500 likes | 596 Views
Apply Risk Management Techniques Introduction to Project Risk C ertificate IV in Project Management 17871 Qualification Code BSB41507 Unit Code BSBPMG407A. Definition of Project Risk. The PMBOK defines Risk as –
E N D
Apply RiskManagement TechniquesIntroduction to Project RiskCertificate IV in Project Management 17871Qualification Code BSB41507Unit Code BSBPMG407A
Definition of Project Risk • The PMBOK defines Risk as – • “an uncertain event or condition that, if it occurs, will have a positive or negative effect on a project’s objectives.” • In practice, people generally associate risks with negative impacts • Opportunities are positive risks and, if they arise, these should be exploited to increase positive impacts on a project • Risks can generally be defined and predicted at the beginning of a project Adapated from PMBOK 4th Edition
Project Risk Management • Project Risk Management decreases the probability and impact of negative events on the project • This in turn increases the chance of Project Success • Risks and issues that occur during a project can seriously impact Time, Cost, Scope and Quality • Both the Project Manager and the Project Sponsor have important roles to play in the management of risks • Both Risks and Issues need to be reviewed and managed as part of the Monitoring and Control process group
Can be predicted upfront Mostly negative impacts Occasional positive impacts Responses planned in advance Maintain a Risk, monitor and resolve Standard categories Not predicted upfront Can’t plan in advance Always have negative impacts Maintain an Issues log, monitor and resolve Categorised depending on project characteristics Risks vs Issues Risks Issues
Characteristics of Project Risk • Project risk is always in the future • Risks are uncertain events or conditions, if they occur they will have an impact (usually negative) on at least one project objective – scope, time, cost and quality • Good practice dictates that ALL assumptions documented in any of the planning processes are automatically placed into the Risk Log to enable effective monitoring and control • Project risk has its origins in the uncertainty present in all projects • A project risk that has occurred can also be treated as an issue
Characteristics of Project Risk • Known risks are those that have been identified and analysed during project planning • Unknown risks may also occur during the project for which no risk planning has been conducted • For high risk, large and complex projects – contingency is often added to cover responses to unexpected risks if they occur • Different Project Sponsors, Project Managers and organisations will have different appetites for risk, these need to be taken into account when determining the contingency
Risk What are some risks for our in class project?
Project Manager’s Responsibilities One of the primary responsibilities of a Project Manager is to monitor and control the project This means that they need to review the progress and status of the project regularly and make adjustments to ensure the project stays on track Risks and Issues that occur are the main reasons for slippage The Project Manager must undertake an overall project risk assessment identify, monitor and control risks identify, monitor and control issues
Project Manager’s Responsibilities It is vital that – Risks are identified during planning and monitored during execution Risk response plans need to be ready for immediate implementation Issues are logged, reviewed and resolved regularly Risks and Issues on critical path activities require urgent action as they can have the greatest impact on the project timeline Communicate the impacts of major risks and issues to the Project Sponsor and senior stakeholders – In Advance!
Project Manager’s Responsibilities Always maintain the following deliverables – Project Risk Assessment Risk Log Issue Log Risk Management Plan
Project Sponsor’s Responsibilities • The Project Sponsor and senior stakeholders also have key roles when it comes to project risks • They need to – • Participate in risk identification • Participate in risk management planning • Assist in both risk and issue resolution • Unfortunately they don’t always realise that they need to contribute and the burden can often unfairly fall to the Project Manager • One resolution is to clearly define the expectations that the project has on the Project Sponsor and senior stakeholders, including a Steering Committee if there is one
Apply RiskManagement TechniquesProject Risk Processes Part 1Certificate IV in Project Management 17871Qualification Code BSB41507Unit Code BSBPMG407A
Project Risk Management Processes PMBOK Project Risk Management Processes - 11.1 Plan Risk Management 11.2 Identify Risks 11.3 Perform Qualitative Risk Analysis 11.4 Perform Quantitative Risk Analysis 11.5 Plan Risk Responses 11.6 Monitor and Control Risks Related processes from Project Integration Management – 4.1 Develop Project Charter 4.2 Develop Project Management Plan 4.6 Close Project PMBOK 4th Edition
4.1 Develop Project Charter The process of developing a document that formally defines and authorises a project by documenting the initial requirements that will satisfy the needs of the Project Sponsor and stakeholder The high level Project Risks are identified and an estimate is made of the overall risk of the project, this can be important to project prioritisation decisions The Project Charter establishes a partnership between the Project Sponsor or client and the Project Manager Occurs during the Initiation Phase Monitor Initiation Planning Execution Close Control Adapted from PMBOK 4th Edition
