Documente online.
Zona de administrare documente. Fisierele tale
Am uitat parola x Creaza cont nou
 HomeExploreaza
upload
Upload




Module 3: Risk Management

managements


Module SEQ chapter \* Arabic \r : Risk Management

ASK ChapterBM "Enter the chapter number" chapter SEQ chapter \* Arabic \r 3



THIS PAGE LEFT INTENTIONALLY BLANK

Objectives

Explain

This module explains risk and introduces the concept of proactive risk management to minimize the impact of risk.

Picture false

Lessons

Picture false

Lesson 1: Risk Fundamentals

Picture false

Risk

Explain

Risk is the possibility of suffering a loss. For any given project, the loss could be such things as diminished quality of the end product, increased cost, missed deadlines, or failure of the whole project.

Emphasize

Risk is not inherently bad. But risk is inherent in every project.

Picture false

n       Risk is the possibility, 11311j91l not the certainty, of suffering a loss.

n       The loss could be anything from diminished quality of an end product to increased cost, missed deadlines, or project failure.

n       Because risk is a fundamental ingredient of opportunity, it is not inherently bad, but it is inherent in every project.

n       Successful teams deal with risk by recognizing and minimizing uncertainty.

Risk Sources

Explain

The slide lists some examples of where risks might originate. The list is not exhaustive.

Emphasize

Risk can be found everywhere in an IT project. Poorly thought-out planning can be a source of risk, as can a shortage of money or people or a lack of training on new technology.

Transition

Make it clear that there is no one-to-one relationship between the list of sources on this slide and the list of possible consequences on the next slide.

Picture false

The items listed on this slide show where risks can be generated, but they are not the conditions or the consequences.

Risk Impacts

Explain

These are examples of the types of impact that can result from risk. The list is not exhaustive.

Emphasize

Risks can affect a project in many different ways. To find them, you have to look beyond just cost.

Picture false

Risks can affect a project in many different ways. The slide offers some typical impacts for the purpose of illustration.

Lesson 2: Risk Management Overview

Picture false

Activity 4: Understanding Risk

Prepare

Review the delivery guide for this module. Read the instructions on the slide.

Facilitate

Lead the class in brainstorming ideas for dealing with fire safety in a warehouse. Write the ideas on a flip chart, making mental note of those that you can use later to illustrate the difference between mitigation and contingency planning.

Remember, the whole point of the exercise is to illustrate that most people think of the consequences of risk, not the conditions that cause it.

Picture false

Read the instructions on the slide and follow any additional directions the instructor might have for you.

MSF Risk Management

Explain

MSF risk management sets forth a discipline and environment of proactive decisions and actions to assess continuously what can go wrong, determine which risks must be dealt with, and implement strategies for dealing with them.

Emphasize

Key point: MSF advocates proactive risk management, which requires a visible, measurable, and repeatable process for managing risks.

Picture false

n       Risk management should be proactive, not reactive.

n       It should continuously assess what can go wrong so that the team can use that information for all project decision-making.

n       Proactive risk management requires a visible, measurable, and repeatable process.

n       Preventing risk is the transition point between proactive and reactive risk management.

Risk Management Process

Explain

MSF risk management is an ongoing five-step process that should be part of all project management. The key to its success is keeping it simple.

Emphasize

Although the "identify" step looks like a one-time event in the process, it is actually ongoing.

Transition

The next three lessons examine the steps in the proactive risk management process in detail.

Picture false

n       Identifying risks allows the team to bring risks to the surface so they can deal with them before they hurt the project.

n       Analyzing risks converts risk data into information the team can use to make decisions.

n       Devising risk plans is the next step that turns information into decisions and actions.

n       Tracking risks allows the team to monitor the status of risks and any actions taken to mitigate them.

n       Controlling risk moves risk management into day-to-day project management, which is crucial in making sure that risk management remains a high-profile activity.

Risk Assessment Document

Explain

The risk assessment document is the compilation of all of the risk assessment pieces. It is a living document that the team should review at every major milestone, at a minimum.

Picture false

Risk assessment document is a fundamental piece of the risk assessment process. In a sense it fills dual roles similar to those of a sword and a shield.

n       As a sword, it is a decision enabler that:

Prioritizes effort.

