SlideShare a Scribd company logo

Risk Analysis and Management for Systems Projects

Download as PPTX, PDF
Michael Heron
Michael Heron

This document discusses risk analysis and management for systems projects. It defines risks as things that can negatively impact cost, time or effort. The key steps are: 1) Identifying risks through categories like human, technical etc. 2) Assigning probabilities and costs to risks. 3) Prioritizing risks through a risk register and triage. 4) Creating a decision tree to evaluate options. 5) Developing strategies like avoid, transfer or mitigate risks. Effective communication is also important.

SoftwareBusinessEconomy & Finance
1 of 22
+ Risk Analysis Systems Analysis and Design Michael Heron
+ Introduction  Good project management requires several things, as discussed.  Effective analysis of problems  Effective subdivision of tasks  Effective motivation and leadership.  However, managing the project is more than just hoping everything goes right.  It requires a full appreciation of the risks that might impact on a project as time goes by.  The way in which this risk management will be performed will vary from method to method.
+ Risks  A large part of controlling is risk management.  And this is done through risk analysis.  A risk in the context of a project is ‘something that can potentially negatively impact the cost, timeframe or effort to develop a software project’  They won’t definitely happen – that’s why it’s a risk and not a constraint.  We need to estimate the possibility of the risk occuring and then calculate our options in dealing with it.  The weighting of a risk is probability multiplied by the cost of the event.
+ Risks This is a terrible way to travel. I go to meetings my boss doesn’t want to attend. I take notes. I’ll get back to you. Wherever I’m going, I’ll be there to apply the formula. I’ll keep the secret intact. It’s simple arithmetic. It’s a story problem. If a new car built by my company leaves Chicago travelling west at 60 miles per hour, and the rear differential locks up, and the car crashes and burns with everyone trapped inside, does my company issue a recall? You take the population of vehicles in the field (A), and multiply it by the probability rate of failure (B), then multiply the result by the average cost of an out-of-court settlement (C). A times B times C equals X. This is what it will cost if we don’t initiate a recall. If X is greater than the cost of a recall, we recall the cars and no-one gets hurt. If X is less than the cost of a recall, then we don’t recall. Fight Club, Chuck Palahniuk
+ Risk Management  Risk management is a core process that must be performed.  And it must be performed early. Risks are never cheaper to deal with than before they are encountered.  Everyone must be aware of possible risks.  Not to worry them, but to ensure they are prepared to work around them if they occur.  Everyone must be aware of how risks are to be managed and who is responsible for managing them.  Ownership is easiest to apply before a risk is encountered.  Risks must be triaged – you need to deal with the most important ones first. Risks that will end a project must be dealt with before those that will derail a schedule.
+ Risk Analysis  Before we can analyse a risk, we must identify it. They come in a variety of flavours:  Human  Staff turnover, staff illness, death, bus factor  Operational  Changes in management, changes in logistics, access to resources  Reputation  Bad products relating to future market problems, lack of future opportunities  Procedural  Employee fraud, employee theft  Project  Over runs, requirements change, scope underestimation
+ Risk Analysis  Other risks:  Financial  Business failures, stock market reverberations, unemployment, product competition  Technical  Technical obsolescence, hardware unavailability  Natural  Acts of god  Political  Change in laws, change in political context  Misc  Everything else
+ Risk Analysis  It’s very easy to overlook threats.  So we need a systematic approach that minimises the chances that we will miss them.  We go over each task in a system, and assess it against the risk categories outlined above.  Making a note of anything in those categories that can potentially impact upon us.  In many cases, risks won’t actually exist, but different categories will apply to different risks in often surprising ways.
+ Risk Weighting  When you have analysed the total number of possible risks, you need to assign a weighting to these.  How likely you think they’re going to be.  You then need to identify a cost.  How expensive they will be in terms of time or money or other measures.  This information will then help you identify the chances and costs of a particular option.  What does it cost if everything goes right?  What does it cost if everything goes wrong?  What does it cost in the ‘most likely’ scenario?
+ Risk Register  Recording risks is traditionally done in a formal document such as a risk register.  This is the central repository for all risks identified by the project team.  It contains several key pieces of information:  Probability  Impact  Counter Measures  Risk Owner  Risk Score (impact * probability)  Outline of mitigation.
+ Types of Risk Assessment  Risks can generally be categorised in two systems.  Qualitative where descriptive terms are used to describe impact and probability.  Quantitative where the specific costs are outlined in real terms of financial cost and statistical probability.  Qualitative allows for risks to be quickly categorized and compared for triage.  The subtle relationship between traits may make that difficult for the quantitative representation.  Quantitative ensures risks are fully understood.  You must understand them in order to generate the data.
+ Risk Triage  You most likely won’t have a chance to deal with every possible risk.  There will just be too many.  All of them are going to be a problem if they occur. For some risks, the consequences and likely way to deal with them may be easier to appreciate when they occur.  Risk triage is the process by which you look at the full range of possible risks and decide which ones you will deal with proactively.  Before they occur, to mitigate their impact.
+ Risk Triage  First of all, we need to look at the risk score (impact * probability)  Higher risk score means that you are going to want to mitigate these as much as possible.  Lower risk score means you might want to leave it out of triage.  There are edge cases.  A low probability event with a show stopping impact probably needs to be mitigated regardless of the probability.  A high probability event with a low impact maybe doesn’t need a lot of thought put into it.  Do you want to spend two days mitigating a £100 risk?
+ Decision Trees  This information feeds into your decision tree, which is a way of representing the cost and benefits of various paths through a project you might take.  Consider the unseen university feasibility example.  For this, you need the tasks you identified (early on as part of the requirements gathering).  You need the data regarding risks and costs.  You need the plain ol’ vanilla costings given to you by the client (or generated via your own research).  And you make a tree of it.
+ Decision Trees • It’s drawn from left to right. • On the left hand side we mark out a decision we have to make, in this case ‘develop a system or not’ • We then draw subsystems that indicate all our possible options. • Simple decisions are a box. • Complex outcomes are a circle.
+ Decision Trees  Next, we need to assign costs to each of the possible outcomes.  Start at the right hand side and assign a score to each of the outcomes representing its worth.
+ Decision Trees  Next, assign probabilities to each outcome.  Based on your risk analysis.  Some of this you are just going to guess.  But the more certain you can be, the better.
+ Decision Trees  Once we have this, we assign a cash value to each node.  For uncertain outcomes, this is the sum of all possible outcomes modified by probability.  For our ‘formal software development’ node on the previous slide, the cost of the node would be: Option Probability Value Result Good outcome 0.3 £500,000 £150,000 Moderate Outcome 0.4 £200,000 £80,000 Bad Outcome 0.3 £50,000 £15,000 Total: £245,000
+ Decision Trees  We can then use this information to give us our ‘most likely best path’  The potential financial return versus the cost gives us the likely benefit of the decision.
+ Risk Management Strategies  Knowing what the risks are and the costs is one thing, but we need to manage these as far as possible.  Based on our risk triage.  We can decide between one of three strategies.  Avoid it – recontextualize the project so that the risk is removed.  If you’re planning to buy cheap software from an untested vendor, buy it at a higher cost from a more reliable source.  Transfer it – place the risk on another party through some mutually beneficial agreement.  Insurance is a good example of this.  Mitigate it  Minimise the chances it will occur – if a team member is at risk of not completing a task, make sure they’re given the appropriate support at an early stage before they fail.  Minimise the cost if it occurs – have a safety net in place for if the worst comes to the worst.
+ Risk Communication  Risks shouldn’t be hidden from the rest of the team.  Everyone needs to know that someone has spent time thinking about what could go wrong.  Risk communication is healthy in a project.  Be sure to communicate them with all project stakeholders, including clients.  A good, solid risk management plan will increase rather than decrease confidence.  We all know things can go wrong. We like to see people with a plan for dealing with it.  Having people thinking about risks is useful.  They might think of things you didn’t.  Communicating the chance of risks is important in managing perceptions.
+ Conclusion  Risk analysis is an important part of managing a systems project.  It requires several things to generate an effective strategy.  Analysis of risks from all possible directions.  Building of a risk register of all possible risks.  Development of a risk triage for how risks will be dealt with proactivity.  Development of a decision tree to show the likely cost and benefit of certain outcomes.  Ongoing development of a risk management plan.  Ongoing communication with all project stakeholders.