4.1 Develop Project Charter Inputs into the Project Charter - Business need or rationale Product and project description Strategic Plan Business Case Regulations and standards Contractual requirements Methodologies, policies and procedures Adapted from PMBOK 4th Edition
4.1 Develop Project Charter Common contents of a Project Charter – Project purpose or justification Project objectives – should be measurable Project description High level requirements High level risks or overall risk analysis Preferred timeframe Estimated high level budget High level project structure – Project Sponsor, Project Manager Authorisation or Governance processes PMBOK 4th Edition
4.2 Develop Project Management Plan This is the process of defining and documenting the actions necessary to prepare and integrate all subsidiary plans for each of the 8 key knowledge areas of project management. The planning processes for all project management key knowledge areas are normally performed at the same time and during this process, or expanded upon shortly afterwards. It is progressively updated during project execution via the Perform Integrated Change Control process (PMBOK 4.5) Monitor Initiation Planning Execution Close Control Adapted from PMBOK 4th Edition
Typically, a detailed Risk Log will be developed during this process. Very high priority risks may also have specific Risk Action Plans developed to ensure that they can be enacted quickly if the risk occurs. Together with Scope Creep, risks and issues that occur on critical path activities cause the biggest delays and financial impacts to projects. The Risk planning process (11.1) happens concurrently with the project management planning process (4.2) 4.2 Develop Project Management Plan Adapted from PMBOK 4th Edition
Risk Management Plan The Risk Management Plan describes how risk management will be structured and performed on the project. It is a subset of the overall Project Management Plan. Common inclusions in the Risk Management Plan – Risk management methodology Risk management roles and responsibilities Risk Action plans including costs and resources required to manage specific risks Risk categories Risk probability and likelihood matrix Risk Log Monitor Initiation Planning Execution Close Control Adapted from PMBOK 4th Edition
11.1 Plan Risk Management The process of defining how to conduct risk management activities for a project Detailed risk planning enhances the overall probability of successful project completion Risk planning creates visibility of the degree and types of risk inherent in a specific project For high risk, large and complex projects – contingency is often added to cover responses to unexpected risks The risk planning process (11.1) happens concurrently with the project management planning process (4.2) Occurs during Planning Monitor Initiation Planning Execution Close Control Adapted from PMBOK 4th Edition
11.1 Plan Risk Management Inputs to Plan Risk Management Project Scope Statement Cost Management Plan Schedule Management Plan Communications Management Plan Enterprise Environmental factors Organisational Process Assets - Risk management standards Risk management policies and procedures Risk categories and definitions Standard templates Lessons learned from previous projects Stakeholder registers Monitor Initiation Planning Execution Close Control Adapted from PMBOK 4th Edition Adapted from PMBOK 4th Edition
11.1 Plan Risk Management • The PMBOK includes only one technique for this process – Planning Meetings and Analysis, this is a very simplistic view. • Other tools and techniques have been included here from practice - Risk Management Standards Workshops Risk Management Methodologies Planning Meetings Risk Analysis Tools Stakeholder Consultation Subject Matter Experts Templates Standard Risk Categories Risk Registers
11.1 Plan Risk Management Outputs of this process include – Risk Management Plan Risk management methodology Risk management roles and responsibilities Risk Action plans including costs and resources required to manage specific risks Risk categories Risk probability and likelihood matrix Risk Log Project Document Updates Stakeholder Register and Responsibility Assignment Matrices (part of Project HR) Change Requests Monitor Initiation Planning Execution Close Control Adapted from PMBOK 4th Edition
Risk Categories • Risk categorisation is critical • It helps to ensure that all aspects of risk on the project are considered • Standard risk categories are hard to find • Start with the Project Management Key Knowledge Areas and industry frameworks • Risk Breakdown Structure – • Lists the categories and sub-categories within which risks may arise for a typical project • Different RBSs will be appropriate for different types of projects, different organisations and different industries • Provides a framework to help ensure all risks are considered
Risk Categories Activity: For the design of a new plane Boeing uses the categories below. To which categories do these risks belong? Financial Risks, Competitor Risks, Technical Risks, Sales Risks. • The new parts do not work on the plane. • There are no orders for the new planes. • The bank will not provide a loan for the new plane. • Fokker release a similar plane first. Adapted from Kerzner and Saldaris, 2006.
