Chapter 11 - Risk Management

Ace your homework & exams now with Quizwiz!

by comparing the amount of the contingency reserves remaining to the amount of risk remaining to ensure the reserve is adequate

reserve analyses

Updates should include a list of identified risks, potential risk owners, and list of potential risk responses Each risk may include details such as risk titles, categories, status, causes, objective effects, triggers (events or conditions), WBS reference, and timing information

risk Register

Eliminate the threat by eliminating the cause

Avoid:

Increase the probability of the positive opportunities

Enhance:

Determine to whom to communicate the opportunity and relevant details

Escalate:

Determine to whom to communicate the threat and relevant details

Escalate:

Strategies for Threats

Escalate: Avoid: Transfer: Mitigate: Accept:

1. Project Management Plan (many) 2. Project Documents (many) 3. Agreements 4. Procurement Documentation 5. Enterprise Environmental Factors 6. Organizational Process Assets

Identify Risks -i

Risk management planning Identification of risk Analysis (qualitative and quantitative) Risk Response planning Implement Risk Responses Monitoring risks Goals of Risk Management: Exploit or enhance positive risks (opportunities) Avoid or mitigate negative risks (threats)

Key Concepts

An uncertain event or condition that, if it occurs, has a positive or negative effect on one or more project objectives Project objectives can include scope, schedule, cost and quality

Individual Project Risk

Represents a project or situation within the project as a set of entities, outcomes, and influences Example: S-curves and tornado diagrams

Influence Diagrams

A coordinated approach to enterprise-wide risk management ensures alignment and coherence in the way risk is managed across all levels

Integrated risk management:

Effect of uncertainty on the project as a whole, arising from all sources of uncertainty including individual risks, representing the exposure of stakeholders to the implications of variations in project outcome, both positive and negative

Overall Project Risk:

Reduce the probability or consequence of an adverse risk

Mitigate:

The process of implementing risk response plans, tracking identified risks, monitoring residual risks, identifying new risks, and evaluating risk process effectiveness throughout the project. This process can involve choosing alternative strategies, executing contingency plans, taking corrective action and modifying the project management plan Risk response owners report periodically to the project manager on the plan Updating organizational assets, including lessons learned

Monitor Risks

1. Project Management Plan 2. Risk Management Plan 3. Project Documents Issue Log Lessons Learned Register Risk Register Risk Report 4. Work Performance Data 5. Work Performance Reports

Monitor Risks - i

1. Work Performance Information 2. Change Requests 3. Project Management Plan Updates (Many) 4. Project Document Updates Assumption Log Issue Log Lessons Learned Register Risk Register Risk Report 5. Organizational Process Assets Updates

Monitor Risks - o

1. Data Analysis Technical Performance Analysis Reserve Analysis 2. Audits 3. Meetings

Monitor Risks - t

Organizational risk policy Roles and responsibilities Includes risk categories and risk statement formats Templates: Risk management plan Risk Register Risk Report Lessons Learned

Organizational Process Assets

Hierarchical representation of potential sources of risk Helps the project team consider the full range of sources from which individual risks may arise

Risk Breakdown Structure (RBS)*

Risks can be categorized by sources of risk, area of the project affected, or other useful categories specific to the project Used to determine the areas of the project most exposed to the effect of uncertainty

Risk Categorization

Technique to evaluate the degree to which the data about risks is accurate and reliable

Risk Data Quality Assessment

Helps to determine which individual project or other sources of uncertainty risks have the most impact on project outcomes by reviewing how variation in project objectives effect variation in different uncertainties Example: Tornado diagram

Sensitivity analysis

Allocating some or all of the ownership of the opportunity to a third party who is best able to capture the opportunity for the benefit of the project

Share:

Comparison of characteristics and requirements of alternative risk response options

Alternative Analysis:

Being willing to take advantage of it if it comes along, but not actively pursuing it

Accept:

Do nothing

Accept:

