Critical.
Authoritative.
Strategic.
Subscribe to CIO Magazine »

How to Manage Project Risks, Part 4: Corporate Risks

There are 8 types of risk that need to be managed effectively for your project to be successful.

A project introducing a financial lending product to poor credit borrowers will increase the risk profile of the organization.

If you are opening up your systems to allow internet-based access to records, regardless of the security controls you are putting in place, you are increasing your organization's corporate risks.

The decision to increase the corporate risk profile is not yours as a project manager, but this increase needs to be identified and acknowledged.

Every organization has its own 'risk appetite' -- the level of risk they are happy or willing to tolerate.

Some organizations have undertaken a formal risk analysis to identify their overall risk exposure, generating a corporate risk profile and areas requiring attention. Find out who 'owns' this risk analysis within the organization (easy if you have a Chief Risk Officer) and go to see them with your project sponsor and identify if there are any areas where your project will or could potentially increase corporate risk.

You may find your project is reducing the organization's risks in some areas, this is then a risk-reduction benefit you can include in your value proposition.

If no such corporate risk analysis has been conducted the potential risk does not go away, it merely is more difficult to quantify.

Ideally the Enterprise PMO will generate a list of pseudo Corporate Risks to be used. We show you how to generate such pseudo-corporate risks at www.beingaPMO.com (to be launched soon).

Otherwise you may have to identify whether your project will increase the ongoing corporate risk exposure of the corporation in conjunction with the PMO, business and governance team.

First discover any recent projects that intentionally or inadvertently increased the risk profile of the organization. Is you project likely to impact these or associated/similar areas?

Meet with key stakeholders and ask them if they can identify any outcomes from the project that could increase the organization's overall risk profile.

Think in terms of, for example:

  • are you going to disadvantage any set of customers that may cause them to move their custom elsewhere? (Customer loss risk)

  • are you replacing like with like functionality making you vulnerable to competitor action that improves their service, leaving you competitively disadvantaged? (Competitive position loss risk)

  • are you implementing a product that makes your customers more self-sufficient and, therefore, reduces your services revenue stream? (Revenue loss risk)

  • are you implementing a system that supports current, unchanged processes that may, therefore, not be capable of meeting future demands? (Operations flexibility loss risk).

Identifying potential corporate risks needs you to think big, in strategic impact terms.

For most projects the net result will be that no corporate risks are impacted or made worse. But you need to go through the exercise to ensure no surprises at the end of the project (for which, most likely, you'll be unfairly blamed!)

Click here for the first in this series How to Manage Project Risks

Or to read Jed's previous column, How to Manage Project Risks: 3 Design Risks click here Jed Simms is CIO magazine's weekly project management columnist. Simms, founder of projects and benefits delivery research firm Capability Management, is also the developer of specialized project management and project governance Web site www.project-sponsor.com

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

More about: Exposure, SIMMS, Simms International

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the CIO comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Whitepapers
Latest Stories
Community Comments
Latest Blog Posts
Whitepapers
  • Collaborative software delivery: Managing today’s complex environment to improve software quality
    Ten to fifteen years ago, software delivery was a fairly straightforward process. Programmers and their managers worked together in a single location, communicating and collaborating face-to-face. Now the process is much more complex. You may be in the process of adopting agile processes and struggling to find the right tooling. If you’re going to successfully deliver high-quality software that aligns with your business objectives, addresses your requirements and adheres to regulatory compliance requirements, all the stakeholders must be able to effectively collaborate and communicate. Read on.
    Learn more »
  • Protecting Against the Leading Causes of Data Breach
    This whitepaper was written for the organisation that wants to focus on prevention of data loss and doesn’t have millions to spend, but needs affordable solutions that can be implemented today to protect millions of sensitive records and dollars worth of intellectual property. This whitepaper addresses: - What organisations can do to prevent the four leading causes of data breaches - Why dedicated (pure-play) DLP solutions may not protect you from all four leading causes of data breaches - How to get prevent sensitive data leaving your organisation
    Learn more »
  • Solid State Storage 101 - An introduction to Solid State Storage
    Solid state data storage is gaining significant acceptance today. Storage based on Ram Access Memory (RAM) and Flash chips instead of mechanical hard disk drives is earning much greater attention by meeting the market requirements for reliability, performance, and cost more effectively than ever before. Read on.
    Learn more »
All whitepapers
rhs_login_lockGet exclusive access to Invitation only events CIO, reports & analysis.
Recent comments

HP and IDG news, product videos and resources