Recommended

Understanding risk analysis and risk management with net zealous llc services...
Understanding risk analysis and risk management with net zealous llc services...Understanding risk analysis and risk management with net zealous llc services...
Understanding risk analysis and risk management with net zealous llc services...NetZealous LLC
 
اهم برزنتيشن لجنك2222
اهم برزنتيشن لجنك2222اهم برزنتيشن لجنك2222
اهم برزنتيشن لجنك2222nashaat algrara
 
Crash Course: Managing Cyber Risk Using Quantitative Analysis
Crash Course: Managing Cyber Risk Using Quantitative AnalysisCrash Course: Managing Cyber Risk Using Quantitative Analysis
Crash Course: Managing Cyber Risk Using Quantitative Analysis"Apolonio \"Apps\"" Garcia
 
Risk and Uncertainty
Risk and UncertaintyRisk and Uncertainty
Risk and UncertaintyBrad Stollery
 
Applying risk radar (v2)
Applying risk radar (v2)Applying risk radar (v2)
Applying risk radar (v2)Glen Alleman
 
The Art and Science Behind Successful Risk Workshops
The Art and Science Behind Successful Risk WorkshopsThe Art and Science Behind Successful Risk Workshops
The Art and Science Behind Successful Risk WorkshopsAcumen
 
4 Steps to Intelligent Risk Taking
4 Steps to Intelligent Risk Taking 4 Steps to Intelligent Risk Taking
4 Steps to Intelligent Risk Taking PECB
 
Risks and TCoR
Risks and TCoRRisks and TCoR
Risks and TCoRkruijsse
 

Recommended

Understanding risk analysis and risk management with net zealous llc services...
Understanding risk analysis and risk management with net zealous llc services...Understanding risk analysis and risk management with net zealous llc services...
Understanding risk analysis and risk management with net zealous llc services...NetZealous LLC
 
اهم برزنتيشن لجنك2222
اهم برزنتيشن لجنك2222اهم برزنتيشن لجنك2222
اهم برزنتيشن لجنك2222nashaat algrara
 
Crash Course: Managing Cyber Risk Using Quantitative Analysis
Crash Course: Managing Cyber Risk Using Quantitative AnalysisCrash Course: Managing Cyber Risk Using Quantitative Analysis
Crash Course: Managing Cyber Risk Using Quantitative Analysis"Apolonio \"Apps\"" Garcia
 
Risk and Uncertainty
Risk and UncertaintyRisk and Uncertainty
Risk and UncertaintyBrad Stollery
 
Applying risk radar (v2)
Applying risk radar (v2)Applying risk radar (v2)
Applying risk radar (v2)Glen Alleman
 
The Art and Science Behind Successful Risk Workshops
The Art and Science Behind Successful Risk WorkshopsThe Art and Science Behind Successful Risk Workshops
The Art and Science Behind Successful Risk WorkshopsAcumen
 
