Sunday | 7 September, 2008
CIO
How to Manage Project Risks, Part 1: A Perspective
There are 8 types of risk that need to be managed effectively for your project to be successful
Jed Simms 25 September, 2007 12:14:45

Related Topics
(Management)
Related Features
  • +

    Strategies for Dealing With IT Complexity 24 December, 2007 10:30:47

    Every innovation, every business process improvement, comes with an IT complexity tax that must be paid by CIOs in time, money and sweat. Here are strategies to mitigate the increasing complexity of IT as it enables new business.
    Every innovation, every business process improvement, comes with an IT complexity tax that must be paid by CIOs in time, money and sweat. Here are strategies to mitigate the increasing complexity of IT as it enables new business.
  • +

    9 Paths to Higher Performance 10 December, 2007 14:09:23

    When an organization brings together talented people in a creative, collaborative environment it fosters a culture of high performance, which in turn leads to superior business results
    Like high-achieving individuals, some organizations seem to have the Midas touch. Virtually every initiative they touch earns them gold and even those that fail never seem to cost them much of anything at all
  • +

    What Price Innovation? 05 November, 2007 13:44:31

    CIOs say they want more than the traditional “your mess for less” relationship with their outsourcing providers. And the providers want to market themselves as partners in innovation. So why isn’t it happening?
    CIOs say they want more than the traditional "your mess for less" relationship with their outsourcing providers. And the providers want to market themselves as partners in innovation. So why isn't it happening?
  • +

    Ticked Off at Tick the Box Mentality 04 February, 2008 13:01:15

    Does your executive search firm know the difference between an MIS manager and a CIO, and if it does, can it explain that difference to its corporate clients?
    Does your executive search firm know its MIS managers from its elbow? Does it even know the difference between an MIS manager and a CIO, and if it does, can it explain that difference to its corporate clients?
  • +

    Your World. . . Hacked 02 October, 2007 10:51:23

    As your business becomes more collaborative and global, the risks to your company’s trade secrets rise proportionally. Fortunately, there are new strategies to protect the data that allows you to compete
    The call to Bob Bailey, an IT executive with a major US government contractor, came on an otherwise ordinary day in October 2003. "Why are you attacking us?" demanded the caller, an IT leader with a Silicon Valley manufacturer. He wanted to know why Bailey's company had launched a denial-of-service attack against his network
Related Stories
  • +

    Adobe launches hosted services, adds Flash to Acrobat 03 June, 2008 09:02:44

    Adobe to launch Web site offering users free hosted services for document creation, sharing and storage
    Adobe this week is set to unveil the next version of its Adobe Acrobat software, which adds support for the company's Flash multimedia technology. The company also plans to launch a new Web site offering users free hosted services for document creation, sharing and storage.
  • +

    Clean up your SOAP-based Web services 27 November, 2007 13:16:14

    The Test Center inspects five worthy tools for keeping your services squeaky clean
    SOAP is the currency of the SOA marketplace -- for now, anyway. Though SOAP's significance may diminish as Web services evolve, its importance for the time being is unquestionable. Therefore, a substantial portion of the QA work by Web service providers and consumers must entail verifying the accurate exchange of SOAP messages. Not surprisingly, several SOAP-focused Web service testing tools have appeared.
Additional Resources
Executive Guides
Whitepapers
white paper Read up on the latest ideas and technologies from companies that sell hardware, software and services.

Newsletter Subscription

Sign up for our CIO newsletters!
Weekly coverage of the issues that impact corporate and government information
RSS Feeds

Any formal 'project' conducts a risk analysis. It is standard practice. But, in most cases, it is not practiced well.

Firstly, while 'decision trees' and other methods may be used, often quite fundamental relevant risks are missed.

Little discussion is held as to what the desired end state is of the risk management approach for any one risk. So, how do you know if you're successful?

Secondly, there seems to be a view that all risks can be treated the same, whereas there are risks that are a potential threat that may or may not occur, risks that exist and need to managed down and risks that exist and cannot be changed but their implications need to be carefully managed. How each of these types of risks is managed should be different.

Thirdly, risk registers abound but contain so much data that, even on an A3 sheet of paper, the room for risk mitigation action recording is minimal. At best, a sentence or two exists. The rest if left to chance. Most importantly, little discussion is held as to what the desired end state is of the risk management approach for any one risk. So, how do you know if you're successful?

