Risk Management Process consists of the following sequential processes:
Risk Management Planning
The goal is to determine how how the risk process will be structured and performed for the project. This is a road map for handling risks on your projects.
The risk management plan can include the methodology for the process, roles and responsibilities for members regarding risk management, budgeting, timing the process, risk categories, clarification for probability and impact on the project, stake holder tolerances, reporting and tracking.
Risks on your project could fall in categories. Here is a visio diagram of a Risk Breakdown Structure. Do download and open. Risk categories are also called sources of risk. From the page
The Risk Breakdown Structure is a hierarchical structure which decomposes identified risk categories into sub-categories. Risk categorization helps to identify potential risks for a project.
Here is the image if you do not have visio.
Risk Identification: Identify/find/locate your risks.
Everyone is involved here. Cannot be done unless the project scope statement and WBS are ready. The delphi technique is a technique used to build consensus of experts who participate anonymously, this can also be used for estimating time and cost. The output is the Risk Register which is the document where risk information is constantly updated during the risk management processes.
Qualitative Risk Analysis
Involves creating a short list of previously identified risks. The main aspects are creating a probability and impact matrix, risk data quality assessment, risk categorization and risk urgency assessment.
The output is the updated risk register where risk rankings are included, watch lists and trends. You might decide to discontinue the project at the end of this process if the risks are unsurmountable.
Quantitative Risk Analysis
A numerical analysis of the probability and impact of the highest risks on the project. Risk assessment can be thought of as risk identification through quantitative risk analysis. The main aspects are determining probability and impact, expected monetary value (product of the risk event probability and the risk event value), Monte Carlo analysis (simulation) and decision trees.
The output includes an update to the risk register. Updates include prioritized quantified risks, amount of contingency time and cost reserves needed, among others.
Risk Response Planning - What are we going to do about each top risk?
Risk response strategies or risk mitigation strategies are selected thta enhance opportunities and reduce threat. These include avoiding, mitigating, transferring (deflect, allocate) for threats and exploting, enhancing and sharing for opportunities. Else you can just accept the risk.
The outputs again update the risk response register and also the project management plan updates.
Risk Monitoring and Control - Look out for risks according to the risk response plan
Terms to watch out for: workarounds, risk audits, risk reassessments, status meetings, reserve analysis, status meetings, reserve analysis and closing risks no longer applicable.
Outputs are risk register updates to include outcomes of risk reassessments and risk audits and lessons learned. Also requested changes, recommended corrective and preventive actions, updates to the project management plan and organization process updates.
Here is a good link with bullet points on risk management.
R01C11-56
No comments:
Post a Comment