Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Agile Risk Management
Agile Risk Management in Largest
Nordic bank
Executive Summary
- Complete digital
transformation program
- More than 680
e...
What is Agile Risk Management?
• How does Agile Risk Management reduce risk?
• How do you incorporate Agile Risk managemen...
Content
 Background
 How does Agile development reduce risk?
 Key points from Agile Risk management transformation
 Ke...
How does Agile reduces risk?
Traditional Risk Management  Agile
Risk management
Agile Risk Mangement
Transformation
Strategy
Process
Organisation
& People
Tools &
applications
 Agile Risk mgt is
proact...
Align Strategy Strategy
Process
Organisation
& People
Tools and
applications
9 •
 Align with Executive mgt
 Create backl...
Align Process Strategy
Process
Organisation
& People
Tools &
applications
10 •
 Find trigger to Agile risk
processes (PI,...
Align Organisation &
People
Risk train
Teams
2nd LoD
11 •
Strategy
Process
Organisation
& People
Tools &
applications
 Cr...
Align Tools &
applications
12 •
Strategy
Process
Organisation
& People
Tools &
applications
EA
Agile
Risk mgt
 Have a (in...
Agile SAFe
 http://www.scaledagileframework.com/#
Structure and backlog
How to build a backlog
Key learning points
 Agile Risk Mgt team should have a mandate and be proactive
 Follow the “Agile beat”
 Make a “Agile...
What is Agile Risk Management?
• How does Agile Risk Management reduce risk?
• How do you incorporate Agile Risk managemen...
Core process
Risks
• Project risk
• Strategic risk
• Compliance risk
• Legal risk
• Business risks
• Technical risk
Agile ...
How to set risk appetite in Agile
 Risk appetite is set by the
organization and should be
SMART
Risk Open
Risk Closed
How to identify risks in Agile?
Bottom up
Risk
identification
Daily Scrum
PI event
Risk
assessment
before
release
Product
...
How to identify risks in Agile?
Top Down
Risk
identification
Scenario
risk
assessment
Business
risk
assessment
Compliance
...
How to identify risks in Agile?
- Daily Scrum
Bottom up
Risk
identification
Daily Scrum
PI event
Risk
assessment
before
re...
How to identify risks in Agile?
- Product Owner meeting
Bottom up
Risk
identification
Daily Scrum
PI event
Risk
assessment...
How to identify risks in Agile?
- Pre-release risk assessment
Bottom up
Risk
identification
Daily Scrum
PI event
Risk
asse...
How to identify risks in Agile?
- Planning event
Bottom up
Risk
identification
Daily Scrum
PI event
Risk
assessment
before...
How to analyse risks Agile?
 Two risk logs
 General risk log (see example)
 Risk that can kill you (see example)
 Use ...
How to share analysis in Agile?
 Weekly report (see example)
 Monthly report (see example)
How to set mitigation actions in
Agile?
 Set mitigation strategy during the risk identification
 Set a deadline
 Set a ...
Example of dashboard
Roadmap
31
Highlighting the current PI commits, PI forecast and subsequent prioritised backlog
• One liner
Prioritised bac...
Logs
32
Main actions, risks and dependencies in release train
Action Action and impact description Status Raised date Due ...
Agile risk management in regulated industry
Agile risk management in regulated industry
You’ve finished this document.
Download and read it offline.
Upcoming SlideShare
What to Upload to SlideShare
Next
Upcoming SlideShare
What to Upload to SlideShare
Next
Download to read offline and view in fullscreen.

Share

Agile risk management in regulated industry

Download to read offline

This presentation look into how to implement Agile risk management in a highly regulated industry. The presentation focus not only on project risk, but also compliance, legal and reputational risks.