4 Steps to Intelligent Risk Taking
4 Steps to Intelligent Risk Taking 4 Steps to Intelligent Risk Taking
4 Steps to Intelligent Risk Taking PECB
 
Risks and TCoR
Risks and TCoRRisks and TCoR
Risks and TCoRkruijsse
 
Options based decisions processes
Options based decisions processesOptions based decisions processes
Options based decisions processesGlen Alleman
 
Increasing the Probability of Success with Continuous Risk Management
Increasing the Probability of Success with Continuous Risk ManagementIncreasing the Probability of Success with Continuous Risk Management
Increasing the Probability of Success with Continuous Risk ManagementGlen Alleman
 
Risk Analysis for Dummies
Risk Analysis for DummiesRisk Analysis for Dummies
Risk Analysis for DummiesWilliam L. McGill
 
Managing Reputation
Managing ReputationManaging Reputation
Managing ReputationAdrian Clements
 
Introduction to FAIR - Factor Analysis of Information Risk
Introduction to FAIR - Factor Analysis of Information RiskIntroduction to FAIR - Factor Analysis of Information Risk
Introduction to FAIR - Factor Analysis of Information RiskOsama Salah
 
Risk analysis
Risk analysis Risk analysis
Risk analysis Samuel Gher
 
Risk management
Risk managementRisk management
Risk managementShyam Sunder Budhwar
 
Risk analysis and management
Risk analysis and managementRisk analysis and management
Risk analysis and managementgnitu
 
Paper on risk management by Samuel Obino Mokaya
Paper on risk management by Samuel Obino MokayaPaper on risk management by Samuel Obino Mokaya
Paper on risk management by Samuel Obino MokayaDiscover JKUAT
 
Agile project management and normative
Agile project management and normativeAgile project management and normative
Agile project management and normativeGlen Alleman
 
Economically driven Cyber Risk Management
Economically driven Cyber Risk ManagementEconomically driven Cyber Risk Management
Economically driven Cyber Risk ManagementOsama Salah
 
The importance of properly describing risks, presented by Peter Simon, 10th O...
The importance of properly describing risks, presented by Peter Simon, 10th O...The importance of properly describing risks, presented by Peter Simon, 10th O...
The importance of properly describing risks, presented by Peter Simon, 10th O...Association for Project Management
 
Implementing Ways to Limit Risk (Risk Mitigation)
Implementing Ways to Limit Risk (Risk Mitigation)Implementing Ways to Limit Risk (Risk Mitigation)
Implementing Ways to Limit Risk (Risk Mitigation)JOSEPH Maas
 
Crisis management plan presentation
Crisis management plan presentationCrisis management plan presentation
Crisis management plan presentationSandra Eblevi
 
Increasing the Probability of Project Success
Increasing the Probability of Project SuccessIncreasing the Probability of Project Success
Increasing the Probability of Project SuccessGlen Alleman
 
Maximising Capital Investments - is guesswork eroding your bottomline?
Maximising Capital Investments - is guesswork eroding your bottomline?Maximising Capital Investments - is guesswork eroding your bottomline?
Maximising Capital Investments - is guesswork eroding your bottomline?Michael McKeon
 
Crisis & Risk Management for Companies Training by University of Alexandria
Crisis & Risk Management for Companies Training by University of AlexandriaCrisis & Risk Management for Companies Training by University of Alexandria
Crisis & Risk Management for Companies Training by University of AlexandriaAtlantic Training, LLC.
 
Managing risk with deliverables planning
Managing risk with deliverables planningManaging risk with deliverables planning
Managing risk with deliverables planningGlen Alleman
 
Risk Mitigation Strategy PowerPoint Presentation Slides
Risk Mitigation Strategy PowerPoint Presentation SlidesRisk Mitigation Strategy PowerPoint Presentation Slides
Risk Mitigation Strategy PowerPoint Presentation SlidesSlideTeam
 
Mastering Risk Assessment
Mastering Risk AssessmentMastering Risk Assessment
Mastering Risk Assessmentsimurares
 
SAD14 - The Nuts and Bolts
SAD14 - The Nuts and BoltsSAD14 - The Nuts and Bolts
SAD14 - The Nuts and BoltsMichael Heron
 
Decision Management Systems Part One Decision Discovery
Decision Management Systems Part One Decision DiscoveryDecision Management Systems Part One Decision Discovery
Decision Management Systems Part One Decision DiscoveryDecision Management Solutions
 

More Related Content

What's hot

Options based decisions processes
Options based decisions processesOptions based decisions processes
Options based decisions processesGlen Alleman
 
Increasing the Probability of Success with Continuous Risk Management
Increasing the Probability of Success with Continuous Risk ManagementIncreasing the Probability of Success with Continuous Risk Management
Increasing the Probability of Success with Continuous Risk ManagementGlen Alleman
 
Introduction to FAIR - Factor Analysis of Information Risk
Introduction to FAIR - Factor Analysis of Information RiskIntroduction to FAIR - Factor Analysis of Information Risk
Introduction to FAIR - Factor Analysis of Information RiskOsama Salah
 
Risk analysis and management
Risk analysis and managementRisk analysis and management
Risk analysis and managementgnitu
 
Paper on risk management by Samuel Obino Mokaya
Paper on risk management by Samuel Obino MokayaPaper on risk management by Samuel Obino Mokaya
Paper on risk management by Samuel Obino MokayaDiscover JKUAT
 
Agile project management and normative
Agile project management and normativeAgile project management and normative
Agile project management and normativeGlen Alleman
 
Economically driven Cyber Risk Management
Economically driven Cyber Risk ManagementEconomically driven Cyber Risk Management
Economically driven Cyber Risk ManagementOsama Salah
 