High-variability environments incur more uncertainty and risk. To address this, use adaptive approaches including frequent reviews of incremental work products and cross-functional teams to accelerate knowledge Requirements are living documents that are updated regularly and may necessitate the re-prioritizing of work as the project progresses based on an improved understanding of current risk exposure

Agile/adaptive environments

May consider urgency, proximity, dormancy, manageability, controllability, detectability, connectivity, detectability, connectivity, strategic impact, or propinquity (degree to which a risk is perceived)

Assessment of other Risk Parameters

Examine and document the effectiveness of risk responses in dealing with identified risks and their root causes, as well as the effectiveness of the risk management process The project manager is responsible for ensuring that risk audits are done at appropriate intervals

Audits

Responses designed only if certain events occur, often called contingency plans or fallback plans These events should be defined and tracked

Contingent Response Strategies

Quantify impacts and responses in monetary terms and utilize the ratios to determine effective responses

Cost-Benefit Analysis:

Interviews and other information gathering techniques

Data Gathering

Support selection of the best of several alternative courses of action

Decision Tree Analysis

Used to make decisions regarding individual risk where there is uncertainty Used to gather alternatives in risk response planning Help make informed decisions by accounting for risk, probability, and impact Takes into account future events in trying to make a decision today Can be used to calculate the expected monetary value Involves mutual exclusivity

Decision Tree Analysis

Uncertainty or ambiguity in project documents, as well as inconsistencies within a document or between different documents, may be indicators of risk on the project

Document analysis:

Eliminates the uncertainty of a positive risk not occurring

Exploit:

Used when risk have more than two parameters

Hierarchical Charts

The process of identifying individual project risks as well as sources of overall project risk, and documenting their characteristics. To ensure a complete and accurate risk register to increase the probability/impact of positive events and decrease the probability/impact of negative events leading to overall project success. is an iterative process as risks may evolve or become known as the project progresses All project personnel should be encouraged to identify risks, with key identifiers being project manager, project team, and other stakeholders

Identify Risks

1. Risk Register 2. Risk Report 3. Project document updates Assumption Log Issue Log Lessons learned Register

Identify Risks - o

1. Expert Judgment 2. Data Gathering Brainstorming Checklists Interviews 3. Data Analysis Root cause analysis Assumption and constraint analysis SWOT analysis Document analysis 4. Interpersonal and Team Skills Facilitation 5. Prompt Lists 6. Meetings

Identify Risks - tool

Implementing the agreed-upon risk response plans to the identified threats and opportunities to the project. Addresses risk exposures by mitigating threats and maximizing opportunities, After identifying and analyzing various risks, potentially applicable risk responses are developed, action is taken

Implement Risk Responses

1. Project Management Plan Risk Management Plan 2. Project Documents Lessons Learned Register Risk Register Risk Report 3. Organizational Process Assets

Implement Risk Responses - i

1. Change Requests 2. Project Document Updates Issue Log Lessons Learned Register Project Team Assignments Risk Register Risk Report

Implement Risk Responses - o

1. Expert Judgment Interpersonal and Team Skills Influencing 2. Project Management Information System

Implement Risk Responses - t

Includes but is not limited to facilitation as a skilled facilitator can help participants remain focused on the risk identification task, ensure clear risk descriptions, identify and overcome sources of bias, and resolve any disagreements that may arise

Interpersonal and Team Skills

The process of prioritizing individual project risks for further analysis or action by assessing their probability of occurrence and impact as well as other characteristics. The process should be revisited during the project's life style In an agile development environment it is conducted before the start of each iteration This process is a lead in for performing quantitative analysis or planning risk responses Identifies a risk owner for each risk who will assume the risk responsibility

Perform Qualitative Risk Analysis

1. Project Management Plan Risk Management Plan 2. Project Documents Assumption Log Risk Register Stakeholder Register 3. Enterprise environmental factors 4. Organizational Process Assets

