Download as PDF, PPTX
Project Risk Management
- 1. © Mauro Jasse- All rights reserved (v1.0) An outline for effective risk management in a project context (in agreement with the PMBOK® Guide – Sixth Edition). Project Risk Management
- 2. 2© Mauro Jasse- All rights reserved (v1.0) What is Project Risk? A potential event or condition, produced by one or multiple causes, forecast to materialize and exert either a positive (opportunity) or a negative (threat) effect on a project. › Risk is omnipresent, exists at project inception and continues to emerge throughout the lifetime of a project. › Even with careful planning, risks often remain unknown, or are not recognized, until after they occur (emergent risks). › If materialized, a project threat (potential future concern) becomes a project issue (actual ongoing problem). › Projects are continuously exposed to risk, from conception until completion, and it is impossible to eliminate them.
- 3. 3© Mauro Jasse- All rights reserved (v1.0) Individual project risk A risk that exerts an effect on one or more project objectives. Overall project risk The effect of uncertainty on the project as a whole. › Overall project risk results from all sources of uncertainty, including individual project risks. Types of Project Risk The risk appetite of the organization and of project stakeholders defines thresholds of acceptable levels of risk exposure.
- 4. 4© Mauro Jasse- All rights reserved (v1.0) “Poor risk management practices” is a top reason why projects fail to achieve their goals on time and on budget. › Scope creep Continuous or uncontrolled changes to the scope of a project (list of deliverables and the amount of work required to produce them) after the project initiates. A Few Common Project Risks › Inapt project manager Project management responsibility assigned to an individual who lacks the required education and experience to effectively guide the project. › Limited stakeholder engagement Insufficient support from executive management and a lack of commitment and involvement from project stakeholders in general.
- 5. 5© Mauro Jasse- All rights reserved (v1.0) › Projects are vulnerable to countless risk events and conditions and can benefit from effective risk management efforts. › Few aspects of project management are more critical to project success than risk management. › Unmanaged risks can deviate a project from its plan and keep it from achieving its defined objectives. › When risk is left unmanaged, project success rates greatly decline. Project Risk Management is carried out to create and protect value by exploiting project opportunities and minimizing project threats. The systematic management of risk in the scope of a project to increase the probability of successful project completion. What is Project Risk Management?
- 6. 6© Mauro Jasse- All rights reserved (v1.0) Risk management employs a framework and a series of processes, in adherence to a set of guiding principles. › The risk management practice consists of anticipating possible risks and treating them before they are triggered. › Risk management activity includes planning the risk management approach, risk identification, risk analysis, risk evaluation, risk handling, and risk monitoring. › The pertinence, design, and formality level imposed on the risk management practice matches characteristics of the target activity (e.g., size, complexity, risk profile, strategic importance, delivery approach, etc.) The Risk Management Practice Principles
- 7. 7© Mauro Jasse- All rights reserved (v1.0) Key Elements of the Risk Management Practice Risk management activities are carried out repeatedly in a formal and controlled manner. Risk Management Framework ProcessPrinciples › Principles Core values and foundational rules of conduct that guide risk management activities. › Framework Blueprint to conceive the risk management practice and integrate it into the culture and other processes across all functions. › Processes Systematic series of interrelated actions that direct the execution of risk management activities.
