Project Risk Management August 6, 2013 August 6, 2013

1 Copyright Copyright © 2010 Infogain All rights reserved. © 2010 Corporation. Infogain Corporation. All rights reserved.

Project Risk Management

Contents ● Introduction to Project Risk Management ● Plan Risk Management ● Identify Risks ● Perform Qualitative Risk Analysis

● Perform Quantitative Risk Analysis ● Plan Risk Response ● Monitoring and Control Risks

August 6, 2013

2 Copyright © 2010 Infogain Corporation. All rights reserved. 8/6/2013

2

Project Risk Management

Processes –

● Plan Risk Management

● Identify Risks ● Perform Qualitative Risk Analysis ● Perform Quantitative Risk Analysis ● Plan Risk Response

● Monitoring and Control Risks

August 6, 2013

3 Copyright © 2010 Infogain Corporation. All rights reserved. 8/6/2013

3

What is Risk? Project Risk Management –



● ●



● ●

A risk is an uncertain event or condition that, if occurs, has a positive or negative effect on a project’s objectives “If occurs” implies a probability of less than 100% A Risk must also have a probability above 0%. It must be a chance to happen or it is not a Risk If probability is 100%, it is an issue How is Risk Measured? These effects are measured by their impacts on the project. ■ ■

Positive Impact – Opportunity Negative Impact – Threat

August 6, 2013

4 Copyright © 2010 Infogain Corporation. All rights reserved.

4

Risk Origin, Impact 





Risk has its origin in the uncertainty that is present in all projects Risk has a cause & if it occurs, a consequence. There can be more than one cause & more than one consequence For successful project execution, risks should be addressed proactively and consistently throughout the project

August 6, 2013

5 Copyright © 2010 Infogain Corporation. All rights reserved.

5

Question? 

Risk Management should be done: A. As soon as you meet the client for discussions on the project B. As the start of the project C. At the start of each project phase D. On a regular basis throughout the project

August 6, 2013

6 Copyright © 2010 Infogain Corporation. All rights reserved.

….

6

Risk Factors 

Risk Event 



Risk probability  



A discrete (distinct) occurrence that may affect the project for better or for worse How likely the event is to occur Chances that the event will occur

Risk Impact  

Outcome or consequence or amount at Stake The extent of loss or gain that could result

August 6, 2013

7 Copyright © 2010 Infogain Corporation. All rights reserved.

7

Risk Terms 

Risk Urgency 



Risk Tolerances and Thresholds 

 



Every organization/ stakeholder/ customer/ project team has tolerance level towards risk. Tolerances are the areas of risk that are acceptable or unacceptable Amount of Risk that is acceptable is called “Threshold” Risk response is based on the accepted threshold levels

Risk Averse 



How soon should the risk be responded to

Someone who does not want to take risks

Risk Symptoms 

Events which give warning signals that risks are likely to occur

August 6, 2013

8 Copyright © 2010 Infogain Corporation. All rights reserved.

8

Question ? 

Risk thresholds: A. Provide a mathematical technique that can be used to create a false impression of precision and reliability B. Are important because different organizations and different individuals have the same thresholds for risks C. Are important because the level of risk that is acceptable to the organization will influence risk response planning D. Are the same for all stakeholders

August 6, 2013

9 Copyright © 2010 Infogain Corporation. All rights reserved.



9

Risk Types Business risks vs. Pure (Insurable) risks 



Business risks: Risks that carry opportunity for both gain and loss. Ones that are due to the being in business Pure (Insurable) risks: Risks that present only an opportunity for loss. Ex: Theft, Fire, Direct property damage, legal liability etc.

External vs. Internal Risks 



External risks – things that are beyond the control or influence of the project team like regulatory, environmental, governmental, market shift etc. Internal risks – things that the project team can control or influence like time, scope, cost changes, poor planning etc.

August 6, 2013

10 Copyright © 2010 Infogain Corporation. All rights reserved.

10

Question ? 

Projects are particularly susceptible to risk because: a. Murphy’s law states that “If something can go wrong, it will” b. Each project is unique in some manner c. Project management tools are generally unavailable at the project team level d. There are never enough resources to do the job

August 6, 2013

11 Copyright © 2010 Infogain Corporation. All rights reserved.

..