Related Books

Free with a 30 day trial from Scribd

See all

Related Audiobooks

Free with a 30 day trial from Scribd

See all
  • Be the first to like this

Agile risk management in regulated industry

  1. 1. Agile Risk Management
  2. 2. Agile Risk Management in Largest Nordic bank Executive Summary - Complete digital transformation program - More than 680 employees working on project - 100 M EUR + project Challenge How do you implement Agile Management and still manage risk in a highly regulated industry? Solution - Implementation of risk log - Implementation of Agile risk management process -Implementation of pre release check points Result -Clear overview and prioritization of risks - All releases are compliance tested before release
  3. 3. What is Agile Risk Management? • How does Agile Risk Management reduce risk? • How do you incorporate Agile Risk management into a highly regulated industry? • What tools can you use on a day to day basis to manage your risk?
  4. 4. Content  Background  How does Agile development reduce risk?  Key points from Agile Risk management transformation  Key learning points
  5. 5. How does Agile reduces risk?
  6. 6. Traditional Risk Management  Agile Risk management
  7. 7. Agile Risk Mangement Transformation Strategy Process Organisation & People Tools & applications  Agile Risk mgt is proactive, not reactive
  8. 8. Align Strategy Strategy Process Organisation & People Tools and applications 9 •  Align with Executive mgt  Create backlog  Use KANBAN to prioritize
  9. 9. Align Process Strategy Process Organisation & People Tools & applications 10 •  Find trigger to Agile risk processes (PI, Release etc) “follow the agile beat”
  10. 10. Align Organisation & People Risk train Teams 2nd LoD 11 • Strategy Process Organisation & People Tools & applications  Create a Risk Train to align methodology  Define who is risk owner  Align metric & reporting
  11. 11. Align Tools & applications 12 • Strategy Process Organisation & People Tools & applications EA Agile Risk mgt  Have a (integrated) risk tool
  12. 12. Agile SAFe  http://www.scaledagileframework.com/#
  13. 13. Structure and backlog
  14. 14. How to build a backlog
  15. 15. Key learning points  Agile Risk Mgt team should have a mandate and be proactive  Follow the “Agile beat”  Make a “Agile Risk mgt Train”  Find the Agile trigger for risk process  Have a backlog  Use a public KANBAN board  Work in the same Agile tool  Define clear ownership of risks and mitigation actions
  16. 16. What is Agile Risk Management? • How does Agile Risk Management reduce risk? • How do you incorporate Agile Risk management into a highly regulated industry? • What tools can you use on a day to day basis to manage your risk?
  17. 17. Core process Risks • Project risk • Strategic risk • Compliance risk • Legal risk • Business risks • Technical risk Agile risk management • Set Risk appetite • Identify risks • Analyse and report risks • Find mitigation actions Mitigated risks • Mitigated • Accepted • Closed
  18. 18. How to set risk appetite in Agile  Risk appetite is set by the organization and should be SMART Risk Open Risk Closed
  19. 19. How to identify risks in Agile? Bottom up Risk identification Daily Scrum PI event Risk assessment before release Product Owner meetings
  20. 20. How to identify risks in Agile? Top Down Risk identification Scenario risk assessment Business risk assessment Compliance risk assessment
  21. 21. How to identify risks in Agile? - Daily Scrum Bottom up Risk identification Daily Scrum PI event Risk assessment before release Product Owner meetings  Agile name of meeting: “Daily stand up meeting”  Duration: 0,5 - 1 hour  Participants:  Scrum master  Developers  Sometimes architect, business and PO  Scope is to identify:  Impediments (something that is slowing you down)  Dependencies (Something that you are dependent on to move forward)  Blockers (Roadblocks that makes it impossible for you to to move on)  Risks (Things that you believe that impact the project negatively in future) Identify • Make MOM • Confirm with RTE and SM Analyse & Report • Introduce in Risklog and Jira • Evaluate risk picture Mitigate • Close follow up with risk owner • Follow up in Jira Risk management process
  22. 22. How to identify risks in Agile? - Product Owner meeting Bottom up Risk identification Daily Scrum PI event Risk assessment before release Product Owner meetings  Agile name of meeting: “PO meeting”  Duration: 1 hour  Participants:  Product owners  Sometimes architect and business  Scope is to identify:  Understand specifications  Align features with business Identify • Make MOM • Confirm with Product mgt and PO Analyse & Report • Check if feature is in conflict with compliance • Evaluate risk picture Mitigate • Escalade to compliance (2nd LoD) if needed Risk management process
  23. 23. How to identify risks in Agile? - Pre-release risk assessment Bottom up Risk identification Daily Scrum PI event Risk assessment before release Product Owner meetings  Agile name of meeting: NA  Duration: 1- 2 hours (at least 3 weeks before release)  Participants:  2nd LoD (Business, compliance, legal, risk)  1st LoD  RTE (Should be able to invite)  Product manager  Product owners  Sometimes architect  Scope is to identify:  Get a risk overview where all aspects are evaluated.  All potential risks related to the release Identify • Introduce main new features • Structure session according to technical, legal and business risk to identify risk Analyse & Report • Look for critical risks and evaluate the impact. • Share with all who attended and mgt. Mitigate • Ensure mitigation or risk acceptance of critical risks before release Risk management process
  24. 24. How to identify risks in Agile? - Planning event Bottom up Risk identification Daily Scrum PI event Risk assessment before release Product Owner meetings  Agile name of meeting: “PI”  Duration: 1-3 days  Participants:  All teams at all level  Scope:  Align planning between teams  Identify Dependencies  Identify Risks  Vote of confidence Identify • Risk boards • Walk the boards with mgt. • Be proactive and have questions ready Analyse & Report • Collect ALL risks • Use categorization to get an overview Mitigate • Issues and Risk should mainly be solved in the PI • Make conclusions if possible. Risk management process
  25. 25. How to analyse risks Agile?  Two risk logs  General risk log (see example)  Risk that can kill you (see example)  Use 4 categories to evaluate risks  Financial impact  Reputational impact  Process impact  Legal impact  Use algorithm to see what the SUM of less critical risks
  26. 26. How to share analysis in Agile?  Weekly report (see example)  Monthly report (see example)
  27. 27. How to set mitigation actions in Agile?  Set mitigation strategy during the risk identification  Set a deadline  Set a owner (only one)  Make integrated alerts  Consider risk mitigation tool
  28. 28. Example of dashboard
  29. 29. Roadmap 31 Highlighting the current PI commits, PI forecast and subsequent prioritised backlog • One liner Prioritised backlogPI n • One liner Committed Forecast PI n+1 • One liner • One liner ------- Stretch objectives ------- • One liner PI n+2 • One liner Release Milestone Stopper Release example Milestone example Stopper example
  30. 30. Logs 32 Main actions, risks and dependencies in release train Action Action and impact description Status Raised date Due date Owner Impacting Supplier Supplier delivery Required date Status Owner sadfadsf Risk/Issue Risk/Issue description and mitigating action Criticality Update date Owner sadfadsf

This presentation look into how to implement Agile risk management in a highly regulated industry. The presentation focus not only on project risk, but also compliance, legal and reputational risks.

Views

Total views

480

On Slideshare

0

From embeds

0

Number of embeds

0

Actions

Downloads

7

Shares

0

Comments

0

Likes

0

×