Figure 1: Risk (Leading news paper, 2012) |
Today lecturer started the lecture by defining the risk. Risk is an action that can have negative or positive outcome (Probability of risk can be positive or negative). As an example If a person buy a lottery ticket he/she can win or lose. Winning the lottery ticket is the positive outcome and lose the lottery ticket is the negative outcome. Risk is a part of every human endeavor.
Status quo- Status quo is the current standard. If someone goes beyond the current standard then it calls as a risk. Which means challenging the status quo. Ex:- Shops normally open 9.00 am - 7.00 pm. If a shop open 24/7 which means it has gone beyond the status quo and has taken a risk.
Risks are uncertain, do not know what the outcome can be (positive or negative)
There are three different ways of addressing a risk. They are,
Certain cultures would try to avoid uncertainty. As an example in US it is must to every house must have a smoke detector, sprinklers. But in Sri Lanka most of the houses does not have and it also not a must.
From a research has found out Germany has 65% has high certainty avoidance.
The Importance of Risk Management for Projects
Projects are schedule for a certain time period. If any problem rise during the project it affects to the whole project and leads project to a failure. Sometimes project will be able to deliver within a given time period but with errors or incompletely.
From a research has found out most of the projects fails because of poor requirement identification and without proper project plan and without stick to the project plan.
Risks that projects face
There are mainly two types of risks. They are,
Under strategic risks there are sub categories they are,
- Project Abandonment- As an example if a person outsource his/her project to a small scale company and suddenly company close due to some financial problem. From this the person who outsource the project has face to a loss.
-Massive over run/over spend- Invest high amount of money for a project and if the project is a failure there is a huge lose this called as massive over run or over spend.
-Loss of Client Confidence- If the developed system do not satisfy customer requirements or if the system full of errors then the client confidence over the development group lose.
Operational Risk
Under operational cost there three sub categories. They are,
- Constant Change /re-planning/inefficiency- This risk can explain by feature creep. Feature creep means requirements will be added middle of the project. Because of this additional requirement whole project plan need to change. In this case development team need to negotiate with the customer and extend the project time period from that project team will be able to give a satisfy system to customer with adding additional requirements.
- Over run/over spend - This has explained under the strategic risks
-Low morale/unacceptable working conditions- This can happen lack of motivation among the members in the project team or low morale. Also due to poor working environment as well.
Risk Continuum
Above figure illustrates of risk continuum. Risk continuum helps to categorized different types of risks that can rise in a project or an event.
Close Report- Once the a particular project completed and the report make for the project called as close report.
Risk Management Process
Disaster recovery plan (DRP) helps companies for over come or reduce the negative impact from a disaster. After the huge 9/11 attack many organizations started implement DRPs for their companies.
Risk planning
adopt risk management approach/policy
There are three different ways of addressing a risk. They are,
- Risk Detection- Ex:- smoke detectors for detect a fire
- Risk Avoidance- Ex:- air bag, seat belt for human protection in accident
- Risk Acceptance- Ex:- Tsunami - Cannot avoid the Tsunami because it is a natural disaster
- Risk Reduction- reduce the probability of risk occurrence, reduce the impact of risk event
Certain cultures would try to avoid uncertainty. As an example in US it is must to every house must have a smoke detector, sprinklers. But in Sri Lanka most of the houses does not have and it also not a must.
From a research has found out Germany has 65% has high certainty avoidance.
The Importance of Risk Management for Projects
Projects are schedule for a certain time period. If any problem rise during the project it affects to the whole project and leads project to a failure. Sometimes project will be able to deliver within a given time period but with errors or incompletely.
From a research has found out most of the projects fails because of poor requirement identification and without proper project plan and without stick to the project plan.
Risks that projects face
There are mainly two types of risks. They are,
- Strategic Risks
- Operational Risks
Under strategic risks there are sub categories they are,
- Project Abandonment- As an example if a person outsource his/her project to a small scale company and suddenly company close due to some financial problem. From this the person who outsource the project has face to a loss.
-Massive over run/over spend- Invest high amount of money for a project and if the project is a failure there is a huge lose this called as massive over run or over spend.
-Loss of Client Confidence- If the developed system do not satisfy customer requirements or if the system full of errors then the client confidence over the development group lose.
Operational Risk
Under operational cost there three sub categories. They are,
- Constant Change /re-planning/inefficiency- This risk can explain by feature creep. Feature creep means requirements will be added middle of the project. Because of this additional requirement whole project plan need to change. In this case development team need to negotiate with the customer and extend the project time period from that project team will be able to give a satisfy system to customer with adding additional requirements.
- Over run/over spend - This has explained under the strategic risks
-Low morale/unacceptable working conditions- This can happen lack of motivation among the members in the project team or low morale. Also due to poor working environment as well.
Risk Continuum
Figure 2: Risk Continuum |
Above figure illustrates of risk continuum. Risk continuum helps to categorized different types of risks that can rise in a project or an event.
Close Report- Once the a particular project completed and the report make for the project called as close report.
Risk Management Process
Disaster recovery plan (DRP) helps companies for over come or reduce the negative impact from a disaster. After the huge 9/11 attack many organizations started implement DRPs for their companies.