11

Project Risk Management Project Risk Management includes the processes concerned with conducting risk management planning, identification, analysis, responses, and monitoring and control on a project Objective 









To increase the probability and impact of positive events or “Opportunities” & To decrease the probability and impact of negative events or “Threats” to the project

Most of these processes are updated throughout the project Known risks can be identified, analyzed and planned for. Unknown risks cannot be managed 

Risks Can never be eliminated

August 6, 2013

12 Copyright © 2010 Infogain Corporation. All rights reserved.

12

Risk Lifecycle  





Risks varies throughout the project life cycle Risk probability is high in early phases and decreases as work is accomplished Amount at stake (impact) is low in the early phases and increases as the work is accomplished Risk Management is a continuous process throughout the project lifecycle

August 6, 2013

13 Copyright © 2010 Infogain Corporation. All rights reserved.

13

Risk Management Process Includes the following six sequential processes:  Risk Management Planning  Risk Identification  Qualitative Risk Analysis  Quantitative Risk Analysis  Risk Response Planning  Risk Monitoring and Control

August 6, 2013

14 Copyright © 2010 Infogain Corporation. All rights reserved.

14

Plan Risk Management August 6, 2013

15 Copyright © 2010 Infogain Corporation. All rights reserved. 15

Plan Risk Management 









Deciding how to approach, plan, and execute the risk management activities for a project Should involve - Project Manager, Project Team, Customer, other key Stakeholders and Experts as needed Risk Management Efforts should be:  appropriate to the size and complexity of the project  Experience and skill level of project team The Risk Management Planning process should be completed early during project planning, since it is crucial to successfully performing the other processes PMBOK: Planning of risk management processes is important to ensure that the level, type, and visibility of risk management are commensurate with both the risk and importance of the project to the organization, to provide sufficient resources and time for risk management activities, and to establish an agreed-upon basis for evaluating risks August 6, 2013

16 Copyright © 2010 Infogain Corporation. All rights reserved.

16

Plan Risk Management Inputs 

Enterprise Environmental Factors  



Organizational Process Assets 

   

Organization Risk tolerance People involved in the project Organizations pre-defined approach for Risk categories, common definitions of concepts & terms, standard templates, roles & responsibilities & authority levels for decision making

Project Scope Statement Cost Management Plan Schedule Management Plan Communications Management Plan

August 6, 2013

17 Copyright © 2010 Infogain Corporation. All rights reserved.

17

Plan Risk Management Tool & Techniques 

Planning Meeting and Analysis  Brian Storming sessions  Attendees are the PM, Leadership Team, Key Stakeholders, Organization level risk management experts  Basic plans for conducting the Risk Management activities are defined in these meetings  Outputs of the activities are summarized in Risk Management Plan

August 6, 2013

18 Copyright © 2010 Infogain Corporation. All rights reserved.

18

Plan Risk Management Outputs 



Risk Management Plan  Subset of Project Management Plan  Describes how Risk Management will be structured and performed on the project RMP may includes the following:  Methodology: How will risk management be performed  Roles & Responsibilities: Who will do what?  Budgeting: Includes cost for risk management process  Timing: When and how often risk management will be performed during project life cycle  Risk Categories: External, Internal, Technical, Unforeseeable  Organizations can use standard lists of risk categories that projects can use to identify risks  Risk Breakdown Structure (RBS) may be prepared  Revisit risk categories during risk identification process August 6, 2013

19 Copyright © 2010 Infogain Corporation. All rights reserved.

19

Plan Risk Management

August 6, 2013

20 Copyright © 2010 Infogain Corporation. All rights reserved.

20

Plan Risk Management 



Definition of Risk Probability and Impact: To define different levels of risk probability and impact Probability and Impact (PI) Matrix: The objective is to prioritize risks. Standard approach is to use a probability and impact matrix.

August 6, 2013

21 Copyright © 2010 Infogain Corporation. All rights reserved.

21

Plan Risk Management 





Revised stakeholders’ tolerances: Stakeholders’ tolerances may be revised in the Risk Management Planning process, as they apply to the specific project Reporting formats: Describes the content and format of the risk register as well as any other risk reports required Defines how the outcomes of the risk management processes will be documented, analyzed, and communicated Tracking: How risk process will be audited Documenting what happens with risk management activities

August 6, 2013

22 Copyright © 2010 Infogain Corporation. All rights reserved.

22

Question ? 

