Académique Documents
Professionnel Documents
Culture Documents
Management Week 8
21/03/2007
Uncertainty
Risk
Threat
Opportunity
Work scope
Quality of estimates
False Assumptions
Technological Novelty
User interface
Staff Productivity
Skill Levels
Management
(Sub)contractor
performance
Customers
Market Share
Competition
Inflation/exchange rates
Site conditions
Weather
Transportation logistics
Approvals/funding
Public relations
Extensive software
development
Uncertainty
What might happen
What is a risk?
An uncertain event or set of circumstances
that, should it occur, will have an effect on
achievement of project objectives
Risk Management
Problems that havent happened yet
Why is it hard?
Some are wary of bearing bad news
No one wants to be the messenger
Or seen as a worrier
Risk Management
Should be about more than identifying risks
Process should include formal planning activity
Analysis to estimate the likelihood and predict
the impact of identified risks
A handling strategy
The ability to monitor the process
Goal: avoid a crisis
Risk Mgmt. vs. Project Mgt.
For a specific vs. all projects
Proactive vs. reactive
Project Risk
Characterized by:
Uncertainty (0 < probability < 1)
An associated loss (money, life, reputation, etc)
Manageable some action can control it
Risk Exposure
Product of probability and potential loss
Problem
A risk that has materialized
Types of Risks
Schedule Risks
Schedule compression (customer, marketing, etc.)
Cost Risks
Unreasonable budgets
Requirements Risks
Incorrect
Incomplete
Unclear or inconsistent
Volatile
Types of Risks
Quality Risks
Operational Risks
Most of the Classic Mistakes
Feature Creep
Requirements gold plating
Inadequate design
Silver bullet syndrome
Weak personnel
Risk
Identification
Risk monitoring
and control
Qualitative risk
assessment
Risk response
and Planning
Quantitative risk
analysis
Methodology
Roles and Responsibilities
Timing
Thresholds
Reporting formats
Monitoring and reviews
Risk Identification
Aim to expose all knowable risks
Common risk id techniques
Risk Assessment
Qualitative assessment
Quantitative Assessment
Modelling uncertainty
Simulate combined effects
of results
Predicting outcomes
Range, min/max, expected
Testing scenarios
Setting confidence limits
Identifying criticalities
Determining options
Model in software
H
MED
L
VL
VL
L
IMPACT
MED
VH
TIME
COST
PERFORMANCE
VH
71-99%
>12 weeks
<1000k
Effect on overall
functionality
51-70%
7-12 weeks
500 1000k
MED
31-50%
3-6 weeks
250-500k
11-30%
1-2 weeks
100-250k
VL
1-10%
< 1 week
< 100k
Effect on 1 minor
parameter
Nil
No change
No change
No change in
performance
Quantitative techniques
Sensitivity analysis determines which risks have
the most overall risk on the project. Determines
extent to which uncertainty of one element
effects the objective when all other uncertain
elements are held at baseline values
Decision Tree analysis Diagram that describes a
decision under consideration and the implication
of choosing one or another of the alternatives
Simulation e.g. Monte Carlo simulation
Inform stakeholders
Determine the required level of
stakeholders in risk quantification and
planning
Inform stakeholders of the newly identified
risks and response plans
Involve stakeholders in risk quantification
and planning to the extent needed
Identify:
Best owner for response
Appropriate response
Effective management action
Implementation Considerations
Which group of managers have responsibility for risk
management decision making ?
Which group owns and maintains the risk management
process?
Which group or individual is responsible for risk
management training and assisting others in risk
management implementation?
Who identifies candidate risks?
How are risk analyses performed and approved?
How are risk handling plans developed and approved?
How are data for risk monitoring metrics collected?
How are independent risk reviews performed to ensure that
project risks are properly identified, analysed, handled and
monitored?
Risk reviews
Essential because risk changes
Risks happen (opportunities and threats)
Risks are resolved
Risks time-out
Risks get better or worse
New risks emerge
Reporting risk
Basis for management action
Key risk themes
Trends changes and predictions
Recommended actions
Improves communication
Develops common understanding team spirit
Distinguishes between luck and management
Builds risk awareness
Focuses attention
Facilitates risk taking
Demonstrates professionalism
Exposes personnel issues
Measuring effectiveness