Your SlideShare is downloading. ×
 Project Risk Management (10)
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Saving this for later?

Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime - even offline.

Text the download link to your phone

Standard text messaging rates apply

Project Risk Management (10)

477
views

Published on

Published in: Engineering, Business, Technology

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
477
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
17
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Project Risk Management Sections of this presentation were adapted from A Guide to the Project Management Body of Knowledge 4th Edition, Project Management Institute Inc., © 2008 & A Guide to the Project Management Body of Knowledge 5th Edition, Project Management Institute Inc., © 2013 & Information Technology Project Management Jack T. Marchewka 2006 John Wiley & Sons,
  • 2. Definition Risk • An uncertain event or condition that, if it occurs, has a positive or negative effect on the project objectives. Risk Management • The systematic process of identifying, analyzing, and responding to project risk. It includes maximizing the probability and consequences of positive events and minimizing the probability and consequences of adverse events.
  • 3. Why to Manage Risk? Risk Planning • Requires a firm commitment to risk management from all project stakeholders • Ensures adequate resources to plan for and manage risk • Focuses on preparation Project problems can be reduced as much as 90% by using risk analysis Positives: • More info available during planning • Improved probability of success/optimum project Negatives: • Belief that all risks are accounted for • Project cut due to risk level
  • 4. Key Terms Risk Tolerance – The amount of acceptable risk Risk Adverse – Someone that does not want to take risks Risk Factors – Probability of occurrence – Range of possible outcomes (impact or amount at stake – Expected Timing of event – Anticipated frequency of risk events from that source
  • 5. How to Manage Risk? Use the six risk management processes 1. Plan Risk Management 2. Identify Risks 3. Perform Qualitative Risk Analysis 4. Perform Quantitative Risk Analysis 5. Plan Risk Responses 6. Monitor and Control Risks Plan Risk Management Identify Risks Perform Qualitative Risk Analysis Perform Quantitative Risk Analysis Plan Risk Responses Monitor and Control Risk s
  • 6. Plan Risk Management Project Scope Statement Cost Management Plan Schedule Management Plan Enterprise Environmental Factors Organizational Process Assets Risk Management Plan  Planning Meetings  Project AnalysisInputs Outputs Tools & Techniques Plan Risk Management Identify Risks Perform Qualitative Risk Analysis Perform Quantitative Risk Analysis Plan Risk Responses Monitor and Control Risk s
  • 7. What is a Risk Management Plan?  Methodology – Approach, tools, & data  Roles & Responsibilities  Budgeting – Resources to be put into risk management  Timing – When and how often  Risk Categories – Risk Breakdown Structure (RBS)  Definitions – Risk probabilities and impact  Probability and Impact Matrix  Stakeholder tolerances  Reporting formats  Tracking
  • 8. Risk Breakdown Structure Project Technical Limited Design Time Specifications Adherence Organizational Funding Prioritization Resource Availability Project Management Estimates Scheduling Communication Lists categories and subcategories where risks may arise
  • 9. Identify Risks Risk Management Plan Activity Cost Estimates Activity Duration Estimates Scope Baseline Stakeholder Register Cost Management Plan Schedule Management Plan Quality Management Plan Project Documents Enterprise Environmental Factors Organizational Process Assets Risk Register  Documentation Reviews  Information Gathering Techniques  Checklist Analysis  Assumption Analysis  Diagramming Techniques  SWOT Analysis  Expert Judgment Inputs Outputs Tools & Techniques Plan Risk Management Identify Risks Perform Qualitative Risk Analysis Perform Quantitative Risk Analysis Plan Risk Responses Monitor and Control Risk s
  • 10. Information Gathering Techniques Brainstorming Delphi technique • Successive anonymous questionnaires on project risks with responses summarized for further analysis Interviewing Root cause identification Strengths, weaknesses, opportunities, and threats (SWOT) analysis
  • 11. SWOT Analysis