Highlights dependencies.

n       As a shield, it defends a project through education and escalation against:

Arbitrary changes by management.

Arbitrary dates.

Fixed project variables.

Risk Assessment Document Contents

Explain

The items on the slide do not necessarily represent all the things that the risk assessment document could contain, but they do represent those things that should be there at a minimum. For example, risks are often described using a risk statement approach, whereas other times they are described by separating risk causes from risk consequences.

The contents of the risk assessment document should clearly explain what the project risks are, what is being done to prevent them, and what will be done if they occur.

Picture false

n       The items on the slide do not necessarily represent all the things that the risk assessment document could contain, but they do represent those things that should be there at a minimum. For example, risks are often described using a risk statement approach, while other times they are described by separating risk causes from risk consequences.

n       The contents of the risk assessment document should clearly explain what the project risks are, what is being done to prevent them, and what will be done if they occur.

Lesson 3: Risk Identification and Analysis

Picture false

Identifying Risks

Explain

Identifying risks is a crucial first step in the proactive risk management process because risks can't be managed until they've been identified.

Emphasize

Risk identification is not a one-time event.

Picture false

n       Identifying risks gives the project team the opportunities and the information it needs to bring risks to the surface.

n       Because risk identification involves all key team players, it also reveals for the team the assumptions and viewpoints that those players hold.

n       A fundamental aspect of risk identification is that the team should treat it as a positive action, not a negative one.

Risk Statements

Explain

MSF advocates using formal risk statements that state both the condition and the consequence of each risk in a clear and easily understood fashion.

Emphasize

Often team members identify only one side of the risk equation. It's important to make sure that they also identify the condition and the consequence.

Picture false

n       A risk can't be managed effectively until it's been stated clearly.

n       Risk statements should clearly and simply state the condition of the risk (the cause) and the consequence of the risk (the effect).

n       Team members should look for shared conditions and consequences across multiple risk statements to see if they constitute a root issue.

Analyzing Risks

Explain

Analyzing risks converts the raw risk data from the identification process into information the team can use to make decisions. Analysis helps the team focus on the right risks. It considers three factors: risk probability, risk impact, and risk exposure.

Emphasize

Analyzing risks allows the team to quantify risk priorities.

Transition

The next three slides examine those factors in more detail.

Picture false

n       By analyzing risks, the project team moves from gathering raw data about risks to deciding what to do about them.

n       Risk analysis allows the team to quantify risk priorities.

n       In analysis, the team considers the likelihood that the risk will occur and how serious the impact will be if the risk occurs and then assigns a degree of exposure calculated by comparing the risks with others from the same project.

Assessing Risk Probability

Explain

The easiest way to estimate probability is with a simple numeric scale because risk probability is generally a best-guess estimate.

Emphasize

Measuring risk is relative. You can use any scale you want, but you must use the same one across the project. A consistent scale keeps the measurement meaningful.

Picture false

n       Often risk probability is defined using non-numeric scales, such as colors-red, green, and yellow-or levels-high, medium, and low. But MSF risk management calls for using numeric scales, such as 3, 2, and 1.

n       Because probability is generally an estimate, it's best not to get too precise with the scale that you use to calculate it. On a scale of 1 to 3, it's easy to determine whether a risk is a 2 or a 3. On a scale of 1 to 20, it would be very difficult to determine whether a risk is a 17 or an 18.

Assessing Risk Impact

Explain

You should use a simple scale for risk impact as well. But, unlike risk probability, you can sometimes quantify risk impact. In those cases, a dollar value is the best way to quantify the impact.

Emphasize

Again, consistency is important because you will multiply this figure by the probability figure to calculate exposure.

Picture false

n       Often risk impact is defined using non-numeric scales, such as colors-red, green, and yellow-or levels-high, medium, and low. But MSF risk management calls for using numeric scales, such as 3, 2, and 1.

n       Whatever you do, don't mix different scales. Pick the lowest common denominator and continue using it.

Calculating Risk Exposure

Explain

Risk exposure is an artificial way of quantifying the overall threat of a risk. You calculate it by multiplying probability times impact. It has meaning only within the context of the project and by comparison with other risks.

Emphasize

Risk exposure is meaningful only in relationship to other risks that use the same scales.

