2. Chapter Outline
1. Risk response plan
2. Plan risk responses: tools and techniques
3. Response strategies for treats
4. Response strategies for opportunities
5. Contingent response Strategies
6. Implement risk response strategies
7. Residual and secondary risk
3. Discussion Q??????
1. why project risk response is essential?
2. When risk response planning is appropriate?
3. To prepare Risk Response Planning, What are the Inputs,
tools &techniques project managers employed?
4. If your projects are suspect to negative &
positive risk, What types of risk response
strategies do you design?
5. If you intended to have Contingent response Strategies for your
project risk, what are the considerations you expect? what is the
relevance of Contingent response Strategies?
Agumas A(PhD)
4. RISK RESPONSE PLANNING
Risk response planning is the process of
developing options and determining
actions to enhance opportunities and reduce
threats to the project’s objectives.
It includes the identification and
assignment of individuals or parties to take
responsibility for each agreed risk response.
The effectiveness of response planning will
directly determine whether risk increases
or decreases for the project.
Agumas A(PhD)
5. Cont’d
Risk response planning is appropriate to:
the severity of the risk,
cost effective in meeting the challenge,
timely to be successful,
realistic within the project context,
agreed upon by all parties involved, and
owned by a responsible person.
Agumas A(PhD)
6. Inputs to Risk Response Planning
1.Risk management plan.
2.List of prioritizedrisks.
3.Risk ranking of the project.
4.Prioritized list of quantified risks.
5.Probabilistic analysis of the project.
6.Probability of achieving the cost and time objectives.
7.List of potential responses.
8.Risk thresholds.
The level of risk that is acceptable to the organization will
influence risk response planning
9. Risk owners.
10. Common risk causes.
11. Trends in qualitative and quantitative risk analysis results.
Agumas A(PhD)
7. Tools and Techniques for Risk Response Planning
Several risk response strategies are
available.
The strategy that is most likely to be
effective should be selected for each risk.
Then, specific actions should be developed
to implement that strategy.
Primary and backup strategies may be
selected.
8. Response strategies for treats/negative risk
Developing responses for negative risks:
1. Avoiding: Changing the project mgt plan to eliminate the
risk. This could involve changing the objective, modifying
the schedule, or reducing in scope.
2. Mitigating: A reduction in the probability or impact to the
project. Taking early action to reduce the probability,
adopting less complex processes, or conducting more tests.
3. Transferring/ Insurance: Shifting the risk to a third party
for the management of the risk.
Does not eliminate the risk, and could involve insurance, warranties,
and bonds.
Purchase insurance to reduce/eliminate risk. e. g. an athlete may
purchase insurance against injury to guarantee their income.
4. Accepting: It is possible that the risk cannot be eliminated
or managed. Can be active or passive in approach – a
contingency reserve in time, money, or resources
Agumas A(PhD)
9. Response strategies for opportunities or positives risks
The strategies for managing positive risks are:
1. Exploit the situation. We will do whatever we can
to make sure the event does happen so we can enjoy
the rewards of the event.
2. Enhance the probability and positive impacts
of the event.
3. Share the ownership with a third party who can
better enhance the situation.
4. Accept the opportunity, take the advantages
provided by the event, but do not actively pursue the
event.
Agumas A(PhD)
10. Contingent response Strategies
Consider the following for contingency planning:
The management of a contingency budget
The development of schedule alternatives and work
around
Complete emergency responses to deal with major
areas of risk
An assessment of project shut-down liabilities
Agumas A(PhD)
11. Cont’d
A contingency plan is applied to identified risks that arise during the
project.
Developing a contingency plan in advance can greatly reduce the cost of
an action should the risk occur.
Risk triggers, such as missing intermediate mile- stones, should be
defined and tracked.
A fallback plan is developed if the risk has a high impact, or if the selected
strategy may not be fully effective.
This might include allocation of a contingency amount, development of
alternative options, or changing project scope.
The most usual risk acceptance response is to establish a contingency
allowance, or reserve, including amounts of time, money, or resources to
account for known risks.
The allowance should be determined by the impacts, computed at an
acceptable level of risk exposure, for the risks that have been accepted.
Agumas A(PhD)
12. Implement risk response strategies
Implement Risk Responses is the process of implementing agreed-
upon risk response plans.
The key benefit of this process is that it ensures that agreed-upon
risk responses are executed as planned in order to address overall
project risk exposure, minimize individual project threats, and
maximize individual project opportunities.
This process is performed throughout the project.
Agumas A(PhD)
13. Outputs from Risk Response Planning
1.Risk response plan. The risk response plan (sometimes called the risk register)
should be written to the level of detail at which the actions will be taken.
It should include some or all of the following:
■Identified risks, their descriptions, the area(s) of the project (e.g., WBS
element) affected, their causes, and how they may affect project objectives.
