The whole point of a project is to change the business. In this process the project can change how the organization deals with its customers, its suppliers, how the organization is structured or impact other projects and their results, for example.
These are not risks to the delivery of the project; the project can go ahead and deliver as planned regardless of these risks. But, they are risks to the success of the project as they impact the organization's ability to continue to operate and deliver its products and services.
Business risks are the third dimension to each project's standard risk profile
Usually these risks are ignored. Some may be picked up in the risk analysis, but as they are not risks the project can or needs to manage throughout the project, they can often be deleted as 'not relevant'.
Business risks cover the following seven areas:
1. Customer risks: How will this project change/impact how our customers deal with us or us with them, access our services, change our services?
2. Market risks: How will this project change/impact our position, reputation and brand in the market?
3. Partner risks: How will this project change/impact our relationships with other organizations that we partner/go to market with?
4. Supplier risks: How will this project change/impact our relationships and working bases with our suppliers?
5. Firm-wide risks: How will this project change/impact our firm, its role and scope of operations, goals, culture, policies and financing?
6. Operational risks: How will this project change/impact the organization, jobs, KPIs, processes, social networks, people numbers, working environments or unions?
7. Portfolio risks: How will this project change/impact other concurrent or planned initiatives, existing systems/architecture/standards, computing capacity or security exposures/controls?
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.