Picture false

n       The risk exposure calculation is why consistency in scales is so important.

n       Because you will use exposure to compare one risk against another, you must have a consistent scale to make the comparison meaningful. For example, on one project a risk with an exposure of 9 could be the highest risk on the project. On another, a risk with an exposure of 9 could be relatively low. The point is, the same probability and impact scale must be used across a project so that the exposure comparisons have meaning.

Activity 5: Identifying, Analyzing Risks

Prepare

Read the instructions in the delivery guide for this module and on the slide.

Facilitate

Keeping the students in a large group, lead them through a brainstorming session to identify and document five risks from the chosen activity scenario and then to prioritize these risks.

Debrief

Finish the activity by engaging the students in a discussion about the variations in how they thought the risks should be assessed.

Picture false

Read the instructions on the slide and follow any additional directions the instructor might have for you.

Lesson 4: Risk Planning

Picture false

Devising Risk Plans

Explain

The team should make plans only for those risks with consequences that it can't accept. To determine which risks to plan against, the team should examine whether it knows enough about the risk, whether it can live with the consequences, whether it can avoid the risk, whether it can reduce the likelihood the risk will occur, and whether it can reduce the impact if the risk occurs.

Transition

The next two slides examine how teams can do risk planning if they can't live with the consequences of a risk or can't avoid it.

Picture false

n       The team should balance the risk consequence against the effort needed to avert it.

n       Planning involves developing actions to address individual risks, prioritizing risk actions, and creating an integrated risk management plan.

Mitigating Risks

Explain

Mitigating risk means taking steps ahead of time to keep a risk from occurring or driving its impact to an acceptable level. It's not the same thing as risk avoidance because mitigation focuses on prevention and minimization.

Emphasize

Proactive mitigation focuses on addressing root causes rather than symptoms.

Picture false

n       Mitigating risk means taking steps ahead of time to keep a risk from occurring or driving its impact to an acceptable level.

n       Proactive mitigation focuses on addressing root causes rather than symptoms.

n       After you have determined the root cause, you should look for similar situations in other areas of the project.

n       Some risks cannot be reasonably mitigated, or simply cannot be mitigated at all.

Risk Mitigation Strategies

Explain

MSF risk management focuses on preventing risks ahead of time, whether by reducing their probability, minimizing their impact, transferring risks, or avoiding them altogether.

Emphasize

MSF risk management is very proactive, rather than reactive.

Picture false

n       Risk reduction tries to minimize the likelihood that a risk will occur (for example, by building a warehouse out of fireproof materials) or to minimize the impact (for example, by installing automatic sprinklers).

n       Risk transference tries to shift the risk to someone else (for example, by contracting for fire safety with a third party).

n       Risk avoidance tries to eliminate the risk by doing something less risky (for example, by building something less prone to fire than a warehouse).

Planning Risk Contingency

Explain

Contingency plans are necessary for all risks, including those that have mitigation plans. They address what to do if the risk occurs and focus on the consequence and how to minimize its impact. To be effective, the team should make contingency plans well in advance.

The example in the slide is used for the sake of brevity. You should try to offer industry examples.

Transition

The next slide looks at contingency triggers in more detail.

Picture false

n       The team should focus on high-exposure risks, paying special attention to those risks with high impact that cannot be mitigated.

n       Contingency plans are necessary for all risks, including those that have mitigation plans. They address what to do if the risk occurs and focus on the consequence and how to minimize its impact.

n       To be effective, the team should make contingency plans well in advance.

Setting Contingency Triggers

Explain

Contingency triggers are an important part of any contingency plan. Without triggers, any plan is incomplete.

Emphasize

It isn't enough to plan how you will react; you also need to decide ahead of time when you will react.

Picture false

n       Contingency triggers are the criteria that project teams use to determine when it's time to execute contingency plans.

n       Point-in-time triggers are built around dates, generally the latest date by which something has to happen.

n       Threshold triggers rely on things that can be measured or counted.

Activity 6: Creating Risk Plans

Prepare

Make sure you have read the delivery guide for this module for background information on this activity.

Facilitate

Keep the students in a large group. Using the risks developed from the last activity, have the students select the top three risks and prepare a mitigation plan and a contingency plan-including triggers-for each risk.

Debrief

After you've gone through the proposed plans, lead the students in a discussion of their plans.

