Critical.
Authoritative.
Strategic.
Subscribe to CIO Magazine »

How to Manage Project Risks, Part 1: A Perspective

There are 8 types of risk that need to be managed effectively for your project to be successful

Any formal 'project' conducts a risk analysis. It is standard practice. But, in most cases, it is not practiced well.

Firstly, while 'decision trees' and other methods may be used, often quite fundamental relevant risks are missed.

Little discussion is held as to what the desired end state is of the risk management approach for any one risk. So, how do you know if you're successful?
Secondly, there seems to be a view that all risks can be treated the same, whereas there are risks that are a potential threat that may or may not occur, risks that exist and need to managed down and risks that exist and cannot be changed but their implications need to be carefully managed. How each of these types of risks is managed should be different.

Thirdly, risk registers abound but contain so much data that, even on an A3 sheet of paper, the room for risk mitigation action recording is minimal. At best, a sentence or two exists. The rest if left to chance. Most importantly, little discussion is held as to what the desired end state is of the risk management approach for any one risk. So, how do you know if you're successful?

There are eight project risk dimensions

  1. Critical success factors — factors that need to exist or go right for this project to be successful

  2. Project-specific risks — threats to this particular project

  3. Project delivery risks — systemic risks to the successful delivery of the project itself, applicable to all projects

  4. Benefits delivery risks — systemic risks to the successful delivery of the benefits, applicable to all projects

  5. Business risks — risks to the business, its customers and suppliers from this project, applicable to all projects

  6. Design risks — risks that the solution/output delivered is not what was asked for or expected

  7. Corporate risks — risks to the success and survival of the organization that any one project may impact (increasing or decreasing)

  8. Leading indicators of failure — project trends that cumulatively can spell disaster for the project.

Over the coming weeks we'll discuss each of these risk dimensions and how they need to be managed.

However, there is another dimension to project risk that formal risk approaches often ignore — the 'Swiss-cheese' effect.

It is rare that a single risk will bring down a project. What causes most problems is when a series of mishaps, mistakes, events and other minor happenings occur simultaneously or in quick succession causing a disaster.

You know the sort of thing, the automatic backup machine is late being delivered, the person who has managed the backups leaves, the new person starts the process but gets lost and fails to finish and then the system goes down losing all current data. . . So, while we can formally and effectively manage project risks, we must always be wary of these 'Swiss-cheese' events — when all of the 'holes' in the cheese line up and something falls through it — that can easily bring our project down.

To read Jed's last column, 12 Ways to Ensure Your Projects Never Fail, click here

Jed Simms is CIO magazine's weekly project management columnist. Simms, founder of projects and benefits delivery research firm Capability Management, is also the developer of specialized project management and project governance Web site www.project-sponsor.com

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

More about: SIMMS, Simms International

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the CIO comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Whitepapers
Latest Stories
Community Comments
Latest Blog Posts
Whitepapers
  • Collaborative software delivery: Managing today’s complex environment to improve software quality
    Ten to fifteen years ago, software delivery was a fairly straightforward process. Programmers and their managers worked together in a single location, communicating and collaborating face-to-face. Now the process is much more complex. You may be in the process of adopting agile processes and struggling to find the right tooling. If you’re going to successfully deliver high-quality software that aligns with your business objectives, addresses your requirements and adheres to regulatory compliance requirements, all the stakeholders must be able to effectively collaborate and communicate. Read on.
    Learn more »
  • Protecting Against the Leading Causes of Data Breach
    This whitepaper was written for the organisation that wants to focus on prevention of data loss and doesn’t have millions to spend, but needs affordable solutions that can be implemented today to protect millions of sensitive records and dollars worth of intellectual property. This whitepaper addresses: - What organisations can do to prevent the four leading causes of data breaches - Why dedicated (pure-play) DLP solutions may not protect you from all four leading causes of data breaches - How to get prevent sensitive data leaving your organisation
    Learn more »
  • Solid State Storage 101 - An introduction to Solid State Storage
    Solid state data storage is gaining significant acceptance today. Storage based on Ram Access Memory (RAM) and Flash chips instead of mechanical hard disk drives is earning much greater attention by meeting the market requirements for reliability, performance, and cost more effectively than ever before. Read on.
    Learn more »
All whitepapers
rhs_login_lockGet exclusive access to Invitation only events CIO, reports & analysis.
Recent comments

HP and IDG news, product videos and resources