The importance of properly describing risks, presented by Peter Simon, 10th O...
The importance of properly describing risks, presented by Peter Simon, 10th O...The importance of properly describing risks, presented by Peter Simon, 10th O...
The importance of properly describing risks, presented by Peter Simon, 10th O...Association for Project Management
 
Implementing Ways to Limit Risk (Risk Mitigation)
Implementing Ways to Limit Risk (Risk Mitigation)Implementing Ways to Limit Risk (Risk Mitigation)
Implementing Ways to Limit Risk (Risk Mitigation)JOSEPH Maas
 
Crisis management plan presentation
Crisis management plan presentationCrisis management plan presentation
Crisis management plan presentationSandra Eblevi
 
Increasing the Probability of Project Success
Increasing the Probability of Project SuccessIncreasing the Probability of Project Success
Increasing the Probability of Project SuccessGlen Alleman
 
Maximising Capital Investments - is guesswork eroding your bottomline?
Maximising Capital Investments - is guesswork eroding your bottomline?Maximising Capital Investments - is guesswork eroding your bottomline?
Maximising Capital Investments - is guesswork eroding your bottomline?Michael McKeon
 
Crisis & Risk Management for Companies Training by University of Alexandria
Crisis & Risk Management for Companies Training by University of AlexandriaCrisis & Risk Management for Companies Training by University of Alexandria
Crisis & Risk Management for Companies Training by University of AlexandriaAtlantic Training, LLC.
 
Managing risk with deliverables planning
Managing risk with deliverables planningManaging risk with deliverables planning
Managing risk with deliverables planningGlen Alleman
 
Risk Mitigation Strategy PowerPoint Presentation Slides
Risk Mitigation Strategy PowerPoint Presentation SlidesRisk Mitigation Strategy PowerPoint Presentation Slides
Risk Mitigation Strategy PowerPoint Presentation SlidesSlideTeam
 
Mastering Risk Assessment
Mastering Risk AssessmentMastering Risk Assessment
Mastering Risk Assessmentsimurares
 

What's hot (20)

Options based decisions processes
Options based decisions processesOptions based decisions processes
Options based decisions processes
 
Increasing the Probability of Success with Continuous Risk Management
Increasing the Probability of Success with Continuous Risk ManagementIncreasing the Probability of Success with Continuous Risk Management
Increasing the Probability of Success with Continuous Risk Management
 
Risk Analysis for Dummies
Risk Analysis for DummiesRisk Analysis for Dummies
Risk Analysis for Dummies
 
Managing Reputation
Managing ReputationManaging Reputation
Managing Reputation
 
Introduction to FAIR - Factor Analysis of Information Risk
Introduction to FAIR - Factor Analysis of Information RiskIntroduction to FAIR - Factor Analysis of Information Risk
Introduction to FAIR - Factor Analysis of Information Risk
 
Risk analysis
Risk analysis Risk analysis
Risk analysis
 
Risk management
Risk managementRisk management
Risk management
 
Risk analysis and management
Risk analysis and managementRisk analysis and management
Risk analysis and management
 
Paper on risk management by Samuel Obino Mokaya
Paper on risk management by Samuel Obino MokayaPaper on risk management by Samuel Obino Mokaya
Paper on risk management by Samuel Obino Mokaya
 
Agile project management and normative
Agile project management and normativeAgile project management and normative
Agile project management and normative
 
Economically driven Cyber Risk Management
Economically driven Cyber Risk ManagementEconomically driven Cyber Risk Management
Economically driven Cyber Risk Management
 
The importance of properly describing risks, presented by Peter Simon, 10th O...
The importance of properly describing risks, presented by Peter Simon, 10th O...The importance of properly describing risks, presented by Peter Simon, 10th O...
The importance of properly describing risks, presented by Peter Simon, 10th O...
 
Implementing Ways to Limit Risk (Risk Mitigation)
Implementing Ways to Limit Risk (Risk Mitigation)Implementing Ways to Limit Risk (Risk Mitigation)
Implementing Ways to Limit Risk (Risk Mitigation)
 
Crisis management plan presentation
Crisis management plan presentationCrisis management plan presentation
Crisis management plan presentation
 
Increasing the Probability of Project Success
Increasing the Probability of Project SuccessIncreasing the Probability of Project Success
Increasing the Probability of Project Success
 
Maximising Capital Investments - is guesswork eroding your bottomline?
Maximising Capital Investments - is guesswork eroding your bottomline?Maximising Capital Investments - is guesswork eroding your bottomline?
Maximising Capital Investments - is guesswork eroding your bottomline?
 
Crisis & Risk Management for Companies Training by University of Alexandria
Crisis & Risk Management for Companies Training by University of AlexandriaCrisis & Risk Management for Companies Training by University of Alexandria
Crisis & Risk Management for Companies Training by University of Alexandria
 
Managing risk with deliverables planning
Managing risk with deliverables planningManaging risk with deliverables planning
Managing risk with deliverables planning
 
Risk Mitigation Strategy PowerPoint Presentation Slides
Risk Mitigation Strategy PowerPoint Presentation SlidesRisk Mitigation Strategy PowerPoint Presentation Slides
Risk Mitigation Strategy PowerPoint Presentation Slides
 
Mastering Risk Assessment
Mastering Risk AssessmentMastering Risk Assessment
Mastering Risk Assessment
 

Viewers also liked

SAD14 - The Nuts and Bolts
SAD14 - The Nuts and BoltsSAD14 - The Nuts and Bolts
SAD14 - The Nuts and BoltsMichael Heron
 