The major processes of risk management are: a. Planning, Identification, documentation and assessment b. Identification, planning, evaluation, response, development, mitigation and documentation c. Identification response development, assessment and documentation d. Planning, Identification, qualitative analysis, quantitative analysis, response planning and monitoring & control

August 6, 2013

23 Copyright © 2010 Infogain Corporation. All rights reserved.

.…

23

Identify Risk August 6, 2013

24 Copyright © 2010 Infogain Corporation. All rights reserved. 24

Identify Risks 









Determination of risk events that are likely to affect the project and documenting their characteristics Involves Project Manager, Project team, Stakeholders, SME’s, Organization risk management experts as needed Process involves:  Identifying potential sources of risk (or risk categories)  Possible risk events  Risk symptoms PMI: Risk Identification should be accomplished at the outset/onset of the project and then updated regularly throughout the project life cycle Risk Identification is an Iterative process

August 6, 2013

25 Copyright © 2010 Infogain Corporation. All rights reserved.

25

Identify Risks

Inputs           

Risk Management Plan Activity Cost Estimates Activity Duration Estimates Scope Baseline Stakeholder Register Cost Management Plan Schedule Management Plan Quality management Plan Project Documents Enterprise Environmental Factors Organizational Process Assets

August 6, 2013

26 Copyright © 2010 Infogain Corporation. All rights reserved.

26

Risk Identification

Tools and Techniques 

Documentation Reviews 





Structured review of project documentation, including plans, assumptions, prior project files, and other information. The quality of the plans, as well as consistency between those plans and with the project requirements and assumptions, can be indicators of risk in the project (PMBOK)

Information Gathering Techniques 



Brainstorming: Most frequently used; to obtain a comprehensive list of project risks. Usually done in a meeting Delphi Method: Gathering opinions and building a consensus of experts who participate anonymously. Request for information is sent to experts, their responses are compiled and results sent back for further review unless consensus is reached.

August 6, 2013

27 Copyright © 2010 Infogain Corporation. All rights reserved.

27

Risk Identification

Tools and Techniques 

 



Information gathering techniques: Main sources of risk identification data gathering. Interviewing experienced project participants, stakeholders, and subject matter experts can identify risks. Documentation reviews SWOT analysis: To increase the breadth of risks considered by examining the project from each of the SWOT perspective  Strengths – Build On  Weakness – Eliminate or Reduce  Opportunities – Exploit  Threats - Mitigate Checklists: Risk identification checklists can be developed based on historical information and knowledge that has been accumulated from previous similar projects

August 6, 2013

28 Copyright © 2010 Infogain Corporation. All rights reserved.

28

Risk Identification

Tools and Techniques 

 

Assumption Analysis: Explores the validity of assumptions as they apply to the project. It identifies risks to project because of inaccuracy, inconsistency and incompleteness of assumptions. Expert Judgments. Diagramming Techniques (details covered in the quality chapter)  Cause-and-effect (fishbone/Ishikawa) diagrams: Used in identifying risk cause.  System or Process flowcharts: Allows one to examine and understand relationships/dependencies in a process or the project which in turn helps in additional risks identification.  Influence diagrams: These are graphical representations of situations showing causal influences, time ordering of events, and other relationships among variables and outcomes (PMBOK).W August 6, 2013

29 Copyright © 2010 Infogain Corporation. All rights reserved.

29

Identify Risks

Output 

Risk Register: Most of the risk information is detailed in risk register. Includes: 1. List of risks, 2. List of potential responses, 3. Root causes of risk, 4. Updated risk categories

Project / Engagement / Function Name:

XXX

Responsible Person for tracking and addressing the risk:

Project Manager

R i s k I D

Risk Taxono my

Probab ility

Imp act

Risk Expos ure

Rank

1

Quality

1%

Low

1.0

1

Risk Statement

Development and test roles have been combined in this project, therefore, as a result we may ship with more bugs

Last updated on : XX-XX-XX

Risk Handling Approach

Mitigate

Actions

1.Peer reviews will be planned and scheduled. These will be monitored regularly. 2.Unit test plans will be used as an input for coding. 3.The development and testing environments will be separated. 4.Independent SQA will be mandated before delivery.

Status

Active

2 August 6, 2013

30 Copyright © 2010 Infogain Corporation. All rights reserved.

30

Question ? 

The Delphi technique has all of following characteristics except: a. It is a way to reach a consensus of experts on a subject such as project risk b. It is a technique in which project risk experts are identified but are often not present in the same location c. It helps reduce bias in the data and keeps any person from having undue influence on the outcome d. It is a technique to ensure that thinking of the organization risk managers is aligned with the vision of the selected risk experts

August 6, 2013

31 Copyright © 2010 Infogain Corporation. All rights reserved.

.…

31

Question ? 

