NUS CS 5247 David Hsu1 Last lecture Multiple-query PRM Lazy PRM (single-query PRM)
Lecture # 17 PRM 702 Project Risk Management Ghazala Amin.
-
Upload
patience-jennings -
Category
Documents
-
view
227 -
download
8
Transcript of Lecture # 17 PRM 702 Project Risk Management Ghazala Amin.
Lecture # 17
PRM 702
Project Risk Management
Ghazala Amin
Risk Definition
Project Risk:
“An uncertain event or condition that, if it occurs, has a positive or a negative effect on a project objective.
It includes both threats to the project objectives and opportunities to improve on those objectives.”
PMBOK Guide, 2000
Project Risk Management•Risk management should be a systematic process to identify, analyze, treat and monitor all possible risks. •There are many different descriptions ofthis systematic process, but they all have these fundamental steps:
1. Identify2. Analyze/Assess 3. Plan 4. Track & control
Project Risk Management
1. Identify – making a list of all possible risks that could happen.
2. Analyze/Assess – give each risk identified a probability and impact it could have.
3. Plan – create risk management plan.
4. Track & control – continuously monitor the risk and respond when it actually happens.
Risk Management Processes
•Risk Management Planning•Risk Identification•Qualitative Risk Analysis•Quantitative Risk Analysis•Risk Response Planning•Risk Monitoring and Control
Guide to the Project Management Body of Knowledge, 2000
Risk Management Plan
A Risk Management Plan summarizes the proposed risk management approach for the project and is usually included as a section
in the business plan.
The Risk Management Plan is dependant upon the identification of the projects risks, their criticality, status, strategy and status.
Risk Management Plan
The risk Management Plan describes: • the process which will be used to identify, analyze and manage risks both initially and throughout the life of the project; • how often risks will be reviewed, the process for review and who will be involved; • who will be responsible for which aspects of risk management; • how Risk Status will be reported and to whom; and • the initial snapshot of the major risks, current grading, planned strategies for reducing occurrence and Severity of each risk (mitigation strategies) and who will be responsible for implementing them
8
Table. Topics Addressed in a Risk Management Plan
Methodology
Roles and responsibilities
Budget and schedule
Risk categories
Risk probability and impact
Risk documentation
Risk Management Plan Contents
1.0 Introduction 1.1 Scope and purpose of document1.2 Overview of major risks1.3 Responsibilities
2.0 Project Risk Table 2.1 Risk Identification2.2 Description of all risks above cutoff2.3 Factors influencing probability and impact
3.0 Risk mitigation, monitoring and management 3.1 Risk item #n
1. Mitigation2. Monitoring3. Management
4.0 RM Plan Iteration Schedule 5.0 Summary
Risk Identification
Typical Risk Categories
• deliverable, project management, organizational, external• schedule, cost, quality, scope• management, external, technology• high, medium, low• technical, market
Risk Identification-Category
Category is the risk category based on:· Product size (PS)· Business impact (BU)· Customer characteristics (CU)· Process definition (PR)· Development environment (DE)· Technology (TE)· Staff size and experience (ST)
Risk Identification-I & L or P
Impact (I) indicates the likely effect on the project and the resulting product:· catastrophic (show-stopper) 1· critical (delay, extra cost) 2· marginal (extra effort) 3· negligible (internal effort) 4
Probability is the current estimate of the likelihood of occurrence
Risk Identification-Risk Register
The Risk Register illustrates all identified risks, including description, category, cause, probability of occurring, impact(s) on objectives, proposed responses, owners, and current status.
Risk Identification-Risk RegisterWhile the risk register will become the comprehensive output, Risk Identification process results in four entries in the Risk Register:
1. Lists of identified risks – Identified Risks with their root causes and risk assumptions are listed.2. List of potential responses – Potential responses identified here will serve as inputs to the Risk Response Planning process.3. Root causes of risk - Root causes of risk are fundamental conditions which cause the identified risk.4. Updated risk categories - The process of identifying risks can lead to new risk categories being added.
15
Table. Sample Risk Register
No. Rank Risk Description Category RootCause
Triggers PotentialResponses
RiskOwner
Probability Impact Severity Status
R44 1
R21 2
R7 3
Project severity = expectation (1-10) * impact (1-10) When should risk analysis be formed? Is not a time activity Periodic update and reviewed
16
Calculating severity
Problem Expectation Impact SeverityStaff 6 5 30Late delivery of hardware 5 8 40Communication and Networks problem
5 5 25
Project severity = expectation (1-10) * impact (1-10)
Risk Breakdown Structure (RBS)
“A source-oriented grouping of project risks that organizes and defines the
total risk exposure of the project. Each descending level represents an
increasingly detailed definition of sources of risk to the project.”
Dr. David Hillson, “The Risk Breakdown Structure as an Aid to Effective Risk Management,” PMI Europe, 2002
Risk Breakdown Structure (RBS)
•provides organization and structure•helps identify blind spots•facilitates understanding of types of risks and risk sources•indicates correlation of risks•allows for generic risk management plans to address multiple risks•allows cross-project (portfolio) risk management•allows project ranking on basis of risk
Risk Identification Guidelines
•Assemble SME s (Subject Matter
Experts)
• Identify “endemic” risks
• Create an environment that encourages honest discussion
Risk Assessment Guidelines
•Use descriptors for Probability and Impact•Qualitative Risk Assessment is useful when you do not have accurate numbers for Impact and Probability•Analysis is often unconscious rationalization of decisions•already made•Risk Scatter Diagram communicates the general risk profile for a project or phase•Decision Trees can assess multiple probabilities
Risk Management Tools
•Risk Identification– RBS– Risk Map
•Risk Assessment– Qualification model– Decision Tree Analysis– Monte Carlo Analysis
•Risk Communication– Monte Carlo histograms– RBS, Risk Map, Risk Scatter Diagram– Critical Path Analysis, Sensitivity Analysis