RISK Management in Projects

Risk is a very common factor in our day to day activities we perform. Sometimes we are aware of it and sometimes not. In project management we do a thorough exercise of risk management to make sure the project is successful.

Based on my experience RISK is abbreviated as below. As it is said & heard multiple items “Early identification” of risk is the key in managing risks. But every opportunity/threat we come across in the project need not be a risk, so it is always good to do SWOT analysis whenever there is new idea/problem arises.

Handling Risks

• Realize the opportunity/threat
• Identify the risks
• Severity/Impact
• Keep monitoring

In every stage of the project either in traditional or Agile the first step is to Realize the opportunity/threat that could enhance/deteriorate the project. As a Project manager we need to look at the opportunity/threat in different aspects as stakeholder/end user/employee/vendor to see who will get more benefited by the addition/deletion.

Let’s talk with an example, there is a request from client/Stakeholder to “add new feature in the product” most of the times we tend to say NO as the project is going as planned but it is always good to give it a thought and understand the consequences of the request made by client by performing different tools available as listed below.

Tools

• SWOT
• 5 Why’s technique
• MoSCoW

Based on the above analysis Identify the Risk involved in the project at the earliest and it is a iterative process. there are many tools/techniques available and below is the list. Proactive identification of risk can minimize or avoid the impacts of threats and trigger or maximize the impact of opportunities.

It is advisable to make it clear to the team about the risk appetite of the project. Identification of risks can be done by referring to project documents like Project Charter, OPA’s, Assumption log, RFP’s, Contracts, Triple constraint baselines. All these identified risks can be tracked using Risk Register.

Techniques

• Brainstorming
• Expert opinion
• Interviews
• Assumption analysis
• Delphi method
• Affinity diagrams.

As all the identified risks can’t be monitored, we need to prioritize the risks on Severity & Impact or probability & impact matrix. Matrix can High/Medium/Low or Sev 1/Sev 2/Sev 3 and so on to address the issue. Prioritization can also be iterative, and it helps the team to keep bird eye on the risks.

Upon the risk priority & impact we can use any of the risk mitigation strategies like Avoid/Transfer/Mitigate/Accept based on the risk appetite & threshold. Once the risk turns into issue and this can be tracked in Issue log.

Keep Monitoring, need to monitor the risks on regular basis and that can be achieved by discussing daily stand up, interacting with team and spreading the awareness in the team about project risk appetite and risk threshold.

Assign the risk owner for risks would help team members to be more responsible & accountable and also active stakeholder engagement and discussion with team can avoid the risks at the early stages.

Conclusion

RISK need to Identify, Analyze, Prioritize, Respond & Monitor the risk on regular basis is the essential for the risk management