When should we first do risk identification: a. At the time of meeting the client b. At the concept phase or at the very beginning of the project c. Constantly throughout the project d. At the start of each project phase

August 6, 2013

32 Copyright © 2010 Infogain Corporation. All rights reserved.

..

32

Perform Qualitative Risk Analysis August 6, 2013

33 Copyright © 2010 Infogain Corporation. All rights reserved. 33

Perform Qualitative Risk Analysis 





Includes methods for prioritizing identified risks for further action  Rapid & cost-effective means of establishing priorities for Risk response planning  Focus on high-priority risks to improve project performance  Lays foundation for quantitative risk analysis Prioritization is subjective analysis of the identified risks  The probability of each risk occurring (Low, Medium, High or 1 to 10)  Impact on project objectives (Low, Medium …. or 1 to 10)  Amount at stake  Opportunity or threat  Considers time-frame and risk tolerance for the project Should be performed throughout the project

August 6, 2013

34 Copyright © 2010 Infogain Corporation. All rights reserved.

34

Perform Qualitative Risk Analysis

Inputs 



 

Organizational Process Assets  Data about risks on past projects and the lessons learned knowledge base Project Scope Statement Risk Management Plan Risk Register

August 6, 2013

35 Copyright © 2010 Infogain Corporation. All rights reserved.

35

Perform Qualitative Risk Analysis

Tools and Techniques 

Risk Probability and Impact assessment:  Risk Probability – is the likelihood that risk will occur  Risk Impact – is the effect on project objective if risk occurs  These are applied to each of the risk events individually and assigned a a qualitative term such as very high, high, moderate, low and very low  Help rate risks in order to determine which ones warrant a response

August 6, 2013

36 Copyright © 2010 Infogain Corporation. All rights reserved.

36

Perform Qualitative Risk Analysis Evaluation of Risk Impact by Project objectives

August 6, 2013

37 Copyright © 2010 Infogain Corporation. All rights reserved.

37

Perform Qualitative Risk Analysis

Tools and Techniques 

Probability and Impact Matrix:  Is a common way to combine two dimensions to determine whether a risk is low, moderate or high  Matrix is prepared that assign risk ratings to risks based on the combination of their assessed probability and impact  The matrix may be standardized within the organization making the risk rating process more repeatable between the projects  Different matrix may be used for cost time and scope if the project’s thresholds for each types of risks are different *

August 6, 2013

38 Copyright © 2010 Infogain Corporation. All rights reserved.

38

Perform Qualitative Risk Analysis

Tools and Techniques 

Probability & Impact Scales can be:  Ordinal scale – ranked-order scale, such as very low, low, moderate, high, and very high  Cardinal scale – assign values to impacts. These values are usually linear (.1/ .3/ .5/ .7/ .9) or nonlinear (.05/ .1/ .2/ .4/ .8/)  Scaled descriptors of relative impact should be prepared by organization before project begins

Probability 0.9 0.7 0.5 0.3 0.1

Risk Score = P x I 0.045 0.09 0.18 0.36 0.72 0.035 0.07 0.14 0.28 0.56 0.025 0.05 0.1 0.2 0.4 0.015 0.03 0.06 0.12 0.24 0.005 0.01 0.02 0.04 0.08 0.05 0.1 0.2 0.4 0.8 Impact on an objective ( eg. Cost, schedule, quality etc.

August 6, 2013

39 Copyright © 2010 Infogain Corporation. All rights reserved.

39

Qualitative Risk Analysis

Tools and Techniques 







Risk data Quality Assessment: Technique to qualify the risk by evaluating the degree to which the data about the risk is useful for risk management. This is also called as “Data Precision Raking”  Degree to which risk is understood  Accuracy, quality, reliability and integrity of data Risk Categorization: By sources of risk. Where is this risk coming from? (using the RBS) OR By area of the project or the work package that is affected (using the WBS) OR By project phase OR Any other useful category  Objective is to determine project areas most exposed to the effect of uncertainty. Risk Urgency Assessment: Risks that may occur soon, should move quickly through the process. Else, risk response plan may take longer time Expert Judgments August 6, 2013

40 Copyright © 2010 Infogain Corporation. All rights reserved.

40

Qualitative Risk Analysis

Outputs Risk Register Updates: Includes  Risk Ranking for the project  List of prioritized risks, their probability and impact ratings  Risks grouped by categories  List of risks requiring additional analysis in near term  List of risks for additional analysis and response  Watch list of low priority or non-critical risks  Trends in qualitative risk analysis results Note:  Qualitative risk analysis –  Allows project risk to be compared with risk of other projects  Project may be selected, continued or terminated  May lead to quantitative risk analysis or risk response planning 

August 6, 2013

41 Copyright © 2010 Infogain Corporation. All rights reserved.

41

Question ? 