Decision Management Systems Part One Decision Discovery
Decision Management Systems Part One Decision DiscoveryDecision Management Systems Part One Decision Discovery
Decision Management Systems Part One Decision DiscoveryDecision Management Solutions
 
How to Build Decision Management Systems Part 3 - Decision Analysis
How to Build Decision Management Systems Part 3 - Decision AnalysisHow to Build Decision Management Systems Part 3 - Decision Analysis
How to Build Decision Management Systems Part 3 - Decision AnalysisDecision Management Solutions
 
System analysis and design
System analysis and design System analysis and design
System analysis and design Razan Al Ryalat
 
System Analysis and Design
System Analysis and DesignSystem Analysis and Design
System Analysis and DesignAamir Abbas
 

Viewers also liked (6)

SAD14 - The Nuts and Bolts
SAD14 - The Nuts and BoltsSAD14 - The Nuts and Bolts
SAD14 - The Nuts and Bolts
 
Decision Management Systems Part One Decision Discovery
Decision Management Systems Part One Decision DiscoveryDecision Management Systems Part One Decision Discovery
Decision Management Systems Part One Decision Discovery
 
How to Build Decision Management Systems Part 3 - Decision Analysis
How to Build Decision Management Systems Part 3 - Decision AnalysisHow to Build Decision Management Systems Part 3 - Decision Analysis
How to Build Decision Management Systems Part 3 - Decision Analysis
 
Decision analysis
Decision analysisDecision analysis
Decision analysis
 
System analysis and design
System analysis and design System analysis and design
System analysis and design
 
System Analysis and Design
System Analysis and DesignSystem Analysis and Design
System Analysis and Design
 

Similar to Risk Analysis and Management for Systems Projects

Risk Analysis & Risk Management
Risk Analysis & Risk ManagementRisk Analysis & Risk Management
Risk Analysis & Risk ManagementGrafic.guru
 
Calculation of Estimated Risk for Individual/Family
Calculation of Estimated Risk for Individual/FamilyCalculation of Estimated Risk for Individual/Family
Calculation of Estimated Risk for Individual/Familymandalina landy
 
Project management for engineering plan a
Project management for engineering plan aProject management for engineering plan a
Project management for engineering plan aRehanKhan63473
 
11.4 Qualitative Versus Quantitative Analysis
11.4 Qualitative Versus Quantitative Analysis11.4 Qualitative Versus Quantitative Analysis
11.4 Qualitative Versus Quantitative AnalysisDavidMcLachlan1
 
Data Driven Risk Management
Data Driven Risk ManagementData Driven Risk Management
Data Driven Risk ManagementResolver Inc.
 
Risk & Risk Management Ideas, Thoughts & Perspectives for new CEOs CIOs CTOs...
Risk & Risk Management Ideas, Thoughts & Perspectives for new CEOs CIOs CTOs...Risk & Risk Management Ideas, Thoughts & Perspectives for new CEOs CIOs CTOs...
Risk & Risk Management Ideas, Thoughts & Perspectives for new CEOs CIOs CTOs...Patrick A.
 
Managing Risk and Uncertainty in Business.pptx
Managing Risk and Uncertainty in Business.pptxManaging Risk and Uncertainty in Business.pptx
Managing Risk and Uncertainty in Business.pptxTope Osanyintuyi
 
10 golden rules of project risk management
10 golden rules of project risk management10 golden rules of project risk management
10 golden rules of project risk managementpinalti
 
Risk-Management-ppt.pptx
Risk-Management-ppt.pptxRisk-Management-ppt.pptx
Risk-Management-ppt.pptxYashuShukla2
 
Comprehensive Overview Of Risk Management
Comprehensive Overview Of Risk ManagementComprehensive Overview Of Risk Management
Comprehensive Overview Of Risk ManagementAndrew Valenti
 
Project Risk Management
Project Risk ManagementProject Risk Management
Project Risk ManagementKelvin Fredson
 
Ten rules of project risk management
Ten rules of project risk managementTen rules of project risk management
Ten rules of project risk managementTony
 
Business Cont 2008 Article Pub
Business Cont 2008 Article PubBusiness Cont 2008 Article Pub
Business Cont 2008 Article PubCarl Booth
 
PMI-RMP Exam Prep Presentation
PMI-RMP Exam Prep PresentationPMI-RMP Exam Prep Presentation
PMI-RMP Exam Prep Presentationscottdreynolds
 
Project risk management: Techniques and strategies
Project risk management: Techniques and strategiesProject risk management: Techniques and strategies
Project risk management: Techniques and strategiesDebashishDas49
 
Quantification of Risks in Project Management
Quantification of Risks in Project ManagementQuantification of Risks in Project Management
Quantification of Risks in Project ManagementVenkatesh Ganapathy
 

Similar to Risk Analysis and Management for Systems Projects (20)

Risk Analysis & Risk Management
Risk Analysis & Risk ManagementRisk Analysis & Risk Management
Risk Analysis & Risk Management
 
Calculation of Estimated Risk for Individual/Family
Calculation of Estimated Risk for Individual/FamilyCalculation of Estimated Risk for Individual/Family
Calculation of Estimated Risk for Individual/Family
 
Project management for engineering plan a
Project management for engineering plan aProject management for engineering plan a
Project management for engineering plan a
 
11.4 Qualitative Versus Quantitative Analysis
11.4 Qualitative Versus Quantitative Analysis11.4 Qualitative Versus Quantitative Analysis
11.4 Qualitative Versus Quantitative Analysis
 
Data Driven Risk Management
Data Driven Risk ManagementData Driven Risk Management
Data Driven Risk Management
 
Risk & Risk Management Ideas, Thoughts & Perspectives for new CEOs CIOs CTOs...
Risk & Risk Management Ideas, Thoughts & Perspectives for new CEOs CIOs CTOs...Risk & Risk Management Ideas, Thoughts & Perspectives for new CEOs CIOs CTOs...
Risk & Risk Management Ideas, Thoughts & Perspectives for new CEOs CIOs CTOs...
 
