Risk management strategy

Revision as of 01:19, 28 November 2014

“When trouble is sensed well in advance in can be easily remedied; if you wait for it to show itself any medicine will be too late because the disease will have become incurable. As the doctors say of a wasting disease, to start with it is easy to cure but difficult to diagnose; after time… it becomes easy to diagnose but difficult to cure.” (Machiavelli, 1514) ^[1]

When dealing with a project, uncertainties are to be expected, whether the project is influenced by external or internal factors. If an unexpected event turns out to be harmful to the project it is in general terms considered to be a risk. A risk can be defined as the product of the probability of the risk and the impact of the risk. Should a problem be very likely to happen, but have a little or no impact on the project there is little reason in prioritizing the mitigation of the problem. For a problem having a high impact, but very low probability the need to mitigate this problem is likewise not a priority. The impact of a risk is however more severe than the probability. For instance are smaller injuries, which happen often, easier to accept than heavier injuries, which happen more seldom. The probability of a problem should however not be neglected. A common way to illustrated this is by playing a small game:

In the construction business many factors must by in order for the project to move forward. Six people are given a dice and a problem. Whenever a person rolls a 1 a problem has occurred which delays the project. Thus the probability of a problem happening is 1/6. The probability of no problem happening is:

This means that only a third of the time, the project will progress.

A useful risk management strategy comprises of the following steps:

• Identify - Potential risks are identified.
• Analyze - Identified risks are rated, related to probability and impact.
• Assess - Analyzed risks are ranked and compared to each other to determine which risk to handle first.
• Process - Solutions are found to counter effect the risks.
• Monitor - During the project lifetime, identified risks are monitored and new, potential risks are identified.

This article will examine ways to do a successful risk management.

To help understanding the risk management processes a example has been made to illustrate each chapters subject.

Example

Definition of Risk

PMBOK defines a risk as: "An uncertain event or condition that, if it occurs has a positive or negative impact on one or more project objectives such as scope, schedule, cost and quality" ^[2].

Risk identification

During the risk identification, a project is scrutinized for potential risks. During the scrutinisation experience is a good asset when determining the potential risks, but other methods do however exists. Risk identification is the simplest of the risk management steps, since it only requires the project group to think of possible threads and opportunities. Risk identification is however the most important step and should be repeated iterativly during the project lifetime to ensure the safety of the project.

Identification methods

Instead of relying on experience and common sense, when determining the possible risks, taxonomy-facilitated brainstorming Cite error: Closing </ref> missing for <ref> tag