In this blog, I will share the idea of Risk Management with you. Before we go into what Risk Management is about, let’s look into what is considered a risk.
A risk is an uncertain event that could have a positive or negative effect on your project with a probability between 1% to 99% that the event could occur. There is no risk if there is a 0% chance of an event occurring. If there is a 100% chance of something going to happen, this would be an issue, not a risk.
Risks can be either Positive or Negative. Risks with positive consequences are called opportunities while risks with negative consequences are called threats.
Risk Management Life Cycle
Risk Management Life Cycle involves the following phases:
- Plan Risk Management
- Identify Risks
- Risk Analysis
- Plan Risk Responses
- Monitor & Close Risks
Plan Risk Management is to build a common understanding of the risk approach between stakeholders and to gain knowledge on the techniques to be used for managing risks. This includes but is not limited to tasks such as describing how the risk management processes are to be carried out, defining roles and responsibilities, assessing stakeholders’ attitudes, and frequency of risk reassessment. The result of plan risk management is documented in the risk management plan.
The purpose of Identify Risks is to document all the knowable risks and identify preliminary responses. Input is sought from a wide range of stakeholders when identifying risks since each stakeholder may have difference perspective on the risk. Generally, the inputs for risk identification comes from operational input such as project scope statement, WBS, task dependencies; and contextual risks such as stakeholder analysis, enterprise environmental factors and business case. By the end of this phase, a risk register is generated and the risk owner may be identified.
Risk analysis involves examining how project outcomes and objectives might change due to the impact of the risk event. Once the risks are identified in the risk register, they are analysed to identify the impact of the risk on the project so that appropriate steps can be taken to mitigate them. Qualitative risk analysis is used to prioritizes the list of identified risks by looking at their probability of occurrence and their impact. The output of this phase is to generate the ranking of risks for further analysis.
Plan Risk Responses will then develop the set of actions required to consider the risk and their characteristics and integrates them into corresponding plans and budgets. The risk responses planned are to lower the probability and impact of risk occurrence. A planned risk response must have the following characteristics:
- Appropriate to the significance of the risk
- Cost-effective in meeting the challenge
- Realistic within the project context
- Timely
- Agreed upon by all parties involved
- Owned by a responsible person (Risk owner)
The common strategies used in risk responses are Transfer, Mitigate and Avoid Threats. Exploit, Share and Enhance for Opportunities. Accept and Escalate are risk responses used for both Threat and Opportunity.
Monitor and Close Risks assures that risk responses are being applied, verified effectiveness and initiation of corrective actions when necessary. It involves iterative monitoring to identify residual and secondary risks, identify new risks and take quick corrective action when a risk materializes. The success factors in this phase are integrating risk monitoring and control with project monitoring and control, continuously monitoring risk trigger conditions, and maintaining risk awareness.
Summary
Risk management is becoming the most challenging aspect of managing projects. While we can never predict the future with certainty, we can apply a simple and streamlined risk management process to predict the uncertainties in the projects, thus minimising the occurrence or impact of these uncertainties. Furthermore, risk management aids in remembering and learning from past mistakes, improving the chance of successful project completion.
To find out more about risk management, contact us at https://www.netrust.net/contact-us/ now.
Follow us on LinkedIn for the latest happenings/updates.