1 / 18

Risk Register January 2011

Risk Register January 2011. Ciaran Whyte Risk Administrator Planning & Strategic Projects Unit. Agenda. Objectives of Seminar Why manage risks? Who should have a risk register? Risk Management Theory Risk Register format Risk Register Intranet Tool

kristin
Télécharger la présentation

Risk Register January 2011

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Risk Register January 2011 Ciaran Whyte Risk Administrator Planning & Strategic Projects Unit

  2. Agenda • Objectives of Seminar • Why manage risks? • Who should have a risk register? • Risk Management Theory • Risk Register format • Risk Register Intranet Tool • Risk Registers and Coordinators • Examples of managing risks • Risk Assessment Process • Active Risk Management

  3. Objectives of Seminar At the end of the seminar you should - • Know why you should create a risk register • Be able to create a risk register • Know how to keep the register up to date • Have an awareness of University risk management practices • Know how to be more successful in risk management

  4. Why manage risks? risk definition • “the threat or possibility that an action or event will adversely or • beneficially affect an organization's ability to achieve its objectives” KNOWN PROBLEMS POTENTIAL PROBLEMS pro-active management Issues Risks Fire-fighting Damage limitation Costly emergency actions Containment actions Contingency • lower costs • less stressful

  5. Who should have a risk register? • Project management teams • College / School management teams • Administrative Department management teams • University senior management teams (SAM / SMT) • All groups of people who meet to achieve common objectives • Current problems - Minutes / action items • Future problems - Risk register

  6. Risk Management Theory • past experiences • inputs • focus areas • ignore risks outside control Risk Identification Risk Evaluation • determine likelihood or probability of occurrence • determine magnitude of loss or impact Risk Mitigation Risk Monitoring • avoid • contain • active acceptance • passive acceptance • transfer • chase actions / reassess probability & impact / add new risks • regular reviews of register • quick & simple communication to key stakeholders

  7. Identifying Risks • When you have a plan for the future project tasks - step back and consider the possibility of each task failing to meet timescales / budget / qualityobjectives • - review all assumptions • Write down a clear definition of the risk – ‘there is a risk that ….... which will impact......’ • Consider past experiences - lessons from past projects or other intellectual material - review list with other project managers and key project team members • Consider all the evidence - requirements and design documents, dependencies, resourcing, status reports • Brainstorm with key project individuals - facilitated sessions – Delphi technique / SWOT analysis - expert interviews • Foster open communication within project team - give the team the opportunity to raise risks - don’t shoot messengers! • Ignore risks over which you have no control - keep within your scope and what is manageable

  8. Evaluating Risks • Determine likelihood or probability of occurrence - consider how many times this has been an issue before - use past experience to guide probability - select HIGH / MEDIUM / LOW • Determine magnitude of loss and impact - assess impact in terms of scale of consequences should issue arise - assess in relation to scope of area being managed - select HIGH / MEDIUM / LOW

  9. Mitigating Risks • avoid - eliminate the cause - remove task/activity causing risk from plan • contain - add actions to plan to reduce probability (high  medium  low) - add actions to plan to reduce impact (high  medium  low) • active acceptance - set aside contingency - allocate extra resource or finance - take out insurance • passive acceptance - do nothing - accept consequences • transfer - pass risk to another party - commercial agreement • is the action appropriate to risk severity? • is cost of action effective enough? • is the action timely enough? • is the action realistic within project context? • is the action agreed by all parties? • is the action owned by a responsible person?

  10. Monitoring Risks • be disciplined in ensuring that all actions are completed • ensure risk status covered in regular project reports • consider new risks as the situation changes • Gather feedback from owners of existing risks - changes to probability/impact/trend • Review RED risks and assign new actions • Review ‘increasing’ trend risks and assign new actions • Do NOT review all risks – manage by exception • escalate in good time to allow mitigation actions to be improved – don’t wait until it becomes an issue!

  11. Red - existing controls not working/adequate (to escalate) Amber - existing controls in danger of failing Green - controls are working Risk Register format Identification Evaluation Mitigation

  12. Risk Register Intranet Tool - Solution HR/payroll Risk log print-out for meetings Owners – read only access Authorised names/depts Intranet Risk Register Warning messages Coordinators – update access Administrator – total access and Audit reporting

  13. Risk Register Intranet Tool - Roles University / School / Administrative Department Risk Coordinator Risk Owner Project Manager View all risks ‘owned’ Register Owner View all risks in register Risk Database Project Manage risks for assigned School or Admin Dept Manage risks for named project • View all University risks • create new project register • School/Dept register restructuring • access control • audit and monitoring • reporting to SAM/SMT/Audit Committee Administrator

  14. Risk Registers & Coordinators

  15. Examples of managing risks

  16. Risk Assessment Process • Pre-risk assessment checklist • 22 multiple choice questions • A – low risk • B – medium risk • C – high risk • Identifies impacts to administrative functions • Risk Assessment Review • Risk assessment checklist • Risk register • DRI summary of finances • Summary presentation (major projects) • SMT approval • Risk.Assessment@swansea.ac.uk

  17. Active Risk Management • track risk actions as part of your status reporting • foster a ‘heads-up’ culture as part of tracking to keep looking ahead • start all tasks as early as possible to increase mitigation options • maintain open and non-threatening communications • decriminalise risk within project team – keep a positive attitude! • Involve the key project skills in risk management – not just PMs • communicate risk information – stakeholders & project team • maintain your Project Files– and risk audit trail • Risk management provides a – • more efficient and cheaper way of working • less stressful working environment

  18. Conclusions • THANK YOU for your time today • c.m.whyte@swansea.ac.uk

More Related