Risk Management
Risk Management is a critical element of project management which allows PMs, EDs (Engagement Directors), and AEs (Account Executives) to analyze project budgets and timelines with a clear plan of attack when issues are uncovered.
Risk Management is equally important for those in an agency/consulting environment as it is for those in a corporate setting. All of us need a plan to mitigate any adverse issues that are uncovered in the regular course of project life cycle. The most important element of Risk Management is to have regular analysis of key project metrics: scope, budget, resourcing, and timeline. Reviewing these metrics on a regular basis will allow the team to uncover issues that adversely affect the project. At a macro level, there are two types of risk: a business or financial risk (a risk of a gain or loss) and an project risk such as resource, scope, and timeline. It is important to remember that risk identifies elements of a project with a certain probability of occurring. If the certainly is 100%, then it is no longer a risk.
Risk Management is equally important for those in an agency/consulting environment as it is for those in a corporate setting. All of us need a plan to mitigate any adverse issues that are uncovered in the regular course of project life cycle. The most important element of Risk Management is to have regular analysis of key project metrics: scope, budget, resourcing, and timeline. Reviewing these metrics on a regular basis will allow the team to uncover issues that adversely affect the project. At a macro level, there are two types of risk: a business or financial risk (a risk of a gain or loss) and an project risk such as resource, scope, and timeline. It is important to remember that risk identifies elements of a project with a certain probability of occurring. If the certainly is 100%, then it is no longer a risk.
Risk Management Planning: Determining how risk will be analyzed during the project, who will be involved and procedures to be used.
Risk Identification: Determining specific risks by project and by task. Getting the stakeholders involved in making a comprehensive list of risks such as: clients pushing scope creep, resources taking longer than projected to complete tasks, thrid parties requing additional time integration, complex data migration, technical issues not originally identified will all affect the project.
Qualitative Risk Analysis/Quantitative Risk Analysis: Analyzing the risks uncovered during the risk identification step and deciding which risks require a response in the next step. Probability and impact are determined qualitatively, a choice is made whether or not a quantitative evaluation is necessary.
Qualitative output – shorter list of risks by looking at which are likely to occur and should be further analyzed for a quantitative output. If you can address a subset of the risks immediately by quashing scope creep, moving resources, or other tactics, this reduces size of the risk analysis
Risk Response Planning: Determining what can be done to reduce the overall risk of the project by decreasing the probability or impact of the short listed risks and increasing the probability or impact of opportunities.
Output – risk response, what can be done about the risks
Risk Monitoring & Control: Executing the risk analysis plan as events occur throughout the course of the project.
Risk management is not a one time only process. It must be reviewed on a regular basis throughout the entire project. Therefore, risk identification will occur in planning, but also during project execution and control, as changes are made or problems discovered.
Each step of the risk management process should be implemented as often as possible and updated where deficiencies are identified.
Risk Identification: Determining specific risks by project and by task. Getting the stakeholders involved in making a comprehensive list of risks such as: clients pushing scope creep, resources taking longer than projected to complete tasks, thrid parties requing additional time integration, complex data migration, technical issues not originally identified will all affect the project.
Qualitative Risk Analysis/Quantitative Risk Analysis: Analyzing the risks uncovered during the risk identification step and deciding which risks require a response in the next step. Probability and impact are determined qualitatively, a choice is made whether or not a quantitative evaluation is necessary.
Qualitative output – shorter list of risks by looking at which are likely to occur and should be further analyzed for a quantitative output. If you can address a subset of the risks immediately by quashing scope creep, moving resources, or other tactics, this reduces size of the risk analysis
Risk Response Planning: Determining what can be done to reduce the overall risk of the project by decreasing the probability or impact of the short listed risks and increasing the probability or impact of opportunities.
Output – risk response, what can be done about the risks
Risk Monitoring & Control: Executing the risk analysis plan as events occur throughout the course of the project.
Risk management is not a one time only process. It must be reviewed on a regular basis throughout the entire project. Therefore, risk identification will occur in planning, but also during project execution and control, as changes are made or problems discovered.
Each step of the risk management process should be implemented as often as possible and updated where deficiencies are identified.
Previous page: Project Management
Next page: Applications & Sites