Perform Qualitative Risk Analysis - i

1. Project Documents Updates Assumption Log Issue Log Risk Register Risk Report

Perform Qualitative Risk Analysis - o

1. Expert Judgment 2. Data Gathering Interviews 3. Data Analysis Risk Data Quality Assessment Risk Probability and Impact Assessment Assessment of other risk parameters 4. Interpersonal and team skills Facilitation 5. Risk Categorization 6. Data Representation Probability and Impact Matrix Hierarchical charts 7. Meetings

Perform Qualitative Risk Analysis - t

The process of numerically analyzing the combined effect of identified individual project risks and other sources of uncertainty on overall project objectives Used to analyze the effects of risk events Quantifies overall project risk exposure and can provide additional quantitative risk information to support risk response planning Usually used for large and complex projects as it usually requires specialized risk software such as risk models Performed on risk(s) that have been prioritized by qualitative risk analysis

Perform Quantitative Risk Analysis

1. Project Management Plan Risk Management Plan Scope Baseline Schedule Baseline Cost Baseline 2. Project Documents (many) 3. Enterprise Environmental Factors 4. Organizational Process Assets

Perform Quantitative Risk Analysis -i

1. Project Documents Updates Risk Report

Perform Quantitative Risk Analysis -o

1. Expert Judgment 2. Data Gathering Interviews 3. Interpersonal and team skills Facilitation 4. Representations of uncertainty 5. Data Analysis Simulations Sensitivity Analysis Decision Tree Analysis Influence Diagrams

Perform Quantitative Risk Analysis -t

The process of defining how to conduct risk management activities for a project. Planning is important to ensure sufficient resources and time are allocated to addressing risks throughout the project. This process should begin as the project is conceived and should be completed early during project planning May be necessary to revisit this process later in the project life cycle, for example: At a major phase change If the project scope changes significantly Subsequent review of risk management effectiveness determines that the Project Risk Management process requires modification

Plan Risk Management

What is the risk management process?

Plan Risk Management Identify Risks Perform Qualitative Risk Analysis Perform Quantitative Risk Analysis Plan Risk Responses Implement Risk Response Monitor Risk

1. Project Charter 2.Project Management Plan (All) 3. Project Documents 4.Stakeholder Register 5. Enterprise Environmental Factors 6. Organizational Process Assets

Plan Risk Management - INPUTS

Risk Management Plan

Plan Risk Management - output

1. Expert Judgment 2. Data analysis Stakeholder Analysis 3. Meetings

Plan Risk Management - tools

The process of developing options, selecting strategies, and agreeing on actions to address overall project risk exposure, as well as to treat individual project risks. Improves projects performance by minimizing threats, maximizing individual opportunities, and reducing overall project risk exposure. Addresses the risks by their priority, inserting resources and activities into the budget, schedule and project management plan as needed Risk responses must be appropriate to the significance of the risk Risk responses must be timely May utilize the contingency reserve established for the project

Plan Risk Responses

1. Project Management Plan Resource Management Plan Risk Management Plan Cost Baseline 2, Project Documents Lessons Learned Register Project Schedule Project Team Assignments Resource Calendars Risk Register Risk Report Stakeholder Register 3. Enterprise Environmental Factors 4. Organizational Process Assets

Plan Risk Responses - i

1. Change Requests 2. Project Management Plan Updates (Many) 3. Project Documents Updates (Many)

Plan Risk Responses - o

1. Expert Judgment 2. Data Gathering Interviews 3. Interpersonal and Team Skills Facilitation 4. Strategies for Threats 5. Strategies for Opportunities 6. Contingent Response Strategies 7. Strategies for Overall Project Risk 8. Data Analysis Alternatives Analysis Cost-benefit Analysis 9. Decision Making Multicriteria Decision Analysis

Plan Risk Responses - t

A grid for mapping the probability of each risk occurrence and its impact on project objectives if that risk occurs Used to sort risks that require a response Consistent evaluation of low, medium, and high risks Use of a standard matrix makes the risk rating process repeatable between projects

Probability and Impact Matrix*

Specifies combinations of probability and impact that allow individual project risks to be divided into priority groups

Probability and impact matrix :