If customer requests a change in the middle of the project, which is likely to increase the risk, what should be your first action: a) Include EMV of risk in new cost estimate b) Talk to the customer about the impact c) Analyze the impact of change request d) Change RMP

August 6, 2013

42 Copyright © 2010 Infogain Corporation. All rights reserved.

...

42

Quantitative Risk Analysis August 6, 2013

43 Copyright © 2010 Infogain Corporation. All rights reserved. 43

Quantitative Risk Analysis 



Performed on risks that have been prioritized by the Qualitative Risk Analysis process as potentially and substantially impacting the project’s competing demands. A numerical analysis of the probability and impact of the highest risks from qualitative risk analysis on the project to:  Determine which risks events warrant a response  Determine overall project risk called as “risk exposure”  Determine the quantified probability of meeting the project objectives  Determine the cost and schedule reserves  Identify risks requiring most attention  Create realistic and achievable cost, schedule or scope targets

August 6, 2013

44 Copyright © 2010 Infogain Corporation. All rights reserved.

44

Quantitative Risk Analysis

Inputs 

 

Organizational Process Assets  Information on similar projects completed by the organization, risk databases Risk Register Project Management Plan (Schedule, Cost ,Risk)

August 6, 2013

45 Copyright © 2010 Infogain Corporation. All rights reserved.

45

Quantitative Risk Analysis

Tools and Techniques 



Interviewing: To quantify the probability and impact of risks on project objectives. Information would be gathered on the optimistic (low), pessimistic (high), and most likely scenarios

Expert Judgment: Internal or external experts validate data and approach August 6, 2013

46 Copyright © 2010 Infogain Corporation. All rights reserved.

46

Quantitative Risk Analysis

Tools and Techniques 

Probability Distribution: Continuous probability distributions represent the uncertainty in values, such as durations of schedule activities and costs of project components. The Beta distribution can be used to model events which are constrained to take place within an interval defined by a minimum and maximum value.

A triangular distribution is used if information is gathered on optimistic (low), pessimistic (high), and most likely scenarios. August 6, 2013

47 Copyright © 2010 Infogain Corporation. All rights reserved.

47

Question ? 

You are developing a radio frequency (RF) technology that will improve overnight packaged delivery. If the project is successful, process will be automated and profits will soar. Management has promised everyone a sports car if successful. You grab a copy of PMBOK, blow off the dust and start reading risk management chapter. You first interview 15 stakeholders and ask each one of them to estimate the most optimistic package delivery time, the most pessimistic time and also the most likely time. This shows that next you plan to: A. Use a triangular probability distribution B. Conduct sensitivity analysis C. Structure a decision analysis as a decision tree D. Determine the strategy for risk response Ans: A Interviews often are used to help quantify the probability and consequence of risks on project objectives. The type of information collected during the interviews, depends on the type of probability distribution that is used. A triangular distribution is used if information is gathered on optimistic (low), pessimistic (high), and most likely scenarios.

August 6, 2013

48 Copyright © 2010 Infogain Corporation. All rights reserved.

48

Quantitative Risk Analysis Tools and Techniques  Quantitative Risk Analysis & Modeling Techniques :  Sensitivity Analysis  To determine which risks have the most potential impact on the project.  Measures the impact of one risk with all other variables at a level plane  The risk currently being analyzed is given variable values based upon the possible outcomes  This is a great method to ascertain the impact of a single risk, however the method does not yield a combine effect for risk analysis  Expected Monetary Value (EMV) analysis  Statistically calculates average outcome of the future when future includes scenarios which may or may not happen.  EMV of each scenario is calculated by multiplying probability of occurrence with value of outcome  Used for quantifying overall risk on the project

August 6, 2013

49 Copyright © 2010 Infogain Corporation. All rights reserved.

49

Quantitative Risk Analysis

Tools and Techniques 

Determine what are the chances that Project B is a success

0.6 0.5

0.5

Project A

0.4 0.7

Project B 0.3

Success Failure

Success Failure

Answer: 0.5*0.7 = 0.35 August 6, 2013

50 Copyright © 2010 Infogain Corporation. All rights reserved.

50

Question ? 

