Ch5 - Risk Management
Ch5 - Risk Management
As a result of
effective risk
management
• Assumptions are in- • Identified risks are • known risks are
fact the initially analysed and strategies watched and new risks
identified risks are formulated for are identified.
• once these effective risk • Risks that don’t
assumptions become management which in materialize are
certain, then they turn affect the detailed removed and new risks
become the first plan and schedule are added to risk plan
documented risks.
Risk management and project plan
DEFINITION PLANNING
• Project deliverables
• Statement of work • Development approach
• Responsibility matrix • Responsibilities
• Communication plan • Risk monitoring
• Risk management influences the project plan and changes assumptions in the
project rules.
Project Risk Management Framework
Identify Risks
1. Identify potential risks
2. Review previous low-priority risks
Known Risks
Prioritized Risks
5 5 15 25
Probability 5 = High
3 = Medium
3 3 9 15 1 = Low
1 1 3 5
Impact
1 3 5
Step Three: Develop Response Plans
• Developing strategies for dealing with identified risks
– Reduce the impact, the probability, or both
• Five categories of classic risk response strategies:
– Accept the risk and choose to do nothing (when probability is low and/or
consequences are cheaper than cure).
– Avoid the risk (not to do that part of the project or choose a lower-risk
option) –> Low Risk = Low Returns
– Contingency plans - monitor the risk and have an alternative course of
action ready. (when avoiding the risk is not an option and the consequences
are high)
– Transfer the risk - ex. Purchasing insurance, hiring expert, contract for
service, subcontracting, etc.
– Mitigate the risk - all the actions to overcome risks from the project
Step Four: Establish Contingency and
Reserve
• Contingency funds or risk funds set aside for the
situations of risks (known unknowns)
– Identify all the risks in the risk log for which the strategy is to monitor
and prepare contingency plan
– For each of these risks, estimate the additional cost of executing the
contingency plan (cost of contingency).
• If probability is not 100% then multiply the estimate with the probability (expected
value of contingency = cost of contingency x probability of risk event)
– Sum the expected value of contingency for each of these risks.
– Negotiate with the executive management.
• Management reserves are for the purpose of
unknown unknowns. (a certain % of the budget is added)
Step Five: Continuous Risk
Management
• The practice of repeating the major risk management
processes throughout the life of the project.
– Risk plans are based on the best information available at
the beginning of the project.
– As the project progresses new information emerge and the
risk plan requires modification / updating.
• Monitor known risks and update for any changes to the risk log
• Check for new risks at a regular status meetings
• Repeat the major risk identification activities at preplanned milestones
within the project.
• Check the contingency and management reserves whenever new risks
arise.
Critical Points
• Risk management is essentially the management of
uncertainties in a project life cycle.
• Every function within the project management is
effectively a risk management
• Skeptism and critical analysis helps in identifying
problems and a rational assessment helps in
developing a strategy to overcome these problems
• Continuous, systematic risk management uncovers
problems before they damage the project.