: Quan_nh@yahoo.com

2  Problems that haven’t happened yet  Why is it hard?  Some are wary of bearing bad news ◦ No one wants to be the messenger ◦ Or seen as “a worrier”  You need to define a strategy early in your project 2

3  Identification, Analysis, Control  Goal: avoid a crisis  Thayer: Risk Mgmt. vs. Project Mgt. ◦ For a specific vs. all projects ◦ Proactive vs. reactive 3

4  Characterized by: ◦ Uncertainty (0 < probability < 1) ◦ An associated loss (money, life, reputation, etc) ◦ Manageable – some action can control it  Risk Exposure ◦ Product of probability and potential loss  Problem ◦ A risk that has materialized 4

5  Schedule Risks  Schedule compression (customer, marketing, etc.)  Cost Risks  Unreasonable budgets  Requirements Risks  Incorrect  Incomplete  Unclear or inconsistent  Volatile 5

6  Quality Risks  Operational Risks  Most of the “Classic Mistakes” ◦ Classic mistakes are made more often 6

7 7 “Software Risk Management”, Boehm, 1989

8  Get your team involved in this process ◦ Don’t go it alone  Produces a list of risks with potential to disrupt your project’s schedule  Use a checklist or similar source to brainstorm possible riskschecklist 8

9  Determine impact of each risk  Risk Exposure (RE)  a.k.a. “Risk Impact”  RE = Probability of loss * size of loss  Ex: risk is “Facilities not ready on time”  Probability is 25%, size is 4 weeks, RE is 1 week  Ex: risk is “Inadequate design – redesign required”  Probability is 15%, size is 10 weeks, RE is 1.5 weeks  Statistically are “expected values”  Sum all RE’s to get expected overrun  Which is pre risk management 9

10  Estimating size of loss  Loss is easier to see than probability  You can break this down into “chunks” (like WBS)  Estimating probability of loss  Use team member estimates and have a risk-estimate review  Use Delphi or group-consensus techniques  Use gambling analogy” “how much would you bet”  Use “adjective calibration”: highly likely, probably, improbable, unlikely, highly unlikely 10

11  Remember the 80-20 rule  Often want larger-loss risks higher ◦ Or higher probability items  Possibly group ‘related risks’  Helps identify which risks to ignore ◦ Those at the bottom 11

12  Known Unknowns ◦ Information you know someone else has  Unknown Unknowns ◦ Information that does not yet exist 12

13  Risk Management Plan ◦ Can be 1 paragraph per risk ◦ McConnell’s exampleexample 13

14 ◦ Risk Avoidance  Don’t do it  Scrub from system  Off-load to another party  McConnell: design issue: have client design ◦ Risk Assumption  Don’t do anything about it  Accept that it might occur  But still watch for it 14

15 ◦ Problem control  Develop contingency plans  Allocate extra test resources  See McConnell pg. 98-99 ◦ Risk Transfer  To another part of the project (or team)  Move off the critical path at least ◦ Knowledge Acquisition  Investigate  Ex: do a prototype  Buy information or expertise about it  Do research 15

16  Top 10 Risk List  Rank  Previous Rank  Weeks on List  Risk Name  Risk Resolution Status  A low-overhead best practice  Interim project post-mortems ◦ After various major milestones  McConnell’s exampleexample 16

17  Don’t be afraid to convey the risks  Use your judgment to balance ◦ Sky-is-falling whiner vs. information distribution 17

18  A risk-reduction technique  Use of small goals within project schedule ◦ One of McConnell’s Best Practices (Ch. 27)  Fine-grained approach to plan & track  Reduces risk of undetected project slippage  Pros ◦ Enhances status visibility ◦ Good for project recovery  Cons ◦ Increase project tracking effort 18

19  Can be used throughout the development cycle  Works with will hard-to-manage project activities or methods ◦ Such as with evolutionary prototyping  Reduces unpleasant surprises  Success factors ◦ Overcoming resistance from those managed ◦ Staying true to ‘miniature’ nature  Can improve motivation through achievements 19

20  Requires a detailed schedule  Have early milestones  McConnell says 1-2 days ◦ Longer is still good (1-2 weeks)  Encourages iterative development  Use binary milestones ◦ Done or not done (100%) 20

21  To help you identify risks, a list of commonly occurring risks is a good starting point.  For risk prioritization, classify the probabilities of risks and their impacts into categories.  For the top few risks, plan the risk mitigation steps, and ensure that they are properly executed during the project.  Monitor and re-evaluate the risks periodically.

22 November 16, 2006 22 IT Risk Portfolio Mitigat ion Likeliho od Critical ity Thre ats Risk Are as Identificatio n & Measuremen t Risk Management Monitor Ability to Contr ol Monitor ing

23 November 16, 2006 23 Risk ConsiderationsImpact Criticality to Core Business Process Financial loss of revenue Strategic impact on future revenue streams Reputation Operational impact on delivery of business’ services Legal/regulatory/compliance financial penalties Likelihood Of Sustained Interruption Odds of the threat being realized Length of disruption & business criticality determine impact Considered when determining risk mitigation response Ability to Control Outcome Ability to implement risk mitigation measures Effectiveness of risk mitigation measures Considered in the effectiveness of mitigation techniques Risk Mitigation Alternatives Avoid Risk by not implementing technology Accept Risk if the cost outweighs the benefit Transfer Risk to third party Reduce Risk by Implementing Risk Mitigation Controls