Managing Risk and Uncertainty in Business.pptx
Managing Risk and Uncertainty in Business.pptxManaging Risk and Uncertainty in Business.pptx
Managing Risk and Uncertainty in Business.pptx
 
10 golden rules of project risk management
10 golden rules of project risk management10 golden rules of project risk management
10 golden rules of project risk management
 
Risk-Management-ppt.pptx
Risk-Management-ppt.pptxRisk-Management-ppt.pptx
Risk-Management-ppt.pptx
 
Relationship Forecasting
Relationship ForecastingRelationship Forecasting
Relationship Forecasting
 
Comprehensive Overview Of Risk Management
Comprehensive Overview Of Risk ManagementComprehensive Overview Of Risk Management
Comprehensive Overview Of Risk Management
 
Project Risk Management
Project Risk ManagementProject Risk Management
Project Risk Management
 
Ten rules of project risk management
Ten rules of project risk managementTen rules of project risk management
Ten rules of project risk management
 
Business Cont 2008 Article Pub
Business Cont 2008 Article PubBusiness Cont 2008 Article Pub
Business Cont 2008 Article Pub
 
Project Risk Management
Project Risk ManagementProject Risk Management
Project Risk Management
 
PMI-RMP Exam Prep Presentation
PMI-RMP Exam Prep PresentationPMI-RMP Exam Prep Presentation
PMI-RMP Exam Prep Presentation
 
Li Rmp Prep
Li Rmp PrepLi Rmp Prep
Li Rmp Prep
 
Project risk management: Techniques and strategies
Project risk management: Techniques and strategiesProject risk management: Techniques and strategies
Project risk management: Techniques and strategies
 
Quantification of Risks in Project Management
Quantification of Risks in Project ManagementQuantification of Risks in Project Management
Quantification of Risks in Project Management
 
Risk Matrix.docx
Risk Matrix.docxRisk Matrix.docx
Risk Matrix.docx
 

More from Michael Heron

Meeple centred design - Board Game Accessibility
Meeple centred design - Board Game AccessibilityMeeple centred design - Board Game Accessibility
Meeple centred design - Board Game AccessibilityMichael Heron
 
Musings on misconduct
Musings on misconductMusings on misconduct
Musings on misconductMichael Heron
 
Accessibility Support with the ACCESS Framework
Accessibility Support with the ACCESS FrameworkAccessibility Support with the ACCESS Framework
Accessibility Support with the ACCESS FrameworkMichael Heron
 
ACCESS: A Technical Framework for Adaptive Accessibility Support
ACCESS: A Technical Framework for Adaptive Accessibility SupportACCESS: A Technical Framework for Adaptive Accessibility Support
ACCESS: A Technical Framework for Adaptive Accessibility SupportMichael Heron
 
Authorship and Autership
Authorship and AutershipAuthorship and Autership
Authorship and AutershipMichael Heron
 
Text parser based interaction
Text parser based interactionText parser based interaction
Text parser based interactionMichael Heron
 
GRPHICS08 - Raytracing and Radiosity
GRPHICS08 - Raytracing and RadiosityGRPHICS08 - Raytracing and Radiosity
GRPHICS08 - Raytracing and RadiosityMichael Heron
 
GRPHICS07 - Textures
GRPHICS07 - TexturesGRPHICS07 - Textures
GRPHICS07 - TexturesMichael Heron
 
GRPHICS05 - Rendering (2)
GRPHICS05 - Rendering (2)GRPHICS05 - Rendering (2)
GRPHICS05 - Rendering (2)Michael Heron
 
GRPHICS04 - Rendering (1)
GRPHICS04 - Rendering (1)GRPHICS04 - Rendering (1)
GRPHICS04 - Rendering (1)Michael Heron
 
GRPHICS03 - Graphical Representation
GRPHICS03 - Graphical RepresentationGRPHICS03 - Graphical Representation
GRPHICS03 - Graphical RepresentationMichael Heron
 
GRPHICS02 - Creating 3D Graphics
GRPHICS02 - Creating 3D GraphicsGRPHICS02 - Creating 3D Graphics
GRPHICS02 - Creating 3D GraphicsMichael Heron
 
GRPHICS01 - Introduction to 3D Graphics
GRPHICS01 - Introduction to 3D GraphicsGRPHICS01 - Introduction to 3D Graphics
GRPHICS01 - Introduction to 3D GraphicsMichael Heron
 
GRPHICS09 - Art Appreciation
GRPHICS09 - Art AppreciationGRPHICS09 - Art Appreciation
GRPHICS09 - Art AppreciationMichael Heron
 

More from Michael Heron (20)

Meeple centred design - Board Game Accessibility
Meeple centred design - Board Game AccessibilityMeeple centred design - Board Game Accessibility
Meeple centred design - Board Game Accessibility
 
Musings on misconduct
Musings on misconductMusings on misconduct
Musings on misconduct
 
Accessibility Support with the ACCESS Framework
Accessibility Support with the ACCESS FrameworkAccessibility Support with the ACCESS Framework
Accessibility Support with the ACCESS Framework
 
ACCESS: A Technical Framework for Adaptive Accessibility Support
ACCESS: A Technical Framework for Adaptive Accessibility SupportACCESS: A Technical Framework for Adaptive Accessibility Support
ACCESS: A Technical Framework for Adaptive Accessibility Support
 
