1 / 21

Risk Analysis and Management

Risk Analysis and Management. M Taimoor Khan taimoorkhan@ciit-attock.edu.pk. Risk Management. It is the analysis and management of project risks Must perform in order to improve the chances for the project success Robert Charette defines risk as:

talor
Download Presentation

Risk Analysis and Management

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Risk Analysis and Management M Taimoor Khan taimoorkhan@ciit-attock.edu.pk

  2. Risk Management • It is the analysis and management of project risks • Must perform in order to improve the chances for the project success • Robert Charette defines risk as: “Risk concerns future happenings. Today and yesterday are beyond active concern. The question is, can we, therefore, by changing our action today create an opportunity for a different and hopefully better situation for ourselves tomorrow.” • risk involves change, such as changes in mind, opinion, action, or places • risks involve choice, and the uncertainty that choice itself implies

  3. Concerns 1. Future – what risks might cause the project to go astray 2. Change – what change might cause the risk to strike How changes in requirements, technology, personnel and other entities connected to the project affect the project 3. Choice – what options do we have for each risk In Peter Drucker words: “while it is futile to try to eliminate risk, and questionable to try to minimize it, it is essential that the risk taken be the right risk.”

  4. Approaches towards risks • There are two basic risk management philosophies, reactive and proactive. • Reactive – Indiana Jones school of risk management – Never worrying about problems until they happen, and then reacting in some heroic way – Indiana Jones style. • Proactive – Begins long before technical work starts

  5. Overview • Risks are identified, their probability and impact are analyzed, and they are ranked by importance. • Risk management plan is prepared • Primary objective is to avoid risk • Since all risks cannot be avoided, a contingency plan is prepared that will enable it to respond in a controlled and effective manner Unfortunately, Indiana Jones style is more suitable for fiction and has a rare chance of success in real life situations. It is therefore imperative that we manage risk proactively.

  6. Characteristics of risk A risk has two characteristics: • Uncertainty – the risk may or may not happen • Loss – if the risk becomes a reality, unwanted consequences or losses will occur. • A risk analysis involves quantifying degree of uncertainty of the risk and loss associate with it. • In this regards, the Project Manager tries to find answers to the following questions: • What can go wrong? • What is the likelihood of it going wrong? • What will the damage be? • What can we do about it?

  7. Types of Risks Each project is faced with many types of risks. These include: • Project risks – Will impact schedule and cost – Includes budgetary, schedule, personnel, resource, customer, requirement problems • Technical risks – Impact the quality, timelines, and cost – Implementation may become difficult or impossible – Includes design, implementation, interface, verification and maintenance problems • Business risks – Marketability – Alignment with the overall business strategy – How to sell – Losing budget or personnel commitments

  8. Risk Predictability There are predictable and unpredictable risks. • Predictable risks can be uncovered after careful evaluation whereas unpredictable risks cannot be identified.

  9. Risk Identification • It is the responsibility of the project manager to identify known and predictable risks. • These risks fall in the following categories of generic risks and product specific risks. • Generic risks are threats to every project whereas Product specific risks are specific to a particular project • Thequestion to be asked in this context is: what special characteristics of this project may threaten your project plan? • A useful technique in this regards is the preparation of a risk item checklist. • This list tries to ask and answer questions relevant to each of the following topics for each software project: • Product size, Business impact, Customer characteristics, Process definition, Development environment, Technology to be built, Staff size and experience

  10. Risk Drivers • Each risk has many components and forces behind them. From this perspective, risks can be categorized into the following categories: • Performance risks – Degree of uncertainty that the product will meet its requirements and be fit for its intended use • Cost risks – The degree of uncertainty that the project budget will be maintained • Support risks – Resultant software will be easy to correct, enhance, and adapt • Schedule risks – Product schedule will be maintained

  11. Risk Impact

  12. Risk Projection • Risk projection is concerned with risk estimation • It attempts to rate risks in two ways: • likelihood • Consequences There are four risk project activities. These are: • Establish a scale for the likelihood of risk • Outline the consequences • Estimate impact • Fixing plan

  13. Risk Projection Catastrophic 2. Critical 3. Marginal 4. Negligible RMMM - Risk mitigation, monitoring and management plan

  14. Assessing risk impact • Assessment of risk impact is a crucial process • Factors affecting the consequences are: nature, scope, and timing • For each risk an exposure is calculated as follows: RE = Probability of the risk x Cost • This risk exposure is then used to identify the top risks

  15. Example • Risk: – Only 70% of the 60 software components scheduled for reuse will, in fact, be integrated into the application. The remaining functionality will have to be custom developed. • Risk Probability – 80% likely (i.e. 0.8) Risk Exposure – 60 reusable software components were planned. If only 70% can be used, 18 components would have to be developed from scratch. New component cost: 100,000 • Total cost: 1,800,000. • Therefore, RE = 0.8 * 1,800,000 = 1,440,000

  16. Contingency Plan This leads us to the following Management/Contingency Plan: 1. RE computed to 1,440,000 Allocate this amount within project contingency cost. 2. Develop revised schedule assuming 18 additional components will have to be custom built 3. Allocate staff accordingly

  17. RMMM Doc / Contingency plan • Risk avoidance is always the best policy • Mitigate those causes that are under our control before the project starts • Once the project resumes keep monitoring the risk to ensure continuity • Ensure standards that can be smooth transfer of control • Prepare a backup plan / staff / budget • Prepare a management strategy • Keep monitoring the risk factors

  18. Risk management and Contingency Plan • Risk management and contingency planning assumes that mitigation efforts have failed and that the risk has become a reality • Risk has become a reality – some people announce that they will be leaving • If mitigation strategy has been followed, backup is available, information has been documented, and knowledge has been dispersed Temporarily refocus and re-adjust resources • People who are leaving are asked to stop all work and ensure knowledge transfer • Risk mitigation and contingency is a costly business. • The Pareto principle (80-20 rule) – 20% of the identified risk account for 80% of the potential for project failure.

  19. Risk Management

  20. Risk budget • Prioritize risks based on their Risk exposure • Cut out the table in the middle • Calculate the contingency budget

  21. Activity – calculate contingency budget 1. Cost $500K, 2. Cost $200K 3. Cost $100K 4. Cost $20K

More Related