Risk planning
adopt risk management approach/policy
identify mechanisms to identify risk factors
Risk identification
identify tasks
identify tasks
predict effect on baseline plan
Risk analysis
assess likelihood of specific risks
assess likelihood of specific risks
assess impact of specific risks
Risk response
plan possible responses to risk occurrence
plan possible responses to risk occurrence
develop contingency/fallback measures
Risk action
implement risk reduction measures
implement risk reduction measures
monitor risk factors
Process should be part of 'Project office'
The reason is project office consisted of experienced employees. As ab example project manager. Project manager is a one who has more experience of risk that can rise in the process of a project.
Must be applied to each Project
individual objectives/features of project
‘ownership’ of risks by project team members
Maintain a risk database
Include all the risks that face during projects. So in future project teams can go through and avoid the risks that can happen in the projects. Risk database include followings,
identifier
keyed to task etc. on WBS by reference
title/description
of risk and to what task(s) it could apply
potential impact(s)
in quantifiable terms (time/cost/quality) if possible
risk owner
tracks/protects against risk
risk actions
what actions planned
action log
record of avoidance/reduction/acceptance actions taken
identifier
keyed to task etc. on WBS by reference
title/description
of risk and to what task(s) it could apply
potential impact(s)
in quantifiable terms (time/cost/quality) if possible
risk owner
tracks/protects against risk
risk actions
what actions planned
action log
record of avoidance/reduction/acceptance actions taken
Link(s) to quality/monitoring process
Feed back to project plan
Risk Identification
- Must be a precise definition
- Must be capable of being measured
- Must have measurable impact
weak commercial background
- uncertain funding/justification
- too much competition
imprecise objectives/charter
- uncertain objectives/deliverables/acceptance criteria
- penalties for delay/under-performance
unhelpful clients/users
- too powerful client(s)
- uninvolved/uncommitted client(s)
unfamiliar/innovative technology
external dependencies
all tasks on critical or near-critical paths!!!
What need to watch out in risk identification...
- key member(s) of staff on many critical tasks
- project manager(s) on critical path
- ‘external’ dependencies without good contracts
- responses which take to long to ‘ramp up’
- unfounded assumptions about threshold resources
- reliance on ‘silver bullets’ & ‘white knights’
Silver syndrome occurs when the project team too much reliance on methodologies or technology and this too much of reliance of methodologies and technology leads to a risk. Because project team cannot fully depend on the methodology or technology to solve all the problems that identifies in the project.
Analyzing Risk
There are three types of question need to ask when analyzing a risk. They are,
- Primary question
- Secondary factor
- Tertiary factor
Risk Assessment
In risk assessment seek for the which have high probability of occurring and which have large impacts if those risk occur
These risk can be measured as followed.
-Probability of risk occurring
-Impact on project
-Urgency of the risk
To identify or measure risks project team can use risk assessment map. Below has showed the risk assessment map.
Figure 3: Risk Assessment Map |
Risk Ownership
Risk owners are the ones who take responsibility of a particular risk.
Risk owners need to have,
- Sufficient task knowledge/expertise- The knowledge to solve a particular risk because risks are vary from the situation that take place.
- Necessary resources/time to monitor risk- Able to gather necessary resources in-order to solve the risk
- Sufficient authority to carry out risk action- Need to have permission to solve the risk.
- Contributing data to risk assessment exercise
- Reporting status of risk
- Preparing responses & actions for risk
Risk Plan
- In risk plan need to define the scope of the project and mention the risks that can be occur during the process of the project
- Need to mention different types of actions if a risk took place in the project in-order to reduce the negative impact on the project
- Deliverable of risk management in a descriptive way
- Theses situations can arise in projects,
-Risks arise, are ‘managed’, monitored & ‘archived’
-Some predicted risks never arise & are ‘cancelled’
-Unpredictable risks arise, are assessed & added to plan
Learning Outcomes:-
Today the lecture was about risk management was very useful. There are different types of risks it can can be environment, business, projects etc. Every risk need to manage. At this time risk management plays a very important role. Most of the well-known companies have risk managers. Risk managers are make plan if a risk take place in the company to over come or reduce the negative impact. Risk management need not only in organization it can be in an event, project etc. In projects risk management is very important. In project risk cannot be taken because projects are doing for certain time period. If a problem comes during the project it affects to the whole process of the project. I understood that risk assessment map as very useful component in risk management as it helps to identify the risks that have high impact and the risks that need to take quick actions and etc. From identifying those project team can reduce the negative impact that can be on project or avoid certain disturbances that can lead to a total failure. I also understood the role of risk owner like what he need to do if risk occur in the project or how to avoid the risk and the responsibilities of the risk owner. From this lecture I understood the process of risk management and how to overcome from a risk that can occur while doing a project. I see this lecturer as very important lecture since risk can happen any moment specially while doing the project. I am looking forward to use risk management techniques to use in my future projects and specially in my final year project.
References:-
Leading newspaper. (2012). Risk. [Online]. Available at: http://leadinganswers.typepad.com/photos/uncategorized/2007/09/21/risk.jpg
[Accessed 20th September 2012]
What is risk management. (2011). Definition of Risk Management. [Online]. Available at: http://www.whatisriskmanagement.net/ [Accessed 20th September 2012]