Consider this: Effective risk management underpins a successful project – true or false?
In-depth: How to create a clear project plan.
Was 'true' your first reaction? We believe that you’re right.
All three of us are strong believers in the positive value of a well-managed and controlled approach to project risks. An Internet search for “images of risk management” will return many illustrations of dice being rolled.
If it is done well, risk management measures the uncertainty involved when you 'roll the dice' during your project, and allows the project manager to obtain a consensus on how to best handle risks and unexpected events on the project.
This article does not cover in detail the processes necessary for effective project risk management. A large amount of material and advice exists on the subject. Rather, we put forward just a few 'pointers to consider' for your project – whether it is already underway or getting ready to start.
Take-away points to consider
We put forward the following considerations for risk management (this list is not exhaustive or prioritised):
- Risk management affects all aspects of your project – your budget, your schedule, your scope, the agreed level of quality, your communications and stakeholder engagement, the success when the project’s output is implemented, and so on.
- Risks can be positive (i.e. opportunities), as well as negative (generally referred to as risks).
- Risk management is about behaviours that prove that risk management is a top priority for you and the team, such as “being constantly aware of what might happen,” agreeing on strategies for all risks, and undertaking actions to prevent negative risks from becoming issues (i.e. occurred events) whilst maximising the opportunities of positive risks.
- Risk management needs to be conducted from the start of the project, constantly discussed and monitored, and involve all members of the project team.
- How you choose to handle risks depends on your most influential project stakeholders’ 'appetite for risk'.
- Each identified risk needs to be assessed, a strategy for dealing with it agreed upon by all appropriate parties, and tracked until closure.
- Project risk management is not “the project manager tracking risks in a Risks Register and sharing it occasionally when or if people ask to see it” – it is much more than that.
The essentials of project risk management
A project risk can be defined as an uncertain event or condition that, if it occurs, will have a positive or a negative effect on a project’s objectives. Some very comprehensive guidelines and procedures for managing risk are available from many sources. For example, the Project Management Institute describes the following summary process to managing project risks:
- Plan risk management.
- Identify risks.
- Perform qualitative risk analysis.
- Perform quantitative risk analysis.
- Plan risk responses.
- Monitor and control risks.
You may come across other models. Your means of conducting risk management and the behaviours you and your team display in 'making it real' make all the difference. We have mentioned 'behaviours' a few times in this article. We are referring to the communication (in all its shapes and forms) that you use, the importance with which you treat risks, and the willingness and drive to see actions through to completion and closure.
Here are a few questions for you to ask yourself:
- At the start of a project, do you plan how you and the team will approach risks? By this, we do not mean jumping straight to a Risks Register, but putting some serious thought into how risks will be managed during the project.
- Do you understand and monitor the appetite for risk of your customer and influential stakeholders?
- Do you involve all people in the team to identify project risks – not only at the start, but throughout the project?
- Do you review the risks of previous projects, and look to lessons from the past as part of your initial review and identification process?
- Do you strive to ensure each risk has an owner, and that the method to tackle them is agreed upon, i.e., whether to mitigate the risk with an action, to transfer, avoid or accept it and so on?
- Do you readily assess opportunities as well as negative risks, and devise strategies to maximise the likelihood of opportunities occurring in order to exploit or enhance them?
- Do you assess “triggers” to each risk so that you can monitor if/when there is danger of their becoming real?
- As well as qualitative assessment of risks, are you able to apply a quantitative financial or time value to each risk, both negative and positive, should it eventuate? If the impact is negative, will it turn into an issue? Can this estimated financial value help you justify an appropriate project contingency in terms of cost and/or time?
- Are you pro-active in tracking the agreed strategies to handle risks?
- Do you maintain a project Risks Register on a regular basis – moving priorities up and down the list, watching for low-priority risks that may escalate in importance, being attentive to risks that are likely to occur soon?
- Do you discuss the “current high-priority risks” with your key Stakeholders at each project review (in whatever forum you have for such review meetings)?
- Do you discuss what will happen if major and problematic “unknown unknowns” occur on your project, perhaps with action scenarios if such events happen?
Remember: Risk management is your friend and ally
As per the title of this article, risk management is the project manager’s friend. Done well, it helps you ensure that the 'appetite for risk' is appropriately understood at the start; that all risks are agreed upon, prioritised, assessed, communicated and understood in alignment with this 'risk appetite'; and that you have a solid platform to track agreed actions, including escalation up the management chain if necessary.
The key is to demonstrate positive behaviours in a way that ensures risk management is kept at the forefront of all your project activities. There is always the potential of 'unknown unknowns' impacting your project, but the more you can assess reasonable risks from the start of the project and actively manage them throughout, the better placed you will be as a team to realise a positive outcome for your project.
If you have an opinion on this article, we would really like to hear from you.. Please email us at Contactus@pmoracles.com with your point of view.
Other articles by these authors:
- Project management for the small business
- The project management survival toolkit
- Understanding project management processes and tools to drive success
- How to tailor your presentation to the audience
- How to approach a project
- The trouble with continuous multi-tasking
- Communication risks within and around a virtual team
- An objective methodology to project prioritisation
- Program & project manager power – What are your most important traits to achieve success
- Anatomy of an effective project manager
- The unspoken additional constraint of project management
- How project managers can help their companies 'go Green'
- What makes an effective executive?
- Minimising bias of subject matter experts through effective project management
- Program and project manager power
Read more in CIO Management.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.