24 November 16, 200624 ThreatExposureMitigation Status Data Center Power OutageLowComplete, stable, monitoring Hardware FailureMediumComplete, stable, monitoring Data Center Fire/WaterLowComplete, stable, monitoring WW Data Network FailureMediumComplete, stable, monitoring WW Voice Network FailureLowComplete, stable, monitoring Natural Disaster Service InterruptionMediumActively strengthening Criminal Activity/Theft/VandalismHighActively strengthening Civil Unrest & TerrorismLowComplete, stable, monitoring Software errors affecting availability & integrityMediumComplete, stable, monitoring Human ErrorsMediumActively strengthening Project ManagementMediumActively strengthening Business System Change ControlMediumComplete, stable, monitoring ObsolescenceMediumComplete, stable, monitoring Unauthorized IntrusionsMediumActively strengthening Exposure = (Impact x Probability)/ Risk Mitigation

25 November 16, 2006 25  CIO and Direct Reports  Review IT Risk Considerations  Update IT Risk Summary as Required  Review Significant Events During the Quarter  Review Quarterly Status and Action Plan  Update Specific Risks and Mitigation Techniques  Publish Report to CFO

26 November 16, 2006 26 Detected: Resolved: Risk Threat Category: Event Description Problem Recovery Problem Analysis Problem Resolution Future Mitigation

27 November 16, 2006 27 Risk Category  Activity past Quarter  Plans for Upcoming Quarters 

28 November 16, 200628 THREATEXPOSUREMITIGATION Data Center Power Outage Ability to replenish diesel fuel Campus fed by single power Sub-station State-of-the-art power conditioning, and Uninterruptible Power Systems (batteries) Backup diesel power generators (24 hour fuel supply) Multiple power distribution systems Facilities has a 6 hour guarantee fuel delivery

Download ppt "Dr. Nguyen Hai Quan  Problems that haven’t happened yet  Why is it hard?  Some are wary of bearing bad news ◦ No one wants."

Similar presentations

Chapter 7 Managing Risk.

Chapter 7 Managing Risk.
Facilitated by Joanne Fraser RiverSystems

Facilitated by Joanne Fraser RiverSystems
Q7503, Summer 2002 1 Software Project Management Session 7: Risk and Change Management.

Q7503, Summer Software Project Management Session 7: Risk and Change Management.
Note: See the text itself for full citations. Information Technology Project Management, Seventh Edition.

Note: See the text itself for full citations. Information Technology Project Management, Seventh Edition.
2006 TEA Conference Terry Berends, PE Assistant State Design Engineer Washington State Department of Transportation Risk Based Estimating Tools at WSDOT.

2006 TEA Conference Terry Berends, PE Assistant State Design Engineer Washington State Department of Transportation Risk Based Estimating Tools at WSDOT.
Project Management Gaafar 2007 / 1 This Presentation is uses information from PMBOK Guide 2000 Project Management Risk Management* Dr. Lotfi Gaafar.

Project Management Gaafar 2007 / 1 This Presentation is uses information from PMBOK Guide 2000 Project Management Risk Management* Dr. Lotfi Gaafar.
Project Management.

Project Management.
Project Management Risk Management. Introduction Project planning Gantt chart and WBS Project planning Network analysis I Project planning Network analysis.

Project Management Risk Management. Introduction Project planning Gantt chart and WBS Project planning Network analysis I Project planning Network analysis.
Projmgmt-1/33 DePaul University Project Management I - Risk Management Instructor: David A. Lash.

Projmgmt-1/33 DePaul University Project Management I - Risk Management Instructor: David A. Lash.
Project Risk Management

Project Risk Management
29 Jul 2005CSE403, Summer'05 Student Startup Sequence Verify network connection Rotate to Landscape mode Start Presenter 2.0 Maximize Application Role->Student.

29 Jul 2005CSE403, Summer'05 Student Startup Sequence Verify network connection Rotate to Landscape mode Start Presenter 2.0 Maximize Application Role->Student.
Computer Engineering 203 R Smith Risk Management 7/2009 1 Risk Management The future can never be predicted with 100% accuracy. Failure to plan for risks.

Computer Engineering 203 R Smith Risk Management 7/ Risk Management The future can never be predicted with 100% accuracy. Failure to plan for risks.
Session 33 Guest Speaker: Gini Van Siclen. Risk Management for Project Managers Gini Van Siclen.

Session 33 Guest Speaker: Gini Van Siclen. Risk Management for Project Managers Gini Van Siclen.
Software Project Risk Management

Software Project Risk Management
Managing Risk to Reduce Construction Claims (And Improve Project Success) Presented by Laurie Dennis, PE, CVS-Life, FSAVE.

Managing Risk to Reduce Construction Claims (And Improve Project Success) Presented by Laurie Dennis, PE, CVS-Life, FSAVE.
CIS 375 Bruce R. Maxim UM-Dearborn

CIS 375 Bruce R. Maxim UM-Dearborn
LSU 10/09/2007Risk Management1 Risk & Risk Management Project Management Unit #5.

LSU 10/09/2007Risk Management1 Risk & Risk Management Project Management Unit #5.
8 Managing Risk Teaching Strategies

8 Managing Risk Teaching Strategies
CSE Senior Design I Risk Management Instructor: Mike O’Dell This presentations was derived from the textbook used for this class: McConnell, Steve, Rapid.

CSE Senior Design I Risk Management Instructor: Mike O’Dell This presentations was derived from the textbook used for this class: McConnell, Steve, Rapid.
ELECTRONIC SYSTEMS ENGINEERING TECHNOLOGY TEXAS A&M UNIVERSITY Innovating tomorrow’s products and systems today Dr. Joseph A. Morgan, D.E., P.E.

ELECTRONIC SYSTEMS ENGINEERING TECHNOLOGY TEXAS A&M UNIVERSITY Innovating tomorrow’s products and systems today Dr. Joseph A. Morgan, D.E., P.E.

Similar presentations

Ads by Google