1. Quality & Risk Management

2. Are you sure this is going to work?

3. If you don’t have the time to do it right, when do you think you are going to get the time to do it over?
“Good enough” never is!
Do it right the first time!

4. Question
How many of you have tasks in your project plan which allocate time, money, and/or other resources towards monitoring quality and rework?
Quality doesn’t “just happen”!

5. What Went Wrong?
In 1986, two hospital patients died after receiving fatal doses of radiation from a Therac 25 machine after a software problem caused the machine to ignore calibration data
In one of the biggest software errors in banking history, Chemical Bank mistakenly deducted about $15 million from more than 100,000 customer accounts
In August 2008, the Privacy Rights Clearinghouse stated that more than 236 million data records of U.S. residents have been exposed due to security breaches since January 2005

6. What is the purpose of : Web research Unit testing Integration testing
System testing
User acceptance testing

7. System testing : tests the entire system as one entity
Unit testing : tests each individual component (often a program) to ensure it is as defect-free as possible
Integration testing : occurs between unit and system testing. Combine all of the units within a program and test them as a group
System testing : tests the entire system as one entity
User acceptance testing : is an independent test performed by end users prior to accepting the delivered system
Who performs the test?
- Developer
- QA team / testers
- End users

8. Testing Tasks in the Software Development Life Cycle

9. What is “Project Risk Management” and why do we do it
What is “Project Risk Management” and why do we do it? When do we start to practice good project risk management?
Web research
Art and science of identifying, analyzing, and responding to risk throughout the life of a project and in the best interests of meeting project objectives
Start with selecting the good projects, determining project scope, and developing realistic estimates

10. Questions Why do I have… Life insurance, I’m not planning on dying?
Disability insurance, I’m not planning on becoming disabled?
Auto insurance, I’m not planning on getting in an accident?
Why do I pay all of this money every year when I probably won’t need it?
What additional costs should I include in my project plans just in case?

11. Questions Web research
What is the difference between “known risks” and “unknown risks”?
Two identical projects :
One being lead by a typical project manager - the other lead by an alpha project manager
Which has a longer list of “known risks”? Why?
Who is less likely to be surprised by a problem?
‘Known’ risks are somewhat predictable & proactively managed. ‘Known’ indicates those risk that can be identified, analyzed & planned in advance.
Unknown risks are those unable to be anticipated and described. Unknown risks cannot be managed proactively. These risks that result from the uniqueness of the work and they are difficult or impossible to anticipate.

12. Web research
What are “contingencies and fallback plans”? What are “contingency and management reserves”?

13. Contingency Reserves :
Contingency Plan: predefined actions that the project team will take if an identified risk event occurs
Fallback Plan: developed to deal with risks if the primary planned risk response is not effective , i.e. Plan B
Contingency Reserves :
1.Used for known unknowns developed in risk plan
2.Usually managed and “owned” by the project manager
3.Derived via Quantitative analysis methods
Management Reserves :
1.Used for unknown unknowns not identified in risk plan
2.Usually held “owned” by the sponsor, portfolio, company, etc.
3.Derived via Qualitative analysis methods

14. Class exercise: Web Research
Where are most of the risks associated with IT projects (come up with top 5)?

15. My top 10 Project Mgmt. Risks:
Scope is poorly defined
Poor data requirements
Scope creep or too many scope changes
Poor leadership / communication
Inadequate Skills for the project or insufficient staff
Staff turn over
No continuity (staff, leadership, project plan, etc.)
Lack of stakeholder Engagement / support
Change to business strategy
Improper risk management

16. What should you do to address the most significant risks?

17. What is the “Risk Register” and what does it contain?
Web Research
It is a risk Log, a master document which is created during the early stages of your project. It is a tool that plays an important part in your Risk Management Plan, helping you to track issues and address problems as they arise.

18. Risk Register Contents
An identification number for each risk event
A description of each risk event
The probability of the risk
The impact of each risk occurring
A risk score (probability multiplied by the impact)
A rank for each risk event
Risk responses to each risk (which strategy will you use?)
The risk owner or person who will own or take responsibility for each risk
The status of each risk

19. Risk Register Example
Include the strategy type and the description

20. What is “Qualitative Risk Analysis”?
Web Research
What is “Qualitative Risk Analysis”?
Qualitative risk analysis is a project management technique concerned with discovering the probability of a risk event occurring and the impact the risk will have if it does occur.

21. Probability/Impact Matrix

22. Chart Showing High, Medium, and Low-Risk Technologies

23. Top Ten Risk Item Tracking
Qualitative risk analysis tool
Maintain an awareness of risks throughout the life of a project
Establish a periodic review of the top ten project risk items

25. What is “Quantitative Risk Analysis”?
Web Research
What is “Quantitative Risk Analysis”?
Quantitative risk analysis assigns a projected value (usually this value is stated in terms of cost or time) to the risks that have already being ranked by the previous process 'perform qualitative risk analysis'.

26. Once you have identified your risks, what can you do about them?
Web Research
Risk avoidance – eliminate the cause of a risk. Forget the new hardware, we’ll use the old proven gear.
Risk acceptance – “If it Happens, It Happens” for threats and opportunities
Risk transfer – Assigning the Risk to Someone Else (subcontract, warranty or insurance)
Risk mitigation – can’t eliminate the risk but can make it hurt less if it occurs : Reducing the Expected Value by reducing Probability or Impact (or both)

27. Monitoring and Controlling Risks
Involves executing the risk management process to respond to risk events
If you don’t add tasks to your WBS, it isn’t going to happen!
Main outputs of risk monitoring and control are:
Risk register updates/Top 10 updates
Organizational process assets updates
Updates to the project management plan and other project documents

28. Results of Good Project Risk Management
Unlike crisis management, good project risk management often goes unnoticed
Well-run projects appear to be almost effortless, but a lot of work goes into running a project well
Project managers should strive to make their jobs look easy to reflect the results of well-run projects