Risk Categories Activity: For the design of a new plane Boeing uses the categories below. To which categories do these risks belong? Financial Risks, Competitor Risks, Technical Risks, Sales Risks. • The new parts do not work on the plane. TECHNICAL RISK • There are no orders for the new planes. SALES RISK • The bank will not provide a loan for the new plane. FINANCIAL RISK • Fokker release a similar plane first. COMPETITOR RISK Adapted from Kerzner and Saldaris, 2006.
Example Risk Breakdown Structure Adapted from PMBoK Guide – Fourth Edition
11.2 Identify Risks The process of determining which risks may affect the project and documenting their characteristics This is an interactive process as new risks may evolve or become known during the project Participants in risk identification activities can include – Project Manager and Project Team Project Sponsor and Stakeholders Risk management experts Customers Subject Matter Experts Other Project Managers Occurs during Planning Monitor Initiation Planning Execution Close Control Adapted from PMBOK 4th Edition
11.2 Identify Risks Inputs to Identify Risk Risk Management Plan Activity Cost Estimates Activity Duration estimates Scope Baseline Stakeholder Register Cost Management Plan Schedule Management Plan Quality Management Plan Monitor Initiation Planning Execution Close Control Adapted from PMBOK 4th Edition Adapted from PMBOK 4th Edition
11.2 Identify Risks Inputs to Identify Risk (continued) Project Documents – Assumptions Log Work performance reports Requirements Enterprise Environmental Factors - Research and publications External Risk Management Standards Checklists and Benchmarks Industry studies Risk Attitudes Organisational Process Assets - Project Files Risk Management Templates Lessons Learnt Standard risk categories Lists of standard risks Monitor Initiation Planning Execution Close Control Adapted from PMBOK 4th Edition Adapted from PMBOK 4th Edition
11.2 Identify Risks • Tools and techniques for identifying risk include - Questionnaires Interviews and Surveys Documentation Reviews Brainstorming Workshops Root Cause Analysis System or Process Flowcharts Assumptions Analysis Risk Checklists Cause & Effect Diagrams SWOT Analysis Expert Judgement Influence Diagrams Risk Categories Lessons Learnt Industry Risk Frameworks Adapted from PMBOK 4th Edition
11.2 Identify Risks Risk Checklists & Questionnaires • Many organisations and certain industries have standard risk checklists and questionnaires that assist with the identification of the overall risk on a project, as well as the specific risks that may be applicable Assumptions Analysis • Any assumptions that have been documented during the planning processes need to be analysed and included in the Risk Log. If any assumption does not prove to be true there will be impacts to project objectives, the risk of assumptions proving untrue must be evaluated. Risk Categories • Many organisations and certain industries have standard risk categories which help to ensure that all risk areas are reviewed when undertaking risk planning
11.2 Identify Risks SWOT Analysis • Standard approach used to identify risks and opportunities during business planning and marketing activities. Can also be applied to project risk identification. Involves the identification of an organisations Strengths, Weaknesses, Opportunities and Threats. Weakness and Threats may need to documented in project risk logs. Expert Judgement • Many organisations will have specialised risk management teams that can provide expert assistance to projects in the planning and identification of risks. In very risky projects it may also be helpful to consult external subject matter experts. Industry Risk Frameworks • Some industries, particularly Construction and Defence, have standard risk frameworks which are extremely helpful to project risk management.
