Presented To: Sir Ali Raza Presented By: Kainat(06)Riffat(024)Asqsa(034) Group#06

“If You Don’t Actively Attack the Risks,

………without risks there is no reward The Risks Will Actively Attack You.” -Tom Gilb

What is a risk Risk Analysis Risk Categorization Other Risk Categories Risk management The Principles of Risk Management Risk management paradigm How To Manage the Risks Outlines

What is a Risk? “Risk is a potential problem.it might happen, it might not" “Risk is a potential problem.it might happen, it might not" But, regardless of the outcome, it is really good idea to identify the Risk and assess its probability of occurrence, estimate its impact and establish a Contingency Plan should the risk turns into a problem.

Example An example would be that team is working on a project and the An example would be that team is working on a project and the developer walks out of project and other person is recruited in his place and he doesn’t work on the same platform and converts it into the platform he is comfortable with. Now the project has to yield the same result in the same time span. Whether they will be able to complete the project on time. That is the risk of schedule.

Why Risk Analysis & Management is important? Why Risk Analysis & Management is important?  Because lots of things can go wrong in a project.  Understanding the risk and taking proactive measures to avoid or manage the risk is a element of a good Project Management.

What is Risk Analysis Risk Analysis Risk Analysis  “Investigation of available information to identify hazards and estimate risks”  “Risk analysis is the estimation of the risk associated with the identified hazards. It is qualitative or quantitative process of linking the likelihood of occurrence and severity of harms. In some risk management tools, the ability to detect the harm (detectability) also factors in estimation or risk.”

Purpose of“Risk Analysis” – To identifying, documenting and quantifying potential risk to product due to any activity, process, testing or change and to determine appropriate measures, with the objective of eliminating or reducing the risk to patient.

Benefits through “Risk Analysis” i.Identification of critical parameter ii.Improvement in product quality & safety iii.To find out the risk of any change in activity, process, testing or change. iv.Reduction in validation cost v.Establishes a systematic, well-informed and thorough method of decision making which leads to greater transparency and predictability vi.Increased knowledge of exposure to risk vii.Fosters quality by design, continuous improvement and new technology introduction, which generally leads to enhanced product quality

“Qualitative Risk Analysis” “Qualitative Risk Analysis” Assess impact and likelihood of the identified risk. Probability and Impact Matrix. Risk categorization. Risk urgency assessment.

“Quantitative Risk Analysis" “Quantitative Risk Analysis" Data gathering – Direct – Diagrammatic – Delphi Probability distribution Modeling Techniques – Decision tree Analysis – Sensitivity Analysis – Expert Judgment

Risk Categories:Risk Categories: 1. PROJECT RISKS "Project Risk is the risks that threaten the Project Plan" (If the Risks become real, it is likely that the Project Schedule will slip and that Project Cost will increase.) Project Risks Identify Potential Risk and their Impacts on the following issues:  Budgetary problem  Schedule  Personnel (Staffing and Organization)  Resource  Customer  Requirements Problem

2. TECHNICAL RISKS "Risks that threaten the Quantity and Timeliness of products to produced" (Technical Risk occurs because the problem is harder to solve than we thought it would be).If a Technical Risk becomes a reality, Project Implementation may become difficult or impossible.  Technical Risks identify the following Risk problems: “RISK CATAGORIES” Potential Design Risk problems  Potential Design Risk problems  Implementation Risk problems  Interface Risk problems  Verification Risk problems  Maintenance Risk problems

3.BUSINESS RISKS "Threaten the viability of the project to be built"  The top five Business Risks are: 1.Building an excellent product or system that no one really wants it (Market risk) 2.Building a product that no longer fits into the overall business strategy of the company (Strategic risk) 3.Building a product that sales force doesn’t understand how to sell 4.Losing the support of senior management due to a change in focus or a change in managerial people (Management risk). “RISK CATAGORIES” 5. Losing budgetary or personnel commitment (Budget risk).

“RISK MANAGEMENT”  Risk is an uncertain event that may have a positive or negative impact on the project. impact on the project.  Risk Management is the process of identifying and migrating risk.

Why is it important?  Risk affects all aspects of your project – your budget, your schedule, your scope, the agreed level of quality, and so on.  Increase probability of positive event.  Reduce the occurrence of negative event.

“Seven Principles” 1.Maintain a global perspective 2.Take a forward-looking view 3.Encourage open communication 4.Integrate 5.Emphasize a continuous process 6.Develop a shared product vision 7.Encourage teamwork

“ “TWO RISK STRATEGIES ARE”

Proactive Risk Management: Proactive Risk Management: The primary objective of Proactive Risk strategy is to avoid Risk, But because not all risks can be avoided the team works to develop a ‘’Contingency Plan’’ that will enable the team to respond risk in a controlled and effective manner. Reactive Risk Management: Reactive Risk Management: project team reacts to risks when they occur project team reacts to risks when they occur mitigation mitigation —plan for additional resources in anticipation of fire fighting fix on failure fix on failure —resource are found and applied when the risk strikes crisis management crisis management —failure does not respond to applied resources and project is in jeopardy “TWO RISK STRATEGIES ARE”

“Risk Management Lifecycle"

“Plan Risk Management”  Analysis and decision making to implement risk management.  Appropriate to size and complexity of the project.  Stakeholders will be involved in planning risk management.

“Risk Projection”  Risk projection, also called risk estimation, attempts to rate each risk in two ways 1. the likelihood or probability that the risk is real 2. the consequences of the problems associated with the risk, should it occur.  The are four risk projection steps: 1.establish a scale that reflects the perceived likelihood of a risk 2.delineate the consequences of the risk 3.estimate the impact of the risk on the project and the product, 4.note the overall accuracy of the risk projection so that there will be no misunderstandings.

“Risk identification” 1.Product size 2.Business impact 3.Customer characteristics 4.Process definition. 5.Development environment. 6.Technology to be built 7.Staff size and experience.

“Plan Risk Response” “Plan Risk Response” Negative risk or threat Negative risk or threat – Avoid – Transfer – Mitigate – Accept Positive risk or opportunity Positive risk or opportunity – Exploit – Share – Enhance

“Monitor and Control Risk” “Monitor and Control Risk”  Risk Reassessment (Scheduled regularly to identify new risk)  Risk Audit (Examine the effectiveness of planned risk response)  Trend analysis (Monitor overall project performance)

What are the benefits? Effective use of resources Effective use of resources Promoting continuous improvement Promoting continuous improvement Fewer shocks and failures Fewer shocks and failures Strategic business planning Strategic business planning Raised awareness of significant risks. Raised awareness of significant risks. Quick grasp of new opportunities Quick grasp of new opportunities Enhancing communication Enhancing communication Reassuring stakeholders Reassuring stakeholders Focus on internal audit programme Focus on internal audit programme Recognition of responsibility and accountability. Recognition of responsibility and accountability.

Thank You…