Risk Management Process

Risk Analysis is not a simple process. It involves many steps and different levels of granularity to identify, analyze and respond to the identified risks. As this topic was just recently covered in class, I decided to find out how the company I currently work for performs risks analysis.

Based on the methodology currently used within the organization, risk analysis process includes input deliverables, such as stakeholder analysis, legal contract, project management plan and issues log, and output deliverables such as project schedule and risk register where the risks are further subdivided based on the categories (technical risk, cost risks, schedule risk, quality risk, contract, legal risk, etc.).

I found it interesting that the first step in the process is identified as stakeholder analysis. As we all know stakeholder involvement, active participation and support are some of the important keys to project success. The goal of this deliverable is to analyze the relationship, level of engagement and future adoption levels for stakeholders and identify any issues or potential risks. This activity is usually performed by organizational control management team at the beginning of the project and is continuously updated throughout the project as well.

The deliverable of legal contract is self-explanatory – it includes project definition, project scope, description of services to be provided as well as pricing and payment terms, and is used as a building block for identification and analysis of potential legal issues and risks.

Another deliverable is project management plan that identifies main project management processes such as scope management, schedule management, cost management, quality management, resource management and communication management, and serves as an input to identify and analyze risks associated with direct project activities.

Issues log deliverable contains other problems that come up on regular basis, require to be resolved, but might not necessarily fall under any of the deliverables mentioned above. Typically additional project issues could be process or system requirements that are not compatible with each other, incorrect assumptions, missing information, etc.

After these input deliverables are collected, the risk analysis process is performed that includes risk identification, prioritization and response strategy steps.  Although risk identification step is done in the beginning, it is also a continuous process as new risks may emerge and become apparent during project. Risk prioritization is done in order to identify high-priority and high-impact risks which are calculated based on the risk exposure, probability of occurrence and level of impact variables. Finally, the response strategies are developed in order to reduce impact and threat to the project as well as to assign resources that will be responsible for executing the response when needed.

Therefore, by using input and output deliverables, risk analysis process provides structured plan with the main purpose to minimize the probability of adverse and detrimental events happening during the project as well as to lower the negative impact of these adverse events if they occur.

Additionally, when researching the risk management topic, I came across an article – “The Six Mistakes Executives Make in Risk Management”, that highlights some of the interesting facts and discusses six mistakes that are made during risk management. Do you agree or disagree with some of the statements made by the author?


Scope management

The consulting company I work for has developed its own methodology for project management that includes various methods, procedures and tools, and represents an integrated approach to project management specific to the company business areas. Every manager is required to take the course and pass the test before moving into the project management role. What I find interesting is that the methodology is not completely set in stone, it is evolving and can be revised based on the “lessons learned” from completed projects. There are open forums and quarterly conference calls that address questions and concerns and provide information on specific topics related to the methodology and project management.

The central focus of this custom developed methodology is on active management of various factors that directly influence the success of the project such as scope, time, cost, risk, issue, quality, communication managements and integrated change control.  The goal is to provide structured common language for project managers in order to deliver a repeatable and predictable experience to our customers.

I’d like to briefly highlight the approach to scope management which is one of the key elements of any project.

The company’s methodology advocates that scope management is intended for verification of work and tasks required for the project, monitoring status of the project and managing changes to the scope baseline. It includes key activities and key deliverables. Some of the central key activities are defined as reviewing and confirming project scope and timing, controlling scope, communicating changes and corrective actions, monitoring schedule and costs, confirming the segments of work, verifying project tasks and managing team members. Key deliverables include work effort estimates, project management plan, project scope statement, decision records, logs and status reports.

In order to verify that the project remains on track, the approach brings attention to the following important points. One is scope verification which is done at the time when the project deliverables are officially accepted and signoff sheet is received. Another one is building the work breakdown structure based on the total scope, which includes correct decomposition of the project and planning of work and resources within different components of it. Additional point is scope communication, which is the process for conveying project scope statement to the project team via kickoff presentation. And final point is scope control which is controlled through change control and management process that defines how changes are requested, analyzed and approved or rejected.

The methodology stresses out the importance of proper scope management as we all know that scope changes can cause a ripple effect that can negatively impact time, schedule, budget, quality and overall success of the project. I’ve been involved in 3 projects within the last year and none of them had any scope creep which means that the approach, proper training and tools provided to managers do help in managing the scope.