Risk is something that has not happened yet, and has a potential impact over the future. Schwalbe defined the project risk as “an uncertainty that can have a negative or positive effect on meeting project objectives” (Schwalbe, 2010, p.425), for that risk management can be defined as the action to be done to lessen the impact of negative future events. Cervone raises a very important issue with regards to risk management implementation, he said that although project risks could be dangerous, and that risk management is crucial, still its not given the required attention by project managers. He also explains the common practice by project managers of risk estimation, and that by examining issues related to risk and adding a margin of risk, known as WAG technique (Cervone, 2006).
Schwalbe defined planning risk management as “the process of deciding how to approach and plan for risk management activities for a project, and the main output of this process is risk management plan” (Schwalbe, 2010, p.428). The plan itself is a document that contains procedures for managing project risks. Early in the project, the team should hold planning meetings to start developing the risk management plan, as well they have to review project documents and organizations risk policies, risk categories, lessons learned from previous projects, and risk management plan templates (Schwalbe, 2010, 428). Another important aspect that should be considered by project team is project stakeholders risk tolerance, in specific decision makers such as project sponsor and senior management. Risk management plan should address various topics; those are methodology, roles and responsibilities, budget and schedule, risk categories, risk probability and impact, revised stakeholders tolerances, tracking and risk documentation (Schwalbe, 2010, p.429).
Each of those topics should be addressed in a risk management plan; valid questions to answer with regards to methodology are “how will risk management be performed on this project? What tools and data sources are available and applicable?” (Schwalbe, 2010, 429). Risk manager or project manager should gain buy-in from the management to allocate resources to manage risks, create a risk management plan and have it approved by all stakeholders. Risk management plan should include all team members who should be involved in risk management sessions, frequency of these sessions and identifies the risk manager for each risk identified. As well it should include the tools to be used to identify, manage and control risks, tools such as risk register, probability-impact matrix, and software such as Monte Carlo.
With regards to roles and responsibilities, risk management plan should address a question about “who are the individuals responsible for implementing specific tasks and providing deliverables related to risk management?” (Schwalbe, 2010, 429). There should be a risk manager if not the project manager to handle defining the risks, entering them to the risk register, perform meetings to assess risks and define new risks, prioritize risks, help create risk response plans and contingency plans. Each risk should have an owner who watches the triggers for the risk, implement the risk response plan or request the contingency plan to be performed, decide whether or not this risk is still valid and all the project team is responsible for defining risks as they arise. With regards to budgets and schedule, risk management plan address a question about the estimated costs and schedules for performing risk related activities? (Schwalbe, 2010, 429).
With regard to budget and schedule, risk management plan should answer a a question like “what are the estimated costs and schedules for performing risk related activities?” (Schwalbe, 2010, 429). As well the plan should cover risk categories as what are the main risk categories that should be addressed on the project? Risk categories could be technology, unrealistic time estimates, unrealistic cost estimates, lack of resources, hardware compatibility, delays in hardware procurement, unclear requirements and a lot more. As well the plan should address questions related to risk probabilities and impacts of risk items be assessed, in addition to scoring interpretation methods that will be used for analysis? How will the probability and impact matrix be developed? (Schwalbe, 2010, 429). The plan also should question current status of stakeholders risk tolerance, and how a change in risk tolerance could affect the project itself? In this regards, Stakeholders tolerance to risks is either risk averse or risk takers. If the management tends to be a risk averse, then the scoring to the risk from a probability and impact perspective will be higher and hence more contingency reserves will be taken into consideration. Risk takers tend to evaluate risks with lower probability and impact, which means less contingency reserves. Another factor to be addressed in the risk plan is “how will the team track risk management activities how will lessons learned be documented and shared? How will risk management processes be audited?” (Schwalbe, 2010, 429), this could be achieved by performing risk sessions periodically, updating the risk register, and review the watch list for the less important risks. Once the project is on its closing phase, the team members should perform a lessons learned sessions and document the results
“Risk management can make an important contribution to effective project management” (Rangopal, 2003). For that risk or uncertainty management as Rangopal prefers to name it should be given more focus by project managers, and not identify major risks and add a risk margin as described earlier.
Reference:
H. Frank Cervone, (2006) "Project risk management", OCLC Systems & Services, Vol. 22 Iss: 4, pp.256 - 262
DOI 10.1108/10650750610706970 (Permanent URL)
Rangopal, M 2003, 'Project Uncertainty Management', Cost Engineering, 45, 12, pp. 21-24, Business Source Premier, EBSCOhost, viewed 31 December 2011
Schwalbe, K., (2010), Information Technology Project Management (with Microsoft Project 2007 CD-ROM), 6th ed., Course Technology, 2010, ISBN 978-0-324-78692-7
No comments:
Post a Comment