Authorship and Autership
Authorship and AutershipAuthorship and Autership
Authorship and Autership
 
Text parser based interaction
Text parser based interactionText parser based interaction
Text parser based interaction
 
SAD04 - Inheritance
SAD04 - InheritanceSAD04 - Inheritance
SAD04 - Inheritance
 
GRPHICS08 - Raytracing and Radiosity
GRPHICS08 - Raytracing and RadiosityGRPHICS08 - Raytracing and Radiosity
GRPHICS08 - Raytracing and Radiosity
 
GRPHICS07 - Textures
GRPHICS07 - TexturesGRPHICS07 - Textures
GRPHICS07 - Textures
 
GRPHICS06 - Shading
GRPHICS06 - ShadingGRPHICS06 - Shading
GRPHICS06 - Shading
 
GRPHICS05 - Rendering (2)
GRPHICS05 - Rendering (2)GRPHICS05 - Rendering (2)
GRPHICS05 - Rendering (2)
 
GRPHICS04 - Rendering (1)
GRPHICS04 - Rendering (1)GRPHICS04 - Rendering (1)
GRPHICS04 - Rendering (1)
 
GRPHICS03 - Graphical Representation
GRPHICS03 - Graphical RepresentationGRPHICS03 - Graphical Representation
GRPHICS03 - Graphical Representation
 
GRPHICS02 - Creating 3D Graphics
GRPHICS02 - Creating 3D GraphicsGRPHICS02 - Creating 3D Graphics
GRPHICS02 - Creating 3D Graphics
 
GRPHICS01 - Introduction to 3D Graphics
GRPHICS01 - Introduction to 3D GraphicsGRPHICS01 - Introduction to 3D Graphics
GRPHICS01 - Introduction to 3D Graphics
 
GRPHICS09 - Art Appreciation
GRPHICS09 - Art AppreciationGRPHICS09 - Art Appreciation
GRPHICS09 - Art Appreciation
 
2CPP18 - Modifiers
2CPP18 - Modifiers2CPP18 - Modifiers
2CPP18 - Modifiers
 
2CPP17 - File IO
2CPP17 - File IO2CPP17 - File IO
2CPP17 - File IO
 
2CPP16 - STL
2CPP16 - STL2CPP16 - STL
2CPP16 - STL
 
2CPP15 - Templates
2CPP15 - Templates2CPP15 - Templates
2CPP15 - Templates
 

Recently uploaded

Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Steffen Staab
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...OnePlan Solutions
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...MyIntelliSource, Inc.
 
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsAndolasoft Inc
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comFatema Valibhai
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...ICS
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsArshad QA
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdfWave PLM
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsAlberto González Trastoy
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVshikhaohhpro
 
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...kellynguyen01
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfkalichargn70th171
 
Hand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxHand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxbodapatigopi8531
 
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...MyIntelliSource, Inc.
 
Diamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionDiamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionSolGuruz
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfkalichargn70th171
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providermohitmore19
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerThousandEyes
 

Recently uploaded (20)

Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
 
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS LiveVip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
 
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.js
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.com
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview Questions
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTV
 
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
 
Hand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxHand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptx
 
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICECHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
 
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
 
Diamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionDiamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with Precision
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service provider
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
 