- 8. 8© Mauro Jasse- All rights reserved (v1.0) Risk Management Principles 02 All elements (i.e., framework, principles, and processes) and their interactions are suited to the present needs and context and aligned with the governing strategy and defined objectives. Tailored 01 050403 Value-oriented and contributes to organizational enrichment by enabling better-informed decision-making processes, improved performance, and higher success rates. Enriching 1009080706 Employs comprehensive and standardized practices, which are executed systematically to ensure consistent, reliable, measurable, and comparable outcomes. Structured Seeks and relies on the best available information from past experiences, historical records, stakeholder feedback, present observations, expert judgement, forecasts, etc. Informed Approach is continuously reviewed and improved as a result of academic research, practical learning, acquired knowledge, and cultivated experiences. Evolving Involves all stakeholders to enable deliberations and yield decisions that are supported by extensive knowledge, distinct perceptions, diverse points of view, and specific needs. Inclusive Practice is built to anticipate risks, fallible human behavior, cultural trends, and contextual changes, and to adapt to such occurrences in an appropriate and timely manner. Responsive Publishes clear, accurate, and timely information (on risk- related initiatives, actions, decisions, outcomes, etc.) that is circulated to and directly accessible by all stakeholders. Transparent Instructs and informs, facilitates the learning of concepts, and increases the overall awareness of risk management and of its associated benefits, among all stakeholders. Educational Embedded into organizational activities and processes, including change management and decision making, and is formally a part of management responsibilities. Integrated
- 9. 9© Mauro Jasse- All rights reserved (v1.0) Risk Management Framework Demonstrated formal commitment, by executive groups, senior management, and control bodies, to the risk management practice. Engagement and Leadership The risk management framework is conceived with reference to the context (internal and external) of the target activity and frequently reviewed and adapted to address changing conditions. Contextual Design Continuous improvements made to the risk management framework via iterative enhancements, to evolve the risk management practice and maintain its suitability to changing strategic objectives and operational contexts. Progressive Enhancement A detailed (and custom) deployment blueprint to direct the decisions and actions concerning the conception and the integration of the risk management practice. Implementation Plan Periodic assessments of the effectiveness of the risk management practice by measuring its performance and outcomes against the defined purpose, plan, indicators, and expected results Performance Evaluation The incorporation of risk management concepts, processes, and practices by the culture and other processes across all functions, including the global adoption of risk related roles and responsibilities. Structural Integration Engagement and Leadership
- 10. 10© Mauro Jasse- All rights reserved (v1.0) Carry out agreed-upon risk responses as planned, to address overall project risk exposure, minimize individual project threats, and maximize individual project opportunities. Implement Risk Responses Define how risk management activities will be conducted in the project. Plan Risk Management Develop options, select strategies, and agree on actions to respond to individual project risks and address overall project risk exposure. Plan Risk Responses Identify and document the characteristics of individual project risks and of other sources of uncertainty. Identify Risks Numerically analyze the combined effect of individual project risks (and other sources of uncertainty) on overall project objectives. Perform Quantitative Risk Analysis Prioritize individual project risks for further analysis (or action) through the assessment of their probability of occurrence, impact on project objectives, and other characteristics. Perform Qualitative Risk Analysis Monitor the implementation of agreed-upon risk response plans, track all identified risks, identify and analyze new risks, evaluate effectiveness of implemented responses, and improve risk management performance. Monitor Risks PMI® Risk Management Processes
- 11. 11© Mauro Jasse- All rights reserved (v1.0) “Change for Better” A Japanese-inspired notion referring to activities for the improvement of business processes and functions (one-time or continuously). › Effectiveness of risk management practice is periodically evaluated and improved to adapt and suit the approach to evolving business goals and operational context. › Risk management processes regularly assessed against a benchmark with measurable improvements gradually performed to address identified gaps. Improving the Risk Management Practice Kai Zen “change” “good” Continuous improvements are carried out to ensure that risk management continues to add value to the organization.
- 12. 12© Mauro Jasse- All rights reserved (v1.0) › A tool to assess the maturity level of the risk management practice as per generally established best practices. › Defines criteria through which the risk management practice is evaluated. › Supports the creation of a roadmap with a set of actionable guidelines to improve risk management capability. › Progressions in maturity level result in more consistent, predictable, and reliable risk management processes. LEVEL 5 OPTIMIZED LEVEL 4 MANAGED LEVEL 3 DEFINED LEVEL 2 REPEATABLE LEVEL 1 AD HOC Highly predictable and measured outcomes, and a change management process focused on agility and continuous improvement. Centralized planning and governance, fixed performance metrics, formal communication, and measurable improvement objectives. Coordinated policy administration, with tools, scalable processes, and controls consistent across projects, programs, and portfolios. Emergence of consistent risk management tools, formal processes, and official roles with clearly defined responsibilities. Little or no risk management governance, controls applied erratically, and generally undefined roles and responsibilities. LEVEL 0 ABSENT Nonexistent risk management efforts and artifacts. Assessing Risk Management Capability Risk Management Capability Maturity Model (CMM)
- 13. 13© Mauro Jasse- All rights reserved (v1.0) Essentials of Effective Risk Management 01 03 0502 04 06 Risk management culturally embraced and an integral part of all other project processes from the conception phase, including decisions. Risk tolerance of the organization and of project stakeholders clearly defined and communicated and project risk profiles consistently defined. Effective project and risk management software solutions, with timely and accurate data and integrated into enterprise systems. Formal organization, stakeholder support, time commitment, and embedded data management practices to leverage information. Management and contingency reserves devoted to triggered risks, and time reserves allocated to absorb potential schedule delays. Evolving, agile, and adaptable processes that remain fit for purpose in volatile environments and aligned with business strategy and culture.
- 14. 14© Mauro Jasse- All rights reserved (v1.0) https://www.linkedin.com/in/maurojasse MAURO JASSE Project and Data Management Expert About the Author “A professional with over 15 years’ international work experience in software development, IT security, project management, business analysis, and data management.”