HOME Software Testing Data Mining and Warehousing |
The risk management plan provides documented guidance for the project risk management process, including con ducting risk assessments and other project risk management activities. Conceptually … The purpose of this practice is to provide the project man ager, project team, and other relevant stakeholders with an approach for developing the planning document needed to conduct project risk management. The risk management plan is prepared to document the risk management process. It should address who is responsible for managing various areas of project risk; how the initial risk identification, analysis, and prioritization output will be maintained; what the specific response strategies are, including any contingency plans to be implemented; and whether a management reserve will be allocated. Risk Management Plan Development is normally accomplished during Project Planning (Plan Phase). However, risk planning and plan content can be reviewed and updated throughout the project as risk management is performed. The development of the risk management plan is highlighted by three primary activities: Preparing the Risk Management Plan -Conducting Risk Management -Evaluating Risk Management -Each of these plan components is described in the following sections. Preparing the Risk Management Plan The risk management plan is a primary project plan component. It may be very detailed or broadly framed, depending on the needs of the project and the specifications of the organization. The elements prescribed for inclusion in the risk management plan are explained in the following subsections: Risk Management Policy and Standards Incorporate the organization's policy for managing project risk, or paraphrase important parts of the policy. This could include excerpts from organization or industry standards for risk management, along with references to specific practices or publications related to project risk management. In particular, policies related to allocating management reserves and establishing project contingency funds should be incorporated. This section of the plan could also identify policy area exemptions that are applicable to the project being planned. Risk Management Responsibilities Use this section to identify and assign responsibilities to key risk management participants. The organization may wish to prepare a standard list of prescribed participants in risk management-from project team members to cross-business unit staff members. The following list identifies some of the more prominent participants normally associated with project risk management, and outlines their responsibilities: Sales and Marketing Team Conducts preliminary business risk assessments during the Profile Phase, with or without the project team, as a contribution to the Business Plan Development process used in determining a go/ no-go decision for the project opportunity Collaborates on project and business risks and risk-reduction with the project manager, project team, and project sponsor, as well as the customer (when appropriate), during the sales and marketing effort Examines and discusses project and business risks and their potential impacts on business with the project manager and with other executives and managers responsible for making project go/no-go decisions Project Manager Ensures that adequate business and project risk assessments are performed at appropriate times during the Plan Phase and at other critical junctures in the project Leads development of risk response strategies and contingencies associated with identified risk events, and conveys these response strategies to: Pricing strategy development Proposal development Work elements in the WBS Requirements for vendors, contractors, and suppliers Prepares the risk management plan to guide all project team members and stakeholders in the performance of project risk management Conducts ongoing risk examinations at appropriate intervals and maintains the risk management plan during the project's Perform Phase Reports project risk status to project executives and sponsors Project Team Members and Selected Stakeholders (i.e., Project and Business Risk Experts) Participate in project risk assessments and in subsequent examination and development of risk response strategies Implement guidance for identifying and reporting new risk events as prescribed by the risk management plan Implement risk response strategies and evaluate their effectiveness, as assigned Project Executive (Sponsor) Establishes organizational policies for conducting project risk management Reviews and approves project risk management plans to ensure alignment with business interests and objectives Develops or acquires metrics for risk impact thresholds to guide risk identification, analysis, and prioritization activities Prepares guidance for elevating risk coordination and collaboration for the project sponsor, project executive, and other managers as needed Risk Assessment Approach: Provide a summary description of the approach to be used for project and business risk assessments. Include a reference or referral to the complete details of the assessment process that will be used. Identify any standards associated with project risk management that will be applied to this project's risk management effort. Include in this section any scheduled meetings and venues to be used for project risk assessment activities. Identify meeting participants and specify requested assessment preparation actions that are needed. Identify any advance materials that will be available for review prior to the assessment activity. Risk Management Guidance: Specify guidance for conducting risk management activities. This includes guidance for project risk assessments, project risk management, and project risk management evaluation. The specific guidance elements will be related to the organization's culture, and particularly to established business practices surrounding risk management. This plan section can also be used to incorporate guidance for implementing contingency plans; allocating money reserves; and managing cost, schedule, and resource utilization thresholds during risk strategy implementation. Risk Event and Strategy Response List: The focus of project risk management is the assessment of potential project risk and the specification of strategies to eliminate or reduce the impact of significant risk events. This section of the risk management plan provides a list of identified project risk events and associated response strategies for each risk event. This content is a direct output from Risk Assessment and Risk Response Strategy preparation activities performed by the project team. The content is populated following the completion of those activities. The risk event list is adjusted or updated as an ongoing management effort to ensure that the current status of project risk is accurately represented in the risk management plan. Conducting Risk