Risk Analysis and Management for Systems Projects

  • 1. + Risk Analysis Systems Analysis and Design Michael Heron
  • 2. + Introduction  Good project management requires several things, as discussed.  Effective analysis of problems  Effective subdivision of tasks  Effective motivation and leadership.  However, managing the project is more than just hoping everything goes right.  It requires a full appreciation of the risks that might impact on a project as time goes by.  The way in which this risk management will be performed will vary from method to method.
  • 3. + Risks  A large part of controlling is risk management.  And this is done through risk analysis.  A risk in the context of a project is ‘something that can potentially negatively impact the cost, timeframe or effort to develop a software project’  They won’t definitely happen – that’s why it’s a risk and not a constraint.  We need to estimate the possibility of the risk occuring and then calculate our options in dealing with it.  The weighting of a risk is probability multiplied by the cost of the event.
  • 4. + Risks This is a terrible way to travel. I go to meetings my boss doesn’t want to attend. I take notes. I’ll get back to you. Wherever I’m going, I’ll be there to apply the formula. I’ll keep the secret intact. It’s simple arithmetic. It’s a story problem. If a new car built by my company leaves Chicago travelling west at 60 miles per hour, and the rear differential locks up, and the car crashes and burns with everyone trapped inside, does my company issue a recall? You take the population of vehicles in the field (A), and multiply it by the probability rate of failure (B), then multiply the result by the average cost of an out-of-court settlement (C). A times B times C equals X. This is what it will cost if we don’t initiate a recall. If X is greater than the cost of a recall, we recall the cars and no-one gets hurt. If X is less than the cost of a recall, then we don’t recall. Fight Club, Chuck Palahniuk
  • 5. + Risk Management  Risk management is a core process that must be performed.  And it must be performed early. Risks are never cheaper to deal with than before they are encountered.  Everyone must be aware of possible risks.  Not to worry them, but to ensure they are prepared to work around them if they occur.  Everyone must be aware of how risks are to be managed and who is responsible for managing them.  Ownership is easiest to apply before a risk is encountered.  Risks must be triaged – you need to deal with the most important ones first. Risks that will end a project must be dealt with before those that will derail a schedule.
  • 6. + Risk Analysis  Before we can analyse a risk, we must identify it. They come in a variety of flavours:  Human  Staff turnover, staff illness, death, bus factor  Operational  Changes in management, changes in logistics, access to resources  Reputation  Bad products relating to future market problems, lack of future opportunities  Procedural  Employee fraud, employee theft  Project  Over runs, requirements change, scope underestimation
  • 7. + Risk Analysis  Other risks:  Financial  Business failures, stock market reverberations, unemployment, product competition  Technical  Technical obsolescence, hardware unavailability  Natural  Acts of god  Political  Change in laws, change in political context  Misc  Everything else
  • 8. + Risk Analysis  It’s very easy to overlook threats.  So we need a systematic approach that minimises the chances that we will miss them.  We go over each task in a system, and assess it against the risk categories outlined above.  Making a note of anything in those categories that can potentially impact upon us.  In many cases, risks won’t actually exist, but different categories will apply to different risks in often surprising ways.
  • 9. + Risk Weighting  When you have analysed the total number of possible risks, you need to assign a weighting to these.  How likely you think they’re going to be.  You then need to identify a cost.  How expensive they will be in terms of time or money or other measures.  This information will then help you identify the chances and costs of a particular option.  What does it cost if everything goes right?  What does it cost if everything goes wrong?  What does it cost in the ‘most likely’ scenario?
  • 10. + Risk Register  Recording risks is traditionally done in a formal document such as a risk register.  This is the central repository for all risks identified by the project team.  It contains several key pieces of information:  Probability  Impact  Counter Measures  Risk Owner  Risk Score (impact * probability)  Outline of mitigation.
  • 11. + Types of Risk Assessment  Risks can generally be categorised in two systems.  Qualitative where descriptive terms are used to describe impact and probability.  Quantitative where the specific costs are outlined in real terms of financial cost and statistical probability.  Qualitative allows for risks to be quickly categorized and compared for triage.  The subtle relationship between traits may make that difficult for the quantitative representation.  Quantitative ensures risks are fully understood.  You must understand them in order to generate the data.
  • 12. + Risk Triage  You most likely won’t have a chance to deal with every possible risk.  There will just be too many.  All of them are going to be a problem if they occur. For some risks, the consequences and likely way to deal with them may be easier to appreciate when they occur.  Risk triage is the process by which you look at the full range of possible risks and decide which ones you will deal with proactively.  Before they occur, to mitigate their impact.
  • 13. + Risk Triage  First of all, we need to look at the risk score (impact * probability)  Higher risk score means that you are going to want to mitigate these as much as possible.  Lower risk score means you might want to leave it out of triage.  There are edge cases.  A low probability event with a show stopping impact probably needs to be mitigated regardless of the probability.  A high probability event with a low impact maybe doesn’t need a lot of thought put into it.  Do you want to spend two days mitigating a £100 risk?
  • 14. + Decision Trees  This information feeds into your decision tree, which is a way of representing the cost and benefits of various paths through a project you might take.  Consider the unseen university feasibility example.  For this, you need the tasks you identified (early on as part of the requirements gathering).  You need the data regarding risks and costs.  You need the plain ol’ vanilla costings given to you by the client (or generated via your own research).  And you make a tree of it.
  • 15. + Decision Trees • It’s drawn from left to right. • On the left hand side we mark out a decision we have to make, in this case ‘develop a system or not’ • We then draw subsystems that indicate all our possible options. • Simple decisions are a box. • Complex outcomes are a circle.
  • 16. + Decision Trees  Next, we need to assign costs to each of the possible outcomes.  Start at the right hand side and assign a score to each of the outcomes representing its worth.
  • 17. + Decision Trees  Next, assign probabilities to each outcome.  Based on your risk analysis.  Some of this you are just going to guess.  But the more certain you can be, the better.
  • 18. + Decision Trees  Once we have this, we assign a cash value to each node.  For uncertain outcomes, this is the sum of all possible outcomes modified by probability.  For our ‘formal software development’ node on the previous slide, the cost of the node would be: Option Probability Value Result Good outcome 0.3 £500,000 £150,000 Moderate Outcome 0.4 £200,000 £80,000 Bad Outcome 0.3 £50,000 £15,000 Total: £245,000
  • 19. + Decision Trees  We can then use this information to give us our ‘most likely best path’  The potential financial return versus the cost gives us the likely benefit of the decision.
  • 20. + Risk Management Strategies  Knowing what the risks are and the costs is one thing, but we need to manage these as far as possible.  Based on our risk triage.  We can decide between one of three strategies.  Avoid it – recontextualize the project so that the risk is removed.  If you’re planning to buy cheap software from an untested vendor, buy it at a higher cost from a more reliable source.  Transfer it – place the risk on another party through some mutually beneficial agreement.  Insurance is a good example of this.  Mitigate it  Minimise the chances it will occur – if a team member is at risk of not completing a task, make sure they’re given the appropriate support at an early stage before they fail.  Minimise the cost if it occurs – have a safety net in place for if the worst comes to the worst.
  • 21. + Risk Communication  Risks shouldn’t be hidden from the rest of the team.  Everyone needs to know that someone has spent time thinking about what could go wrong.  Risk communication is healthy in a project.  Be sure to communicate them with all project stakeholders, including clients.  A good, solid risk management plan will increase rather than decrease confidence.  We all know things can go wrong. We like to see people with a plan for dealing with it.  Having people thinking about risks is useful.  They might think of things you didn’t.  Communicating the chance of risks is important in managing perceptions.
  • 22. + Conclusion  Risk analysis is an important part of managing a systems project.  It requires several things to generate an effective strategy.  Analysis of risks from all possible directions.  Building of a risk register of all possible risks.  Development of a risk triage for how risks will be dealt with proactivity.  Development of a decision tree to show the likely cost and benefit of certain outcomes.  Ongoing development of a risk management plan.  Ongoing communication with all project stakeholders.