If a risk event has a 90% chance of occurring, and the consequences will be US $10,000, what does US $9,000 represent? a. Risk Value b. Present Value c. Expected Monetory Value d. Contingency Budget Ans: C Expected value is computed by multiplying the probability times impact. EV = 0.9 X $10,000 = $ 9,000

August 6, 2013

51 Copyright © 2010 Infogain Corporation. All rights reserved.

...

51

Quantitative Risk Analysis

Tools and Techniques 

Decision Tree Analysis  Primarily used to make decisions regarding individual risks when there is uncertainty  Takes into account future events in trying to make a decision today  Decision tree is a model of a real situation and could therefore have costs occurring • Use of a diagram that describes a decision under consideration and the implications of choosing one or another of the available alternatives • Incorporates probabilities of risks and the costs or rewards of each logical path of events and future decisions • Solving the decision tree indicates which decision yields the greatest expected value when all the uncertain implications, costs, rewards, and subsequent decisions are quantified August 6, 2013

52 Copyright © 2010 Infogain Corporation. All rights reserved.

52

Question ? 

What is the purpose of decision trees ? A. They demonstrate the path of events in a project B. They calculate the probability of an outcome C. They determine what events may take place D. They take into account future events for today's choices

Ans: D A decision tree allows you to make an informed decision today based on the probability and impact analysis. You can decide based on expected value of each of your options

August 6, 2013

53 Copyright © 2010 Infogain Corporation. All rights reserved.

....

53

Question ? 

What is the expected value of the decision displayed in figure below ?  $4  $ 100  $ 20  $ 200

Ans: A The expected value is probability times impact. In this case you multiply the probabilities together and then multiply the impact. Expected value = 0.20 X 0.10 X 0.20 X $1000 = $ 4

August 6, 2013

54 Copyright © 2010 Infogain Corporation. All rights reserved.

.

54

Quantitative Risk Analysis Tools and Techniques  Monte Carlo Analysis (Simulation) • Uses a model or copy of a system to analyze the behavior or performance of the system • Evaluates overall risk in the project • Provides the probability of completing the project on any specific day, or for any specific amount of cost • Provides the probability of any activity actually being on the critical path • Takes into account path convergence (places in the network diagram where may path converge into one activity) • Translates uncertainties into impacts to the total project • Can be used to assess cost and schedule impacts • Normally done with computer based Monte Carlo program because of the intricacies of the calculation • Results in a probability distribution

August 6, 2013

55 Copyright © 2010 Infogain Corporation. All rights reserved.

55

Question ? 

A Monte Carlo analysis is used to: A. get an indication of the risk involved in the project B. estimate a task's length C. simulate the order in which tasks occur D. prove to management that extra staff is needed

Ans: A Monte Carlo can be used to prove things to management (d) but its focus is time and not staff. It is a simulation but simulates time and not order of tasks. It can also help to know that an estimate for the task needs to change, but not what the task estimate should be. Risk can be assesses using Monte Carlo.

August 6, 2013

56 Copyright © 2010 Infogain Corporation. All rights reserved.

.

56

Quantitative Risk Analysis

Outputs 

Risk Register Updates • Prioritized list of quantified risks • Amount of contingency time and cost reserve needed • Probability of achieving time and cost objectives • Possible realistic and achievable completion dates • Trends in quantified risk analysis

August 6, 2013

57 Copyright © 2010 Infogain Corporation. All rights reserved.

57

Plan Risk Response August 6, 2013

58 Copyright © 2010 Infogain Corporation. All rights reserved. 58

Risk Response Planning     



Determines “What are we going to do about each top risk ?” Finding ways to make the threat smaller or eliminate Finding ways to make positive risks more likely or greater in impact Addresses risks based on their priorities The effectiveness of response planning shall directly map to the increase or decrease of the risk events The response must be appropriate to:  Severity of the risk, cost effective in meeting the challenge  Timely to be successful  Realistic within project context  Agreed upon by all  Owned by a responsible person

August 6, 2013

59 Copyright © 2010 Infogain Corporation. All rights reserved.

59

Risk Response Planning

Inputs  

Risk Management Plan Risk Register

August 6, 2013

60 Copyright © 2010 Infogain Corporation. All rights reserved.

60

Risk Response Planning

Tools and Techniques 



  

Various strategies are available for the developing the Risk response. Depending upon the risk, most effective strategy or mix of strategies are selected. Sometimes a primary and backup strategies are selected. If primary strategy turns out to be ineffective, Fallback plans can be executed Strategy must be timely Effort selected must be appropriate to the severity of the risk Expert Judgments are also used as Tools .