Management: Risk management activities are conducted through every phase in the project management life cycle. A number of project management activities are directly or indirectly related to the project risk management effort as outlined here: Project Profile Phase Evaluate customer profile. Evaluate project opportunity. Evaluate project management complexity (Project Classification). Assess business risk (for inclusion in Business Plan Development). Assign qualified managers capable of addressing risk issues. Collaborate on business plan development. Obtain authorization for contingency funding and management reserves. Project Plan Phase -Evaluate customer requirements. Prepare the risk management plan. Collaborate on technical proposal development. Collaborate on business contract development. Obtain review and approval of the risk management plan by management. Project Perform Phase Track and monitor identified project risk events (see "Track / Monitor Identified Project Risk Events"). Implement risk response strategies (see the subsection "Implement Risk Response Strategies"). Identify new risk events (as per established indicators and triggers). Evaluate risk response strategy implementation results (see the subsection "Evaluate Risk Response Strategy Implementation Results"). Maintain the risk management plan. Project Post Phase -Evaluate and document risk management effectiveness (see the subsection "Evaluate and Document Risk Management Effectiveness"). Close out the risk management plan. A few of these activities warrant further breakout, as described here and in the next subsection. Track and Monitor Identified Project Risk Events A primary responsibility of the project manager is to monitor and track risk events during solution implementation in the Perform Phase. The risk management plan provides guidance on the frequency of risk event and response strategy tracking, and the project team should accomplish these tasks as planned. In particular, three tracking activities should be pursued as a part of the risk management effort: Review the risk management plan at intervals to deter- -mine whether specified risk event analyses are still current, and proactive or reactive strategies are still appropriate. Review the WBS, contract changes, project plan -changes, and significant project events to determine whether there are any new risks to be assessed, and if any additional response strategies need to be developed. Monitor triggering milestones on the project schedule -that are set up to alert the project manager to implement or activate a series of tasks or contingency plans should an identified risk event occur. Implement Risk Response Strategies This step is primarily performed to implement reactive strategies. These are activated when a previously identified risk event occurs. After such a strategy is implemented, the project manager must revise the project plan to reflect the cost of implementing the action (e.g., time, resources, and money). This revision, which is necessary because the cost was not included in the original estimate, should also be noted in the strategy description in the risk management plan. To ensure that the strategy is implemented as planned, the project risk manager or the project team member responsible for the WBS element associated with the risk event should monitor the status of the risk event to closure. In the case of preventive or proactive strategies, results must be monitored to ensure that the strategy is working as planned. Preventive risk response strategies are activated as part of the project plan, as specified in the project WBS. They are carried out as scheduled and periodically evaluated to assess their success in controlling risk or the need for further actions. Evaluating Risk Management There are two primary activities associated with evaluating the risk management capability as described in the following subsections: Evaluate Risk Response Strategy Implementation Results The ability to manage and control project risk depends on the effectiveness of the risk management plan. This plan requires continuous monitoring to ensure that it’s current and valid. As needed, the plan must be updated to reflect the current status of the project relative to potential risk. The risk management plan and its effectiveness should be evaluated at regular intervals as follows: Periodically, at specified and scheduled intervals, throughout the project At major project milestones As part of the project change control process Risk events, their probability, and their impact are constantly changing. New risks emerge, and old ones may even disappear. Risk mitigation actions may create new risks that were not predicted, or change the effects of existing ones. Therefore, evaluating the plan periodically is critical, and periodic reviews should be specified in the project schedule. Major milestones are also logical points in the project management life cycle to evaluate how the project is doing and to assess changes in the project work environment. Every time a major project change is proposed and approved, the project team should look at how change affects the project and determine whether any new risks have been introduced. New response strategies must be developed to address any new risks. Evaluating the effectiveness of the project risk management plan entails the following steps: Review the risk response actions implemented to date for effectiveness and the need for further action. Evaluate the major risk events for WBS elements currently being implemented and those to be implemented in the near future to see whether anything has changed or strategies should be modified. Identify any new risks, analyze them, incorporate them into the overall risk management process, and develop corresponding risk response strategies. Develop new response strategies or modify old ones if the current strategy works poorly or further mitigation is necessary. Escalate management of the risk if known risk thresholds are increased. Update the project plan, WBS, and pertinent supporting plans as appropriate to reflect changes in the project risk management plan. Evaluate and Document Risk Management Effectiveness Documentation of risk management efforts provides a historical trail of the project team's actions and results. By means of this effort, project managers can learn from experience. Similar to lessons learned, this documentation provides new project managers with valuable information on which strategies and actions have worked and which have not. It also provides experienced project managers with insight about potential risk during their project planning efforts. Risk management documentation should be kept as simple as possible, but it should be current, complete, and accurate. The documentation of results can be incorporated into the risk management plan, which is subsequently archived for future use. |
Top of Page | More PM Articles | Prev.: | Next: | Info-Source.us |