Critical.
Authoritative.
Strategic.
Subscribe to CIO Magazine »

How to Manage Project Risks, Part 4: Corporate Risks

There are 8 types of risk that need to be managed effectively for your project to be successful.

A project introducing a financial lending product to poor credit borrowers will increase the risk profile of the organization.

If you are opening up your systems to allow internet-based access to records, regardless of the security controls you are putting in place, you are increasing your organization's corporate risks.

The decision to increase the corporate risk profile is not yours as a project manager, but this increase needs to be identified and acknowledged.

Every organization has its own 'risk appetite' -- the level of risk they are happy or willing to tolerate.

Some organizations have undertaken a formal risk analysis to identify their overall risk exposure, generating a corporate risk profile and areas requiring attention. Find out who 'owns' this risk analysis within the organization (easy if you have a Chief Risk Officer) and go to see them with your project sponsor and identify if there are any areas where your project will or could potentially increase corporate risk.

You may find your project is reducing the organization's risks in some areas, this is then a risk-reduction benefit you can include in your value proposition.

If no such corporate risk analysis has been conducted the potential risk does not go away, it merely is more difficult to quantify.

Ideally the Enterprise PMO will generate a list of pseudo Corporate Risks to be used. We show you how to generate such pseudo-corporate risks at www.beingaPMO.com (to be launched soon).

Otherwise you may have to identify whether your project will increase the ongoing corporate risk exposure of the corporation in conjunction with the PMO, business and governance team.

First discover any recent projects that intentionally or inadvertently increased the risk profile of the organization. Is you project likely to impact these or associated/similar areas?

Meet with key stakeholders and ask them if they can identify any outcomes from the project that could increase the organization's overall risk profile.

Think in terms of, for example:

  • are you going to disadvantage any set of customers that may cause them to move their custom elsewhere? (Customer loss risk)

  • are you replacing like with like functionality making you vulnerable to competitor action that improves their service, leaving you competitively disadvantaged? (Competitive position loss risk)

  • are you implementing a product that makes your customers more self-sufficient and, therefore, reduces your services revenue stream? (Revenue loss risk)

  • are you implementing a system that supports current, unchanged processes that may, therefore, not be capable of meeting future demands? (Operations flexibility loss risk).

Identifying potential corporate risks needs you to think big, in strategic impact terms.

For most projects the net result will be that no corporate risks are impacted or made worse. But you need to go through the exercise to ensure no surprises at the end of the project (for which, most likely, you'll be unfairly blamed!)

Click here for the first in this series How to Manage Project Risks

Or to read Jed's previous column, How to Manage Project Risks: 3 Design Risks click here Jed Simms is CIO magazine's weekly project management columnist. Simms, founder of projects and benefits delivery research firm Capability Management, is also the developer of specialized project management and project governance Web site www.project-sponsor.com

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

More about: Exposure, SIMMS, Simms International

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the CIO comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Whitepapers
Latest Stories
Community Comments
Latest Blog Posts
Whitepapers
  • Protecting Generation Web
    From data privacy to personal safety issues, cyber-bullying, inappropriate content and malware, schools are facing an increasingly difficult task when it comes to allowing young people to spread their online wings without compromising their safety and personal development. The reality that most schools are catering to the needs of mixed age groups and abilities, and it’s easy to understand why a simple stop and block approach won’t work. Learning environments are, by nature, flexible. It stands to reason that the IT resources used in them should be flexible too. Read on.
    Learn more »
  • Enterprise Buyers Guide for Tablets
    In this enterprise buyers guide Computerworld provides a framework for assessing the suitability of tablet computers with different work styles and demands. The guide takes into account upgrade cycles, pricing and contract issues with telecommunications providers. It features a shopping checklist covering screen types, connectivity and hardware as well as a guide to application management. This is in addition to a full roundup of the major players including road maps for the most popular operating systems.
    Learn more »
  • Oracle Database 11g for Data Warehousing and Business Intelligence
    Oracle Database 11g is a comprehensive database platform for data warehousing and business intelligence that combines industry-leading scalability and performance, deeply integrated analytics, and embedded integration and data-quality -- all in a single platform running on a reliable, low-cost grid infrastructure. Read on.
    Learn more »
All whitepapers
rhs_login_lockGet exclusive access to Invitation only events CIO, reports & analysis.
Recent comments