Risk Management Plan:
at the planning phase of the project, the project manager has to come up with a
Risk Management Plan which describes what risk management tools are to be used
for managing risks, who is responsible for managing risks, who will be involved
in project risk meetings, and how often risk meetings will be held. This plan
is very important since it gives guidelines and policies for managing the risks
throughout the project life cycle.
Risk Identification
and Evaluation Meeting(s): at the early stages of the project planning
phase, and after the project team is assigned, the project manager gathers the
project team for a risk identification and evaluation meeting(s) during which
all initial risks are identified no matter how trivial they are. In this
meeting, we use the risk categories sheet to help identify the most relevant
risks to our project. These meetings are very useful since the most critical
risks are identified at early stages of the project and accordingly, the proper
risk plans are developed either by mitigating the risk, avoiding the risk,
transferring the risk or creating a contingency plan for the risk. Once the
risks are identified, we start evaluating the risks by giving scores to each
risk probability and impact on the project. Using the probability/Impact
matrix, the resulting scores are used to prioritize the risks and
the risks with low scores are put on a watch list, the high score risks
are entered to the risk register.
Risk Register: The
outputs from the previous meetings are either put on a watch list (for low
score risks) or are entered to the risk register. The risk register is created
at the planning phase and is continuously updated throughout the project life
cycle. A risk register is a very powerful tool since it lists all
important risk along with their probability and impact, their mitigation
strategy and a contingency plan, risk trigger and finally each risk
status (open, closed). During the project execution phase, risk review meetings
are held to review all risks and update their status, monitor their trigger,
and review the validity of each risk mitigation strategy and contingency plans.
Risk Review Meetings:
Creating a risk register alone is only half way through; monitoring the risks
and updating the risk register during the project life cycle is the most
important part since new risks might arise, old risks might not be valid
anymore and risk mitigation strategies are revised. During the project
execution phase and until the project closure, risk review meeting have to be
conducted on a periodic manner, usually monthly and sometimes bi-weekly
depending on the project duration and complexity of the project.
At our organization,
the project manager who is PMP certified from PMI leads all the efforts for
managing the risks. In addition to that, my organization sends application
managers for project management training, because they need to have the minimal
set of knowledge to aid them properly manage their projects and contribute
effectively in the risk identification meetings, setting the RMP along with
reviewing the risks.
Reference:
Bran, F, Hîncu, D,
& Radulescu, C. (2009), 'PROJECT RISK MANAGEMENT', Metalurgia
International, 14, 5, pp. 102-105, Computers & Applied Sciences Complete,
EBSCOhost, [Online], Available from: http://content.ebscohost.com.ezproxy.liv.ac.uk/pdf10/pdf/2009/2IZ2/01May09/37217958.pdf?T=P&P=AN&K=37217958&S=R&D=iih&EbscoContent=dGJyMNHr7ESep7U4v%2BbwOLCmr0meprBSsam4TLKWxWXS&ContentCustomer=dGJyMOzprkmvqLJPuePfgeyx44Dt6fIA
(Accessed 16 April
2011)
Fairley, R., (2005), ‘Software
Risk Management’, Software Engineering
Glossary, [Online], Available from:
(Accessed 16 April
2011)
PMI, (2008), ‘The new
PMBOK Guide’, edition 4
No comments:
Post a Comment