Presentation is loading. Please wait.

Presentation is loading. Please wait.

Iterative Risk Management Workflow Tool

Similar presentations


Presentation on theme: "Iterative Risk Management Workflow Tool"— Presentation transcript:

1 Iterative Risk Management Workflow Tool
James C. Helm, Ph.D., P.E. Assistant Professor, Systems Engineering And Hamsini Ravipati Graduate Student School of Natural and Applied Sciences 2700 Bay Area Boulevard Houston, Texas VPN FAX

2 Iterative Risk Management Workflow Tool
This paper presents: A risk management paradigm A risk information sheet content An iterative risk management workflow prototype tool The risk management paradigm is a set of functions that are identified as continuous activities throughout the life cycle of a project. The risk information sheet is a format that records the risk information gathered during each paradigm function. The risk management workflow processes the risk information sheets associated with the five stages of the iterative risk management lifecycle. Individual sections of the risk information sheet pertinent to the five stages of the paradigm are entered and saved in an Oracle database. The iterative stages are identify, analyze plan, track, and control. A prototype risk management workflow tool for recording and saving the risk information sheets was developed.

3 Risk Management Paradigm
The Risk Management paradigm illustrates a set of functions that are identified as continuous activities throughout the life cycle of a project.

4 Components of Risk Management - 1
Identify search for and locate risks before they become problems Analyze convert risk data into useable information for determining priorities and making decisions Plan translate risk information into planning decisions and mitigating actions (both present and future), and implement those actions The purpose of Identify is to locate risks before they become problems and to incorporate this information into the project management process. Anyone in a project can identify risks to the project. Each individual has particular knowledge about the project. Risk versus Problems - risks haven’t happened (Iceberg and Titanic example) The purpose of Analyze is to convert risk data into decision-making information. Category risks Prioritized Risks The purpose of Plan is ensure the consequences and sources of the risk are known develop effective plans plan efficiently (only as much as needed or will not be of benefit) to produce, over time, the correct set of actions that minimize the risk and impacts (cost and schedule) while maximizing opportunity and value plan important risks first assign responsibility for tracking and controlling risk

5 Components of Risk Management - 2
Track monitor risk indicators and mitigation actions Control correct for deviations from the risk mitigation plans and decide on future actions Communicate & Document provide information and feedback to the project on the risk activities, current risks, and emerging risks The purpose of Track is to collect accurate, timely, and relevant risk information and to present it in a clear and easily understood manner appropriate to the person/group who receives the status report. Tracking is done by the person(s) responsible for monitoring “watched” or “mitigated” risks. The status report information generated during tracking is used by project personnel during the control function of the paradigm to make decisions about managing risks. The purpose of Control is to make informed, timely, and effective decisions regarding risks and their mitigation plans. The purpose of Communicate is for project personnel to understand the project’s risks and mitigation alternatives understand the risk data and make informed choices within the constraints of the project eliminate barriers to effective communication Communication and Documentation are present in all other functions of the paradigm and is essential for managing risks. Communication of risk information is often difficult because the concept of risk deals with 1) probability and 2) negative consequences

6 Components of a Risk Statement
there is a possibility that Given the ; Condition Consequence will occur Risk Statement Condition: a single phrase that identifies possible future problems, and describes current key circumstances, situations, etc. that are causing concern, doubt, anxiety, or uncertainty Consequence: a single phrase or sentence that describes the key, negative outcome(s) of the current conditions The condition-consequence format provides a more complete picture of the risk, which is critical during mitigation planning. It can be read as follows: given the <condition> there is a possibility that <consequence> will occur The condition component focuses on what is currently causing concern. What keeps you up nights? This is something that is true or widely perceived to be true. This component provides information that is useful when determining how to mitigate a risk. The consequence component focuses on the impact of the risk. Understanding the depth and breadth of the impact is useful in determining how much time, resources, and effort should be allocated to the mitigation effort. A well-formed risk statement has only one condition, but may have one or more consequences.

7 IDENTIFY Risk Information Sheet
Risk Management database Complete: ID Date Identified Risk statement Origin Risk Context The risk information sheet records the information gathered during each of the paradigm function. The shaded areas indicate the following fields will be completed during: IDENTIFY ID: unique identifier for the risk, numeric, or alphanumeric; assigned by project or organization or CM office Identified: date when the risk was identified Statement: statement of the risk Origin: Organization or person who identified the risk Context: Associated information that clarifies the risk

8 Risk Information Sheet
ANALYZE Risk Information Sheet Related areas: Priority Probability Impact Timeframe Class The shaded areas indicate the following fields will be filled out during: ANALYZE Priority: The priority ranking of the risk Probability: The likelihood of occurrence—exact value depends on the level of analysis Impact: The degree of impact—exact value depends on the level of analysis Timeframe: The timeframe in which action is needed Class: The classification of the risk (could be more than one value); the class or group the risk belongs to

9 Risk Information Sheet
PLAN Risk Information Sheet Risk Information Sheet Status Status Date Approval Closing Date Closing Rationale Contingency Plan and Trigger Mitigation Strategy Context Statement Origin Probability Impact Timeframe Class Assigned Identified: __/__/__ to: ___/___/___ Priority ID To be completed: Assigned to Mitigation Strategy Contingency plan and trigger The shaded areas indicate that the following fields will be completed during: PLAN Assigned to: Who is responsible for mitigating the risk. Mitigation strategy: The selected mitigation strategy for mitigating the risk. This field can also be used to document the other approaches that can be taken and their information (e.g., research approach with its research plan; watch approach with its tracking requirements; accept approach with its acceptance rationale) Contingency plan and trigger: A contingency plan, if one exists, and the event or time that triggers it, should the mitigation strategy fail.

10 Risk Information Sheet
TRACK Risk Information Sheet Completed or Updated: Priority Probability Impact Timeframe Status Status Date The shaded areas indicate that the following fields will be completed during: TRACK Status/status date: Running status information that provides a history of what is being done for the risk and of any changes in the risk. Probability: Likelihood of occurrence—exact value depends on type of analysis Impact: Degree of impact—exact value depends on type of analysis Timeframe: Timeframe in which the risk will occur or action is needed Priority: Priority ranking of the risk

11 Risk Information Sheet
CONTROL Risk Information Sheet Completed Items: Approval Closing date Closing rationale Status The shaded areas indicate the fields that will be completed during: CONTROL Approval: Approval for mitigation strategies or closure. For transferred risks, this may require the transferor's signature. Closing date: The date when the risk was closed. Closing rationale: The rationale for closure of the risk, e.g., probability is zero.

12 Risk Management Work Flow
This is the home page for the iterative risk management workflow prototype tool


Download ppt "Iterative Risk Management Workflow Tool"

Similar presentations


Ads by Google