Processes of conducting risk management planning, identification, analysis, response planning, response implementation, and monitoring risk on a project

Project Risk Management

Emergent risks, unknowable-unknowns, can be tackled through resilience Budget Flexible project processes Empowered project teams Frequent review of early warning signs Clear input from stakeholders to clarify areas where project scope or strategy can be adjusted

Project resilience:

Predetermined list of risk categories that might give rise to individual project risks and that could also act as sources of overall project risk

Prompt Lists

Uncertainty can be scaled through models such as triangular, normal, lognormal, beta, uniform, or discrete distributions Individual project risks may be included in models as probabilistic branches where optional activities are added to the model to represent the time and/or cost impact

Representations of Uncertainty

A subsidiary plan that is part of the Project Management Plan Describes how risk management will be structured and performed on the project This document is key to risk management and includes: Risk strategy Methodology Roles and responsibilities Funding Timing Risk categories: Risk breakdown structure Probability and impact matrix Revised stakeholders' tolerances Reporting formats and tracking

Risk Management Plan

Considers likelihood that a specific risk (threat or opportunity) will occur and its potential effect on the project objectives such as schedule, cost, quality, or performance

Risk Probability and Impact Assessment

Identified risks (threats and opportunities) Root causes of risks Lists of potential responses Risk owners Symptoms and warning signs The relative rating or priority list of project risks Risks requiring responses in the near term Risks for additional analysis and response Trends in qualitative analysis results A watch list, which is a list of low priority risks

Risk Register Details

Overall project risk inclusive of individual project risks

Risk Report:

used to discover underlying causes that lead to a problem Assumption and constraint analysis: explores the validity of assumptions and constraints to determine which pose a risk to the project

Root cause analysis:

Examines strengths, weaknesses, opportunities, and threats perspectives to increase the breadth of identified risk by including internally generated risks Examines the degree to which organizational strengths offset threats, as well as identifying opportunities that may serve to overcome weaknesses

SWOT analysis

Models translate the specified detailed uncertainties of the project into their potential impact on its objectives by computing the model using random values multiple times Example: Monte Carlo analysis

Simulation

Project size Project complexity Project importance Development—Sequential or iterative?

Tailoring considerations

compares technical accomplishments during project execution to the project managements plan's schedule of technical achievement Compare the planned results to the actual results of variance analysis

Technical performance analysis

Make another party responsible for the risk (e.g., Insurance, warranties, outsourcing)

Transfer:

Non-event risks: Most projects focus only on specific events but non-event risks may include: Variability Risk: Uncertainty exists about some key characteristics of a planned event, activity or decision. Ex. productivity at or below targeted levels, or unseasonal weather may occur during construction Can be addressed by using Monte Carlo analysis Ambiguity risk: Uncertainty about what may happen in the future Managed by defining areas where there is a deficit of knowledge or understanding and obtaining expert external input or benchmarking against best practices May also be addressed through incremental development, prototyping, or simulation

Trends/Emerging Practices

Assessment of overall project risk exposure Detailed probabilistic analysis of the project Prioritized list of quantified risks Trends in quantified risk analysis results Recommended risk responses

Updates are made to the risk report to reflect the results of the quantitative risk analysis process and can include:

Prioritized risks with Probability and Impact Ratings Risks grouped by categories List of risks requiring additional analysis/response Nominated risk owners Risk urgency information or categorization Watch-list, non-critical or non-top risks

Updates to the risk register should include:


Related study sets

Chapter 17 APUSH Multiple Choice

View Set

Chapter 4 (Slavery, Freedom, and the Struggle for Empire, to 1763)

View Set

Post test: Developing an Academic and Career Path

View Set

Intro to Coding - Internal Data Representation

View Set

Chapter 2 - Choices in a World of Scarcity (05)

View Set

Chapter 44- Shareholder Rights In Corporations

View Set

Medical Terminology Systems, Chapter 2, Suffixes - Addendum

View Set

Module 5 - Communicating Effectively in the Workplace

View Set