August 6, 2013

61 Copyright © 2010 Infogain Corporation. All rights reserved.

61

Risk Response Planning 

Strategies for Negative Risks or Threats:  Avoid  Eliminating the threat by eliminating the cause  Changing the project plan to eliminate the risk or to isolate the project objectives from its impact  Mitigate  To reduce the probability and / or consequences of an adverse risk event, to an acceptable threshold  Early action is more effective than repairing the damage later  Transfer  To shift the consequence of the risk to a third party together with ownership of the response. Purchasing of insurance, warranties, guarantees, outsourcing the work  Transferring is not eliminating  More effective in financial risk exposure

August 6, 2013

62 Copyright © 2010 Infogain Corporation. All rights reserved.

62

Risk Response Planning 

Strategies for Positive Risks or Opportunities:  Exploit (Reverse of Avoid) 



Enhance (Reverse of Mitigate) 



Exploitation is chosen where organization is looking for the opportunity realization (Adding more work) Modifies the size of the opportunity by increasing probability or impact, by strengthening the drivers/causes for the opportunity

Share 

Allocating the ownership of the opportunity to a third party who is best able to achieve the opportunity

August 6, 2013

63 Copyright © 2010 Infogain Corporation. All rights reserved.

63

Risk Response Planning Tools and Techniques • Strategy for both Threats or Opportunities:  Acceptance   





Adopted when risk response could not be identified. Passive acceptance – no action Active acceptance – to allocate contingency reserve (should handle known & unknown risks) Decision must to communicated to stakeholders

Contingent Response Strategy  

Designed for use only if certain events occur Executed under pre-defined conditions  Events that trigger contingency response should be defined and tracks

August 6, 2013

64 Copyright © 2010 Infogain Corporation. All rights reserved.

64

Risk Response Planning

Outputs •

Risk Register Updates. It should contain: •

• •

• •

Residual Risks: • Residual risks which are expected to remain even after planned response is being implemented or those which have been accepted • These should be documented and reviewed throughout the project Contingency Plans: • Describe specific actions that will be taken if risk occurs Risk Response Owner: • Risk owners and their responsibilities Secondary Risks: • These are generated as direct outcome of implementation of risk response Risk Triggers: • Events that trigger the contingency response

August 6, 2013

65 Copyright © 2010 Infogain Corporation. All rights reserved.

65

Risk Response Planning

Outputs •

Risk Register Updates. It should contain (contd.): • •

Fallback Plans: • Fallback plans for use if Primary response (contingency plans) is found ineffective Reserves: • Contingency Reserves: • Account for “known unknown”. Items that were identified in risk management • These cover the residual risk in project • These are calculated and made part of cost baseline • Management Reserves: • Account for “unknown unknown”. Items that were not/could not be identified in risk management • These are estimated and made part of project budget (not the baseline) • Management approval is required to use them

August 6, 2013

66 Copyright © 2010 Infogain Corporation. All rights reserved.

66

Risk Response Planning

Outputs •

Project Management Plan (updates) • Risk Management will result in changes to RMP and therefore to project Management Plan, it also result in taking Contract related decisions & other Project document updates

August 6, 2013

67 Copyright © 2010 Infogain Corporation. All rights reserved.

67

Question ?



Acceptance means to: a. Agree with project manager b. Eliminate a specific threat c. Accept the consequence d. Purchase Insurance



The tools and techniques for risk response planning include all of the following except: a. Interpretation b. Acceptance c. Mitigation d. Avoidance



The risk response plan should include some or all of the following except: a. A work breakdown structure b. Risk owners and assigned responsibilities c. Results from qualitative and quantitative risk analysis process d. Contingency plans and fallback plans

August 6, 2013

68 Copyright © 2010 Infogain Corporation. All rights reserved.

… . .