11.2 Identify Risks Outputs of this process include – Initial entries on the Risk Register List of identified risks Potential risk owners List of potential responses Sample column headings in a typical Risk Register Adapted from PMBOK 4th Edition
Inclusions in Risk Register during Planning • Risk Id • Can be a simple as a number • May relate to the risk category • Used as a unique identifier • may be an internal standard • Risk Description • Plain English explanation of the risk • One to two sentences in length • Ensures common understanding • Risk Category • Can be taken from industry frameworks • Can be set at internal standards • May need to be developed/tailored • Ensures identification of all risks • Assists with monitoring and control • Risk Owner • A specific person or role • Ensures clear ownership of the risk • Responsible for monitoring & control Adapted from PMBOK 4th Edition
Apply RiskManagement TechniquesProject Risk Processes Part 2Certificate IV in Project Management 17871Qualification Code BSB41507Unit Code BSBPMG407A
Project Risk Management Processes PMBOK Project Risk Management Processes - 11.1 Plan Risk Management 11.2 Identify Risks 11.3 Perform Qualitative Risk Analysis 11.4 Perform Quantitative Risk Analysis 11.5 Plan Risk Responses 11.6 Monitor and Control Risks Related processes from Project Integration Management – 4.1 Develop Project Charter 4.2 Develop Project Management Plan 4.6 Close Project PMBOK 4th Edition
11.3 Perform Qualitative Risk Analysis The process of prioritising risks by assessing and combining their probability of occurrence and the consequences of their impacts Project performance can be improved by focussing limited resources on the high priority risks Qualitative risk analysis is the most common, fastest and most cost effective means of establishing risk priorities and planning risk responses It is critical to establish definitions of the levels of probability and impact so as to reduce the influence of bias Occurs during Planning Monitor Initiation Planning Execution Close Control Adapted from PMBOK 4th Edition
11.3 Perform Qualitative Risk Analysis Inputs to Qualitative Risk Analysis Draft Risk Register Risk Management Plan Project Scope Statement Organisational Process Assets - Risk management standards Risk management policies and procedures Risk categories and definitions Standard templates Lessons learned from previous projects Risk databases and checklists Monitor Initiation Planning Execution Close Control Adapted from PMBOK 4th Edition Adapted from PMBOK 4th Edition
11.3 Perform Qualitative Risk Analysis • Tools and techniques for qualitative risk analysis include - Risk Probability & Impact Assessment Probability & Impact Matrix Risk Data Quality Assessment Expert Judgement Risk Categorisation Risk Urgency Assessment
Probability and Impact Assessment Likelihood = Probability Consequences = Impact • Qualitative Risk Analysis involves the estimation of the likelihood and consequences of each risk • Quantitative Risk Analysis involves estimating the measurable impact on project objectives, specifically – Cost, Time, Scope and Quality
Medium Risk High Risk Low Risk Medium Risk Basic Risk Analysis Matrix • Determines - • How risks are treated • How closely they are monitored • How quickly they must be resolved if they occur • For example Probable Likelihood Improbable Minor Major Consequence Risk Management Guidelines – Companion to AS 4360:2004
Likelihood and Consequences Simple Likelihood Scale Simple Consequences Scale Adapted from Risk Management Guidelines – Companion to AS 4360:2004
Risk Rating Matrix and Risk Urgency • Put your likelihood and consequence ratings together and what do you get? Risk Rating = Likelihood x Consequences Risk Urgency = RED, GREEN, AMBER
Risk Categorisation – Breakdown Structure Adapted from PMBoK Guide – Fourth Edition
11.3 Perform Qualitative Risk Analysis Outputs of this process include – Risk Register Updates Likelihood and Impacts Prioritised List of Project Risks Risks requiring response in near term Risks requiring additional analysis and response planning Risks grouped by categories Root cause analysis Watch lists of low priority risks Trend analysis Monitor Initiation Planning Execution Close Control Adapted from PMBOK 4th Edition
Inclusions in Risk Register During Analysis • Likelihood • Probability of the risk occurring • Typically defined in a risk rating matrix • Has both a number scale and definition • Requires judgement and prediction • More accurate if can leverage lessons learnt • Risk Rating • Combines Likelihood and Impact • Normally multiplied together • Enables overall prioritisation of risks • Management/Mitigation Strategies • Avoid – remove entirely • Mitigate – reduce likelihood or impact • Accept – normally for LOW risks • Transfer – to another party, eg contract or outsource • Impact • Consequences of the risk occurring • Impacts on or more project objectives • Includes scope, time, cost & quality • Has both a number scale and definition • Requires judgement and prediction • More accurate if can leverage lesson learnt Adapted from PMBOK 4th Edition
Inclusions in Risk Register During Analysis • Residual Likelihood • Probability of risk occurring after management or mitigation actions • Residual Impact • Impact of risk occurring after management or mitigation actions • Status • Typically RED, GREEN, AMBER • Priority • Typically HIGH. MEDIUM. LOW • Residual Rating • Revised risk rating • Most important for risk monitoring Adapted from PMBOK 4th Edition