There are eight project risk dimensions

  1. Critical success factors — factors that need to exist or go right for this project to be successful

  2. Project-specific risks — threats to this particular project

  3. Project delivery risks — systemic risks to the successful delivery of the project itself, applicable to all projects

  4. Benefits delivery risks — systemic risks to the successful delivery of the benefits, applicable to all projects

  5. Business risks — risks to the business, its customers and suppliers from this project, applicable to all projects

  6. Design risks — risks that the solution/output delivered is not what was asked for or expected

  7. Corporate risks — risks to the success and survival of the organization that any one project may impact (increasing or decreasing)

  8. Leading indicators of failure — project trends that cumulatively can spell disaster for the project.

Over the coming weeks we'll discuss each of these risk dimensions and how they need to be managed.

However, there is another dimension to project risk that formal risk approaches often ignore — the 'Swiss-cheese' effect.

It is rare that a single risk will bring down a project. What causes most problems is when a series of mishaps, mistakes, events and other minor happenings occur simultaneously or in quick succession causing a disaster.

You know the sort of thing, the automatic backup machine is late being delivered, the person who has managed the backups leaves, the new person starts the process but gets lost and fails to finish and then the system goes down losing all current data. . . So, while we can formally and effectively manage project risks, we must always be wary of these 'Swiss-cheese' events — when all of the 'holes' in the cheese line up and something falls through it — that can easily bring our project down.

To read Jed's last column, 12 Ways to Ensure Your Projects Never Fail, click here

Jed Simms is CIO magazine's weekly project management columnist. Simms, founder of projects and benefits delivery research firm Capability Management, is also the developer of specialized project management and project governance Web site www.project-sponsor.com

More about Simms International, SIMMS
Market Place
Discover trends in the B2B infrastructure market in 2008 | Download new Gartner white paper now.
Cut Printer costs! Printing costs can be up to 3% of turnover, cut them by up to 50%.
Computerworld Webinar | Business Mashups - Building the Intelligent Organisation by Empowering Users | 11am Tues 16th Sep 08
Discover the latest web security SaaS solutions | Download new IDC white paper to lessen your IT burden.
 

2008 CIO Summit

19th August, 2008 Four Seasons Hotel, Sydney Developed in partnership with CIO Magazine, IDC, INTEP and the CIO Executive Council.

The world of the CIO is extremely complex and diverse. Multiple priorities demand attention and decisions are needed instantly. Individual teams need to be driven towards common goals, and businesses strive to become more mobile, agile and responsive. For CIOs, the challenge never ends.

Every year the CIO Summit identifies what is top of mind for CIOs across Australia and New Zealand, and offers insight for CIO benchmarking and vendor strategic planning alike.

Recent IDC research shows that over 59% of CIO's believe that 'to achieve their business strategies, technology should be used more aggressively than today.'

Join us on August 19th to discover how this is possible with the latest technologies including Virtualisation, Web 2.0, IP Surveillance and Software as a Service (Saas).

Click here for registration.

Click here for more information.

Please email Denyse_Robertson@idg.com.au for further information.

  • +

    CIO Live Podcast #79: Brent D Taylor, author of The Outsider's Edge: The Making of Self-Made Billionaires Part II 05 October, 2007 06:00:00

    For his new book, The Outsider's Edge: The Making of Self-Made Billionaires, social researcher Brent D Taylor spent four years of intensive research investigating the psychological make-up and backgrounds of some of the world's richest men and women, including IT luminaries Bill Gates, Larry Ellison and Steve Jobs. Taylor discovered that, despite working in different industries and coming from different upbringings, they all have one thing in common -- they are all outsiders.
    [ MP3 (7.32 MB) | Windows Media (5.67 MB) ]
  • +

    CIO Live Podcast #78: Brent D Taylor, author of The Outsider's Edge: The Making of Self-Made Billionaires 28 September, 2007 17:34:25

    For his new book, The Outsider's Edge: The Making of Self-Made Billionaires, social researcher Brent D Taylor spent four years of intensive research investigating the psychological make-up and backgrounds of some of the world's richest men and women, including IT luminaries Bill Gates, Larry Ellison and Steve Jobs. Taylor discovered that, despite working in different industries and coming from different upbringings, they all have one thing in common -- they are all outsiders.
    [ MP3 (7.56 MB) | Windows Media (5.14 MB) ]
  • +

    CIO Live Podcast #77: Panasonic Speeds Up Trans-Pacific File Transfers, Part III 21 September, 2007 07:00:00