68

Monitor and Control Risk August 6, 2013

69 Copyright © 2010 Infogain Corporation. All rights reserved. 69

Monitor and Control Risk 

Process of:  Keeping track of the identified risks & those on the watch list  Identifying, analyzing & planning for new risks  Reanalyzing existing risks  Monitoring residual risks  Monitoring trigger conditions for contingency plans  Ensuring the execution of risk plans  Evaluating their effectiveness in reducing the risk  Verifying that project assumptions are still valid  Making sure that proper risk management policies and procedures are being followed

August 6, 2013

70 Copyright © 2010 Infogain Corporation. All rights reserved.

70

Monitor and Control Risk

Inputs   

Risk Management Plan Risk Register Work Performance Information 



Work performance information, including project deliverables status, corrective actions, and performance reports, are important inputs to Risk Monitoring and Control

Performance Reports 

Performance reports provide information on project work performance, such as an analysis that may influence the risk management processes

August 6, 2013

71 Copyright © 2010 Infogain Corporation. All rights reserved.

71

Monitor and Control Risk

Tools and Techniques 

Risk Reassessment: 



Risk Audits 





This should be regularly scheduled Examines and document the effectiveness of risk responses in dealing with identified risks and their root causes Results in identification of lessons learned

Variance and Trend Analysis 







Trends in the project’s execution should be reviewed using performance data Earned value analysis and other methods of project variance may be used for monitoring overall project performance Outcomes from these analyses may forecast potential deviation of the project at completion from cost and schedule targets. Deviation from the baseline plan may indicate the potential impact of threats or opportunities

August 6, 2013

72 Copyright © 2010 Infogain Corporation. All rights reserved.

72

Monitor and Control Risk

Tools and Techniques 

Technical Performance Measurement 



Reserve Analysis 



Compares technical accomplishments during project execution to the project management plan’s schedule of technical achievement Reserve analysis compares the amount of the contingency reserves remaining to the amount of risk remaining at any time in the project, in order to determine if the remaining reserve is adequate

Status Meetings 

Risk should be a major agenda item in team meetings

August 6, 2013

73 Copyright © 2010 Infogain Corporation. All rights reserved.

73

Monitor and Control Risk

Outputs 



  

Risk Register Updates  Contains outcome of the risk assessments and risk audits  Closing risks that are no longer applicable  Details of what happened when risks occurred  Lessons learned Change Requests  Implementing contingency plans or workarounds frequently results in a requirement to change the project management plan to respond to risks.  Requested changes are prepared and submitted to the Integrated Change Control process Project Management Plan updates Project Document updates Organizational Process Assets updates

August 6, 2013

74 Copyright © 2010 Infogain Corporation. All rights reserved.

74

Question ? 

Once a risk response is created, which of the following statements BEST describes the project manager's role regarding risks while the project work is being completed? A. Take actions when identified risks occur B. After a risk event, reassess risk rankings C. Implement planned workarounds D. Make sure that risk owners are identified to assigned tasks Ans: B There are many thins that the PM must be doing during this step. However the risk owners are the ones to take an action when an identified risk occurs (A), workarounds are not planned (C), and risk owners do not identify tasks (D)

August 6, 2013

75 Copyright © 2010 Infogain Corporation. All rights reserved.

..

75

Question ? 

In response to a risk, the project manager meets with the team and management to develop a strategy. After discussions, they decide that it would be best to purchase insurance. This is an example of:? A. B. C. D.

Identification Transference Acceptance Avoidance

Ans: B The situation has moved past risk identification and is asking which risk response strategy is appropriate.

August 6, 2013

76 Copyright © 2010 Infogain Corporation. All rights reserved.

76

Thank You August 6, 2013 August 6, 2013

77 Copyright Copyright © 2010 Infogain All rights reserved. © 2010 Corporation. Infogain Corporation. All rights reserved.

Project Risk Management

Accuracy, quality, reliability and integrity of data. ○. Risk Categorization: By sources of risk. Where is this risk coming from? (using the RBS) OR By area of the project or the work package that is affected (using the WBS) OR By project phase OR. Any other useful category. ○. Objective is to determine project areas most ...

887KB Sizes 0 Downloads 193 Views

Recommend Documents

project risk management handbook pdf
There was a problem previewing this document. Retrying... Download. Connect more apps... Try one of the apps below to open or edit this item. project risk ...

Read eBook Project Risk Management (Project ...
Book Synopsis. An essential book for the project and program manager offering simplified concepts and tools to access, rank- order, and manage high-risk ...

practice standard for project risk management pdf download ...
There was a problem previewing this document. Retrying... Download. Connect more apps... Try one of the apps below to open or edit this item. practice ...

E-book Read Practice Standard for Project Risk Management Full ...
Books detail. Title : E-book Read Practice Standard for Project q. Risk Management Full Kindle Book PDF Online. Books isbn : 193389038X q. Book synopsis.