  • 12. Diagramming Techniques-Cause and Effect Diagrams Professor Kaoru Ishikawa created Cause & Effect Analysis in the 1960s. The technique uses a diagram-based approach for thinking through all of the possible causes of a problem. This helps you to carry out a thorough analysis of the situation. There are four steps to using Cause and Effect Analysis:  Identify the problem in terms of threat and opportunity  Work out the major factors involved.  Identify possible causes for each factors.  Continue refining the diagram until satisfied that the diagram is complete. And analyze the diagram Also known as Ishikawa or fishbone
  • 13. Cause and Effect Diagrams-Example 1 Product Delivered Late Bad SpecsInsufficient Resources Inadequate Time Project Prioritization Testing Materials Potential Causes Effect Personnel
  • 14. http://www.mindtools.com Cause and Effect Diagrams-Example 2
  • 15. http://www.mindtools.com Cause and Effect Diagrams-Example 2 completed
  • 16. Risk Register List of  Identified risks: in as much detail as is possible.  Event (may occur) IMPACT  Event (if there is a CAUSE)EFFECT  Potential responses : should be used as inputs to the Plan Risk  Root causes of f these risks  Updated risk categories (if required) Potential risk responses should be recorded and used to support future risk identification for this and other projects. .
  • 17. Perform Qualitative Risk Analysis Risk Register Risk Management Plan Project Scope Statement Organizational Process Assets Risk Register Updates  Risk probability and impact statement  Probability and impact matrix  Risk data quality assessment  Risk categorization  Risk urgency assessment  Expert Judgment Inputs Outputs Tools & Techniques Plan Risk Management Identify Risks Perform Qualitative Risk Analysis Perform Quantitative Risk Analysis Plan Risk Responses Monitor and Control Risk s
  • 18. IT Project Risk Management Planning Process Risk Analysis • Risk = f(Probability * Impact) – What is the probability of a particular risk occurring? – What is the impact on the project if it does occur? Risk Assessment • Focuses on prioritizing risks so that an effective strategy can be formulated for those risks that require a response. – Depends on Stakeholder risk tolerances – You can’t respond to all risks!
  • 19. Risk Analysis and Assessment Tools Qualitative Approaches • Expected Value • Payoff Table • Decision Trees • Risk Impact Table Quantitative Approaches • Probability Distributions – Discrete • Binomial – Continuous • Normal • PERT • Triangular • Simulations
  • 20. Expected Value of a Payoff Table Schedule Risk A Probability B Payoff (in 000s) A + B Prob. * Payoff Project completed 20 days early 5% $300 $15 Project completed 10 days early 20% $100 $20 Project completed on schedule 50% $100 $50 Project completed 10 days late 20% $ -- $ -- Project completed 20 days late 5% $ (50) $ (3) 100% $83 Expected Value
  • 21. Tusler’s Risk Classification Scheme
  • 22. Binomial Probability Distribution
  • 23. Normal Distribution Shape is determined by its mean (µ) and standard deviation () Probability is associated with area under the curve. Since the distribution is symmetrical, the following probability rules of thumb apply  About 68 percent of all the values will fall between +1  of the mean  About 95 percent of all the values will fall between +2  of the mean  About 99 percent of all the values will fall between +3  of the mean
  • 24. Normal Distribution
  • 25. PERT distribution uses a three-point estimate where: • a denotes an optimistic estimate • b denotes a most likely estimate • c denotes a pessimistic estimate PERT Mean = (a + 4m + b) / 6 PERT Standard Deviation = (b - a) / 6 PERT Distribution
  • 26. PERT Distribution http://www.mm4xl.com/
  • 27. Triangular Distribution uses a three-point estimate similar to the PERT distribution where: • a denotes an optimistic estimate • b denotes a most likely estimate • c denotes a pessimistic estimate weighting for the mean and standard deviation are different from PERT • TRIANG Mean = (a + m + b) / 3 • TRIANG Standard Deviation = [((b-a)2 + (m-a)(m-b)) /18]1/2
  • 28. Triangular Distribution http://www.mm4xl.com/
  • 29. Simulations Monte Carlo • a technique that randomly generates specific values for a variable with a specific probability distribution. • goes through a specific number of iterations or trials and records the outcome. • @risk Sensitivity Analysis • Tornado Graph
  • 30. Risk Simulation Using @Risk™ for Microsoft Project
  • 31. Output from Monte Carlo Simulation
  • 32. Cumulative Probability Distribution
  • 33. Sensitivity Analysis Using a Tornado Graph Figure 8.14