    Part three in our three-part special report from CIO's sister publication Network World in the US, as Paul Desmond reports from the Network World IT Roadmap Conference in Santa Clara, California. With development teams in the US and Japan, Panasonic needed a more efficient way to move very large files between the two locations. Iben Rodriguez, IT consultant for Panasonic Research and Development, explains how a storage-area network and virtual server technology helped speed up WAN performance.
    [ MP3 (4.90 MB) | Windows Media (4.40 MB) ]
  • +

    CIO Live Podcast #76: Panasonic Speeds Up Trans-Pacific File Transfers, Part II 14 September, 2007 07:00:00

    Part two in our three-part special report from CIO's sister publication Network World in the US, as Paul Desmond reports from the Network World IT Roadmap Conference in Santa Clara, California. With development teams in the US and Japan, Panasonic needed a more efficient way to move very large files between the two locations. Iben Rodriguez, IT consultant for Panasonic Research and Development, explains how a storage-area network and virtual server technology helped speed up WAN performance.
    [ MP3 (5.89 MB) | Windows Media (4.84 MB) ]
  • +

    CIO Live Podcast #75: Panasonic Speeds Up Trans-Pacific File Transfers, Part I 07 September, 2007 07:00:05

    Part one in our three-part special report from CIO's sister publication Network World in the US, as Paul Desmond reports from the Network World IT Roadmap Conference in Santa Clara, California. With development teams in the US and Japan, Panasonic needed a more efficient way to move very large files between the two locations. Iben Rodriguez, IT consultant for Panasonic Research and Development, explains how a storage-area network and virtual server technology helped speed up WAN performance.
    [ MP3 (6.41 MB) | Windows Media (5.13 MB) ]
  • +

    Information security governance: Centralized vs. distributed 05 September, 2008 10:15:00

    Should security policies, procedures and processes be managed within a central body, or distributed at an individual level? You need to find the middle ground.
    The management of information risk has become a significant topic for all organizations, small and large alike. But for the large, multi-divisional organization, it poses the additional challenge of determining how to deploy an information security governance program among what are often disparate business units. Should the policies, procedures, and processes that define the program be developed and managed within a central, corporate body? Or perhaps responsibility would be better placed at the individual unit level? Is there a workable middle-ground?
  • +

    DNS error brings Sophos antivirus updates to a halt 05 September, 2008 13:40:00

    Optus, Internode and Equinix affected among others.
    A sporadic Domain Name Server (DNS) error has blocked Sophos anti-virus updates around the world.
  • +

    Ouch! Security pros' worst mistakes 04 September, 2008 08:05:00

    We've all done regrettable things on the job, but does any valuable wisdom come of it? Four security pros candidly explain their biggest blunders and what they learned in the process
    It was a mistake so bad the person who made it asked that his name and company not be mentioned here. Let's call him Frank.
  • +

    Security ROI: Fact or Fiction? 03 September, 2008 08:32:00

    Bruce Schneier says ROI is a big deal in business, but it's a misnomer in security. Make sure your financial calculations are based on good data and sound methodologies.
    Return on investment, or ROI, is a big deal in business. Any business venture needs to demonstrate a positive return on investment, and a good one at that, in order to be viable.
  • +

    Information Security and the Importance of Context 01 September, 2008 10:00:00

    Those entrusted with information security must raise their contextual awareness
    When the US Transportation Security Administration (TSA) was first created, it created a sudden need for tens of thousands of screeners. Getting a job as an airport screener was a pretty easy process. It seemed as though if you had a pulse, you were in. Jump forward to 2008 and becoming a screener is a bit harder as the TSA has instituted background checks, has upped the educational requirement to include a high school diploma or GED, and added other significant requirements.
CIO Webcast Innovation #8 - What are the biggest roadblocks to IT's involvement in innovation at your company?
Watch the latest latest edition of CIO Innovation which is now available for download.
Watch the webcast
Sign up to the CIO Innovation update email


CIO Live Podcast #79: Brent D Taylor, author of The Outsider's Edge: The Making of Self-Made Billionaires Part II
Listen to the latest edition of CIO Live which is now available for download.
Listen to the podcast
Sign up to the CIO Live email
Get a job Careerone
Whitepaper
Revolutionising Back-up and Recovery

Read Whitepaper

Revolutionising Back-up and Recovery

Rapid adoption of virtual server technology, and the challenges associated with the backup and recovery of ever-growing stores of information is causing a number of IT managers to reevaluate their data protection strategies. New backup and recovery methods which use data de-duplication technology to reduce capacity and network bandwidth requirements are being deployed to keep up with explosive data growth, shrinking backup windows, compliance initiatives and security concerns. Read on to find out more.

Sponsored Links