■Risk owners and assigned responsibilities.
■Results from the qualitative and quantitative risk analysis processes.
■Agreed responses including avoidance, transference, mitigation, or acceptance
for each risk in the risk response plan.
■The level of residual risk expected to be remaining after the strategy is
implemented.
■Specific actions to implement the chosen response strategy.
■Budget and times for responses.
■Contingency plans and fallback/alternative plans.
Agumas A(PhD)
14. Cont’d
2. Residual risks.
Residual risks are those that remain after avoidance, transfer, or
mitigation responses have been taken.
They also include minor risks that have been accepted and
addressed,
e.g., by adding contingency amounts to the cost or time
allowable.
3. Secondary risks.
Risks that arise as a direct result of implementing a risk
response are termed secondary risks.
Agumas A(PhD)
18. DISCUSSION Q???
I. What is does it mean risk monitoring and
control?
II. When risk monitoring and control is
required?
III. What is the rationale of conducting risk
monitoring?
IV.What are the inputs, tools &techiques
,&outputs of risk monitoring and
control?
Agumas A(PhD)
19. Introduction
Risk monitoring and control is the process of
keeping track of the identified risks, monitoring
residual risks and identifying new risks, ensuring the
execution of risk plans, and evaluating their
effectiveness in reducing risk.
Risk monitoring and control records risk
metrics that are associated with implementing
contingency plans.
Risk monitoring and control is an ongoing
process for the life of the project.
The risks change as the project matures, new risks
develop, or anticipated risks disappear.
Agumas A(PhD)
20. Required Risk monitoring and control
Risk monitoring and control is required in order
to:
Ensure the execution of the risk plans and evaluate
their effectiveness in reducing risk.
Keep track of the identified risks, including the watch
list.
Monitor trigger conditions for contingencies ‰
Monitor residual risks and identify new risks arising
during project execution.
Update the organizational process assets.
Agumas A(PhD)
21. Inputs to Risk Monitoring and Control
1.Risk management plan.
2.Risk response plan.
3.Project communication.
4.Additional risk identification and
analysis.
5.Scope changes.
Agumas A(PhD)
22. Tools and Techniques for Risk Monitoring and Control
1.Project risk response audits. Risk auditors examine and
document the effectiveness of the risk response in
avoiding, transferring, or mitigating risk occurrence as
well as the effectiveness of the risk owner. Risk audits are
performed during the project life cycle to control risk.
2.Periodic project risk reviews. Project risk reviews should
be regularly scheduled. Project risk should be an agenda
item at all team meetings. Risk ratings and prioritization
may change during the life of the project. Any changes
may require additional qualitative or quantitative analysis.
Agumas A(PhD)
23. Cont’d
3. Technical performance measurement. Technical
performance measurement compares technical
accomplishments during project execution to the project
plan’s schedule of technical achievement. Deviation, such as
not demonstrating functionality as planned at a milestone,
can imply a risk to achieving the project’s scope.
4. Additional risk response planning. If a risk emerges that was
not anticipated in the risk response plan, or its impact on
objectives is greater than expected, the planned response
may not be adequate. It will be necessary to perform
additional response planning to control the risk.
Agumas A(PhD)
24. Results of good risk monitoring and control
1.Workaround plans. Workarounds are unplanned
responses to emerging risks that were previously
unidentified or accepted. Workarounds must be
properly documented and incorporated into the
project plan and risk response plan.
2.Corrective action. Corrective action consists of
performing the contingency plan or workaround.
3.Project change requests. Implementing
contingency plans or workarounds frequently
results in a requirement to change the project plan
to respond to risks.
Agumas A(PhD)
25. Cont’d
4. Updates to the risk response plan. Risks may occur or not.
Risks that do occur should be documented and evaluated.
Implementation of risk controls may reduce the impact or
probability of identified risks. Risk rankings must be reassessed
so that new, important risks may be properly controlled. Risks
that do not occur should be documented and closed in the risk
response plan.
5. Risk database. A repository that provides for collection,
maintenance, and analysis of data gathered and used in the risk
management processes. Use of this database will assist risk
management throughout the organization and, over time, form
the basis of a risk lessons learned program.
6. Updates to risk identification checklists. Checklists updated
from experience will help risk management of future projects
Agumas A(PhD)
26. Purpose of risk monitoring
The purpose of risk monitoring is to
determine if:
1. Risk responses have been implemented as planned.
2. Risk response actions are as effective as expected, or if new
responses should be developed.
3. Project assumptions are still valid.
4. Risk exposure has changed from its prior state, with
analysis of trends. A risk trigger has occurred.
5. Proper policies and procedures are followed.
6. Risks have occurred or arisen that were not previously
identified.
7. Risk control may involve choosing alternative strategies,
implementing a contingency plan, taking corrective action,
or replanning the project.
Agumas A(PhD)