Picture false

Follow the instructions on the slide and any additional directions the instructor might have.


Lesson 5: Risk Tracking and Control

Picture false

Tracking Risks

Explain

Tracking is the watchdog function of the proactive risk management process. The project team uses risk tracking to monitor the status of risks and of any actions it has taken to mitigate them.

Teams should include risk reviews with regular project reviews, including assessing their progress resolving the top 10 risks.

Emphasize

Tracking is important for keeping risk management visibility and profile high. It ensures that the team doesn't relegate risk management to a one-time task.

Picture false

n       Tracking risk is required to ensure effective action plan implementation.

n       Teams should include risk reviews within regular project reviews, including assessing their progress resolving the top 10 risks.

n       Project teams should find their own mechanisms for changing risk status and effectively judging progress.

Creating a Top 10 List

Explain

The team can focus on only so many risks at one time. Using top 10 lists is a good way to focus efforts on a limited number of major issues.

Emphasize

The number of risks is not important of itself, although lists work best if they contain 10 or fewer risks. A top 10 list works only if the team reviews it regularly.

Picture false

n       The number of risks is not important of itself, although lists work best if they contain 10 or fewer risks.

n       A top 10 list works only if the team reviews it regularly.

n       Another technique for focusing on risks is using war room meetings in which specific issues receive individual attention.

Controlling Risks

Explain

Controlling risk is the step that enables the project team to react to the dynamics of the project situation. Analysis is not an exact science, nor are risk plans. Therefore, the team needs an opportunity to re-address variations in analyses and plans in an ongoing manner.

Picture false

n       The combination of tracking and controlling risk moves risk management from a planning activity to a project management activity.

n       Controlling risk is the step that enables the project team to react to the dynamics of the project situation.

Retiring Risks

Explain

Fundamentally, risks are retired so that the team is managing only those risks that require it. How a risk gets retired is an organizational issue and depends on the processes and tools put in place.

One approach to retiring a risk is to archive the risk and its management plan (successful or otherwise) into a repository for use and reference by future projects.

An approach at the other end of the spectrum is to simply remove risks from the risk management process after they have occurred or been resolved.

Picture false

n       Fundamentally, risks are retired so that the team is managing only those risks that require it. How a risk gets retired is an organizational issue and depends on the processes and tools put in place.

n       One approach to retiring a risk is to archive the risk and its management plan (successful or otherwise) into a repository for use and reference by future projects.

n       An approach at the other end of the spectrum is to simply remove risks from the risk management process after they have occurred or been resolved.

Successful Risk Management

Explain

Successful risk management has certain characteristics. This slide includes an incomplete list of some of them.

Emphasize

Much of MSF is based on managing risk and using it to make decisions.

Transition

Moving forward, this course will discuss other techniques based on risk management.

Picture false

n       Dealing with risks requires that the team view risk management as part of a dynamic, competitive process rather than as just an additional static project management activity.

n       Using risk-based decision-making means planning risk actions first for those risks that have the greatest risk exposure for the project.

n       Risk management should be a formal process to ensure that team members identify and analyze risks appropriately and properly follow through on those requiring ongoing management.

n       Risk identification should be treated as a positive, valued exercise, to encourage all team members to participate. If risk identification is perceived as a negative thing, team members will be reluctant to come forward with potential risks.

Summary

Summarize

Use these questions to reprise the essential learning points of the module. Seek out answers that show an understanding of the issues.

Picture false

n       Now is the time to ask any further questions you might have about the material presented in this module.

n       Although this concludes the risk management module, the concepts of risk management and the use of risk-based techniques will appear throughout the rest of the course.


THIS PAGE INTENTIONALLY LEFT BLANK


Document Info


Accesari: 1727
Apreciat: hand-up

Comenteaza documentul:

Nu esti inregistrat
Trebuie sa fii utilizator inregistrat pentru a putea comenta


Creaza cont nou

A fost util?

Daca documentul a fost util si crezi ca merita
sa adaugi un link catre el la tine in site


in pagina web a site-ului tau.




eCoduri.com - coduri postale, contabile, CAEN sau bancare

Politica de confidentialitate | Termenii si conditii de utilizare




Copyright © Contact (SCRIGROUP Int. 2024 )