Risk responses

From apppm
Revision as of 22:34, 14 February 2018 by S162284 (Talk | contribs)

Jump to: navigation, search

There is a difference in definition of risk and uncertainty, as uncertainty is the absence of information required to make a decision. In order to manage risk and uncertainty it is important to understand four elements of the risk management process of identifying, assess, respond and control of the risk events and their sources. After undergoing the steps of identifying and assess the risks at hand during the project, it is the process of developing a strategic response that enables the proper action for the uncertainty of the outcome, whether the risk poses a threat to the project that has to be mitigated or if it is an opportunity to exploit. This article will give an overview of the planning, strategies and tools for the risk response process, as the project benefits of addressing risks by their priority, inserting resources and activities into the budget, schedule and project management plan as needed [1].

Contents

Plan risk responses

In order to fully understand risk responses and strategies to deal with threats or turn chances into opportunities, it is vital to be familiar with the concept of risk management. Risk management is the overall response to an event that has an outcome, either positive and in favor of the project or negative thus posing threat to the project objectives such as scope, schedule, cost or quality . Risk has a source, and its origins can be traced to the uncertainty that is present on all projects . We can talk about risks as if the risk event happens, the uncertainty perishes. If the risk was a threat, it becomes an existing problem and if the risk was an opportunity it becomes a benefit. But in order to be able to respond appropriately to the risk at hand the risk source must be known and the probability of an event to happen.

identify risks

Identifying the risks is generally considered to be the first step in the process of the planning of the risk responses. It is obvious that no action can be taken on a risk that has not been identified. From a stakeholder’s point of view, the identification of risks can be done by stakeholders, contractors, consultants and other representatives of the project but should be explicitly be handled by all project management personnel and project team members, and should be documented as : • Statement of work (SOW) • Work breakdown structure (WBS) • Budget • Schedule • Acquisition plan • Execution plan The identification process of possible risks is iterative, that is it will repeat itself throughout the whole project lifetime. Few common techniques to gather possible risks could be : • Historical review: with experience and review of the past, similar organizations and projects risks can be expected and identified with e.g. checklists. • Current assessment: The current project is analyzed and possible risks are identified based on examination and e.g. assumptions analysis. • Creativity techniques: methods where the capability of the personnel to think of possible risks with methods like brainstorming of ideas and SWOT analysis.

Risk register

After the identification progress, it is vital to register the risks that have been identified. The risks are put into a document called the risk register. That is a vital baseline for the risk management process. It contains both identified risks and potential responses to that risks. The risk register is a part of the risk identification process and risks must be put forth in a detailed and described manner and will be used in the risk response planning .

Assessment

With the risk register taking shape, it is necessary to assess the risks that have been identified in order to evaluate their impact on the project. By assessing the risks it is possible to prioritize them based on their characteristics. Two form of assessments are used to analyze risks : • Qualitative risk assessment: is used to prioritize the risks identified by combining their probability of occurrence and impact on the project. Risk probability and impact can be assessed in interviews with experts or persons familiar with the risk. Common methods to use to apply on risks to categorize their possible threats is to use the Probability and impact matrix. With the probability and impact matrix it is possible to guide the project management to what extent the risk response and monitoring is appropriate. • Quantitative risk assessment: is used to numerically estimate the effect of the risk it has on the overall project goals. After prioritizing the risks with qualitative methods, the quantitative risk assessment is made. It can be desirable to make such a numerical estimation of the identified risk to quantify the risk effect of the project . This estimation can be a basis for decision making and response planning such as if the project is feasible to execute, for setting contingency and priorities for risk mitigations . Example of quantitative methods are; e.g. Sensitivity analysis, Expected Monetary Value analysis and Monte Carlo Simulations.

Risk respond strategies

With the risk register documenting all the possible risk that have been identified and assessed, it is appropriate to develop the action of responding to the risks. The management has then to decide, with the range of responses available, what level of risk is acceptable for the project . But whether the risk is a threat or an opportunity it must be considered strategically so that is does not become a problem or a missed benefit. The project manager should be responsible for developing the strategic development of the risk but include the stakeholders for agreement of the response.

Tools for risk responses

Limitations

Further reading

References

  1. Project Management Institute (2013) A Guide to the Project Management Body of Knowledge, Fifth Edition.
Personal tools
Namespaces

Variants
Actions
Navigation
Toolbox