Risk Management
Risk Management is a critical element of project management which allows PMs, EDs (Engagement Directors), and AEs (Account Executives) to analyze project budgets and timelines with a clear plan of attack when issues are uncovered.
Risk Management is equally important for those in an agency/consulting environment as it is for those in a corporate setting. All of us need a plan to mitigate any adverse issues that are uncovered during the course of project life cycle. The most important element of Risk Management is to have regular analysis of key project metrics: scope, budget, resourcing, and timeline. Reviewing these metrics on a regular basis will allow a team to uncover issues that could adversely affect the project. At a macro level, there are two types of risk: a business or financial risk (a risk of a gain or loss) and an project risk such as resource, scope, and timeline. It is important to remember that risk identifies elements of a project with a certain probability of occurring. If the certainty is 100%, then it is no longer a risk!
Risk Analysis Process
Risk Management is equally important for those in an agency/consulting environment as it is for those in a corporate setting. All of us need a plan to mitigate any adverse issues that are uncovered during the course of project life cycle. The most important element of Risk Management is to have regular analysis of key project metrics: scope, budget, resourcing, and timeline. Reviewing these metrics on a regular basis will allow a team to uncover issues that could adversely affect the project. At a macro level, there are two types of risk: a business or financial risk (a risk of a gain or loss) and an project risk such as resource, scope, and timeline. It is important to remember that risk identifies elements of a project with a certain probability of occurring. If the certainty is 100%, then it is no longer a risk!
Risk Analysis Process
Risk Management Planning: Determining how risk will be analyzed during the project, who will be involved and procedures to be used.
Risk Identification: Determining specific risks by project and by task. Getting the stakeholders involved in making a comprehensive list of risks such as: clients pushing scope creep, resources taking longer than projected to complete tasks, third parties requiring additional time integration, complex data migration, technical issues not originally identified will all affect the project.
Qualitative Risk Analysis/Quantitative Risk Analysis: Analyzing the risks uncovered during the risk identification step and deciding which risks require a response in the next step. Probability and impact are determined qualitatively, a choice is made whether or not a quantitative evaluation is necessary.
Qualitative output: shorter list of risks by looking at which are likely to occur and should be further analyzed for a quantitative output. If you can address a subset of the risks immediately by quashing scope creep, moving resources, or other tactics, this reduces size of the risk analysis
Risk Response Planning: Determining what can be done to reduce the overall risk of the project by decreasing the probability or impact of the short listed risks and increasing the probability or impact of opportunities.
Output: risk response, what can be done about the risks
Risk Monitoring & Control: Executing the risk analysis plan as events occur throughout the course of the project.
Risk management is not a one time only process. It must be reviewed on a regular basis throughout the entire project. Therefore, risk identification will occur in planning, but also during project execution, as changes are made or problems discovered.
Each step of the risk management process should be implemented as often as possible and updated where issues are identified.
Risk Identification: Determining specific risks by project and by task. Getting the stakeholders involved in making a comprehensive list of risks such as: clients pushing scope creep, resources taking longer than projected to complete tasks, third parties requiring additional time integration, complex data migration, technical issues not originally identified will all affect the project.
Qualitative Risk Analysis/Quantitative Risk Analysis: Analyzing the risks uncovered during the risk identification step and deciding which risks require a response in the next step. Probability and impact are determined qualitatively, a choice is made whether or not a quantitative evaluation is necessary.
Qualitative output: shorter list of risks by looking at which are likely to occur and should be further analyzed for a quantitative output. If you can address a subset of the risks immediately by quashing scope creep, moving resources, or other tactics, this reduces size of the risk analysis
Risk Response Planning: Determining what can be done to reduce the overall risk of the project by decreasing the probability or impact of the short listed risks and increasing the probability or impact of opportunities.
Output: risk response, what can be done about the risks
Risk Monitoring & Control: Executing the risk analysis plan as events occur throughout the course of the project.
Risk management is not a one time only process. It must be reviewed on a regular basis throughout the entire project. Therefore, risk identification will occur in planning, but also during project execution, as changes are made or problems discovered.
Each step of the risk management process should be implemented as often as possible and updated where issues are identified.
Previous page: Project Management
Next page: Projects & Clients