  • 34. Risk Strategies Depends On: • The nature of the situation itself – Really a threat or an opportunity? • The impact of the risk on the project and objectives – What is the probability and impact of a risk • The project’s constraints in terms of scope, schedule, budget, and quality – Can a response be made with existing resources and/or constraints? • Risk Tolerances or preferences of the project stakeholders – How much risk is tolerable?
  • 35. Methodologies Probability and Impact Matrix • Based on Failure Modes and Effects Analysis (FMEA) • From 1950’s analysis of military systems
  • 36. Probability and Impact Matrix Define Probability Scale & Impact Scale Likelihood Class Likelihood of Occurrence (events/year) Not Likely (NL) <0.01% chance of occurrence Low (L) 0.01 - 0.1% chance of occurrence Moderate (M) 0.1 - 1% chance of occurrence High (H) 1 - 10% chance of occurrence Expected (E) >10% chance of occurrence Consequence Health and Safety Extreme Fatality or multiple fatalities expected High Severe injury or disability likely; or some potential for fatality Moderate Lost time or injury likely; or some potential for serious injuries; or small risk of fatality Low First aid required; or small risk of serious injury Limited No concern Probability ScaleImpact Scale
  • 37. Probability and Impact Plots  Rate each risk on scales then plot on matrix  Construct a mitigation technique for risks above tolerance http://www.lancsresilience.org.uk
  • 38. Risk Register Update Add • Probability and Impact Matrix results • Perform quality check on results • Categorize the risks to make them easier to handle • Perform urgency assessment to determine which risk need immediate attention
  • 39. Risk Register Report http://www.tdm-ltd.com
  • 40. Perform Quantitative Risk Analysis Risk Register Risk Management Plan Cost Management Plan Schedule Management Plan Organizational Process Assets Risk Register Updates  Data gathering and representation techniques  Quantitative risk analysis and modeling  Expert Judgment Inputs Outputs Tools & Techniques Plan Risk Management Identify Risks Perform Qualitative Risk Analysis Perform Quantitative Risk Analysis Plan Risk Responses Monitor and Control Risk s
  • 41. Quantitative Risk Analysis Analyze numerically the probability and consequence of each risk Monte Carlo analysis popular Decision Tree analysis on test • Diagram that describes a decision and probabilities associated with the choices Expected Monetary Value Analysis (EMV): with all other things equal, a project with higher EMV is more favorable than a project with lower EMV. EVM helps PMs to analyze potential outcomes based on uncertain conditions  Gives the average value of the decision if it were made repeatedly  Uses all the information concerning events and their likelihood
  • 42. Expected Monetary Value (EMV) Building Cost Probability Optimistic Outcome $150K 0.2 $30K Likely Outcome $230K 0.5 $115K Pessimistic Outcome $300K 0.3 $100K Expected Value $245K
  • 43. Decision Tree Analysis-Example Question Build or Upgrade new APP New APP -$100 Upgrade existing APP -$60 Strong Demand Weak Demand Strong Demand Weak Demand 70% $200 30% $90 70% $120 30% $60 ? ? ? ? Decision Definition Decision Node Chance Node Net Path Value EMV of New APP= ? EMV of Upgrade existing APP?
  • 44. Solution NPV: New App Strong Demand:-$100+ $200= $ 100 NPV: New App Weak Demand:-$100+ $90=- $ 10 NPV: Update App Strong Demand:-$60+ $120= $ 60 NPV: Update App Weak Demand:-$60+ $65= $ 5 Multiply NVP by proability of each scenario: $ 100*70% + (- $ 10)*30= $67 for EMV New APP $ 60*70% + ($ 5)*30= $43,5 for EMV Updating APP
  • 45. Plan Risk Responses Risk Management Plan Risk Register Risk Register Updates  Strategies for negative risks or threats  Strategies for positive risks or opportunities  Contingent response strategy  Expert Judgment Inputs Outputs Tools & Techniques Project Management Plan Updates Risk-related Contract Decisions Plan Risk Management Identify Risks Perform Qualitative Risk Analysis Perform Quantitative Risk Analysis Plan Risk Responses Monitor and Control Risk s
  • 46. Strategies Negative Risks (or Threats) • Avoid • Transfer • Mitigate • Acceptance Positive Risks (or Opportunities) • Exploit • Share • Enhance • Acceptance
  • 47. Monitor and Control Risks Risk Register Project Management Plan Work Performance Information Performance Reports Risk Register Updates Risk reassessment  Risk audits  Variance and trend analysis  Technical performance measurement  Reserve analysis  Status meetings Inputs OutputsTools & Techniques Organizational Process Assets Change Requests Project Management Plan Updates Project Document Updates Plan Risk Management Identify Risks Perform Qualitative Risk Analysis Perform Quantitative Risk Analysis Plan Risk Responses Monitor and Control Risk s