managing risk session

Managing Risks on Your Projects

Mark J. Jasionowski

10 November 2009

2 | Presentation Title | Presenter Name | Date | Subject | Business Use Only

What is a Risk?

All projects have risk.

For example; If a project starts later than normal. If we are examining a new formula or never-used-before medical device.

A risk is something that may happen. If it does, it may have a positive or negative impact on the project. One point; • A risk must have a probability of above 0%. It must be a chance to happen or it is not a risk.

NOTE: If a task/activity has a risk probability of 100% - in other words it will happen - it is an issue. An issue is managed differently than a risk.


This is an ISSUE!!


This is a RISK!!


How do I get started on Managing Risk

There are six stages to risk management planning (PMI.org). They are: · Plan Risk Management Risk Identification Risk Qualification Risk Quantification Risk Response Risk Monitoring and Control

But your very first step is completing your project charter:

• What is the scope of the project?

Product, Package, Actives, etc.

• What is our launch date?

• Who is confirmed on the team?

• What is the budget or presumed costs?

• First discussion on project risks and hurdles?


Think about this for a second…

“Poor risk management implementation equals a high probability of project failure”

- Rubin Jen, Visual Ishikawa Risk Technique (VIRT)—An Approach to Risk Management


Plan Risk Management

Plan risk management describes the process by which you really provide the team, time to budget (tools) for reviewing/documenting risk(s)

Discuss with core, functional team, the degree, type and visibility of risk technique you may want to utilize (COI 4 risk v. COI 1 risk)

This stage should start as soon as a project is approved and be finalized before any real dollars are invested

Tool used in this section; Risk Breakdown Structure (RBS)


Risk Identification

Risk identification is the process by which you and the extended project team discuss and plan for all risk (known at this time, of course)

Having access to initial cost, time and scope estimates are key to this stage. In addition, keep in mind customer factors and environmental risks

Utilizing past lesson’s learned, best practices and benchmarking data is also most useful in this stage

Tools like simple brainstorming, interviews, SWOT and cause-and-effect (fishbone) matrices are effective


Risk Qualification

Risk qualification management is a process of prioritizing risk and providing resources to analyze/actions (X occurrence and impact)

Having identified a majority of the risks and their impact to the project is key. This will allow for an honest “reality check” with the team

To reduce bias or personal influence, utilize a basic probability and impact matrix. In every case, expert judgment is still key

Be sure to update your risk register and distribute to the team for comments


Risk Quantification

Plan risk management is a process by which the team is numerically analyzing the risks identified (high priority) and their impact

This step is sometimes bypassed due to effective data and strategies already being captured in the past phase

Sensitivity analysis and completion of a decision tree diagram helps to assist in this section of risk


Risk Response

Risk response, as the name indicates, is the process of options and actions development to reduce project/activity risk

This phase also assigns one person (risk response owner) to the plan/options identified in the earlier risk phases

If you are leveraging MS Project, you may also chose to include the detail identified in the risk register (with response owner) in the plan

The team also employs unique strategies to address the risk as well. For example; discussing avoiding, transferring or mitigating the risk


Risk Monitoring and Control

Risk Monitoring and Control is the final piece in the risk puzzle for a project. You and the team are implementing the plan, tracking and monitoring the prioritized risks

If the plan has been added to the MSP, these activities should be covered in team meeting. In some cases, they would also be in iRIS

Risk audits are usually leveraged at this phase

Remember that your risk register is a live document and should be updated/refined as required


Q&A and Thank You!

Please check out the Innovation Renewal website (OTC My Portal) for this presentation and others in the future

Also check out the public websites;• PMI.org

• Gantthead.com

Back Up Information


RBS

Courtesy: PMI, PMBOK – Fourth Edition


C&E / Fishbone

Courtesy: Rubin Jen - PMP


Risk Register

Courtesy: Nebraska Office of the CIO


Probability and Impact Matrix (two examples)

Courtesy: PMI, PMBOK – Fourth EditionCourtesy: Mindtools.com


Decision Tree

Courtesy: PMI, PMBOK – Fourth Edition


Risk Audit

Courtesy: smashingpasswords.com

managing risk session

Documents