1 / 104

Project Risk Management

Project Risk Management. What is Risk?. Risk and uncertainty are equivalent. Three Definitions. Risk A possible future event which if it occurs will lead to an undesirable outcome. Project Risk

lexi
Télécharger la présentation

Project Risk Management

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Project Risk Management

  2. What is Risk? Risk and uncertainty are equivalent

  3. Three Definitions • Risk • A possible future event which if it occurs will lead to an undesirable outcome. • Project Risk • The cumulative effect of the chances of an uncertain occurrence that will adversely affect project objectives. • Risk Management • A systematic and explicit approach for identifying, quantifying, and controlling project risk.

  4. DEFINITION PROJECT RISK MANAGEMENT IS THE ART AND SCIENCE OF IDENTIFYING, ASSESSING, AND RESPONDING TO PROJECT RISK THROUGHOUT THE LIFE OF A PROJECT AND IN THE BEST INTERESTS OF ITS OBJECTIVES PROJECT RISK IS THE CUMULATIVE EFFECT OF THE CHANCES OF UNCERTAINOCCURRENCES ADVERSELY AFFECTING PROJECT OBJECTIVES

  5. RISK MANAGEMENT PURPOSE IDENTIFY FACTORS THAT ARE LIKELY TO IMPACT THE PROJECT OBJECTIVES OF SCOPE, QUALITY, COST AND TIME QUANTIFY THE LIKELY IMPACT OF EACH FACTOR GIVE A BASELINE FOR PROJECT NON-CONTROLLABLES MITIGATE IMPACTS BY EXERCISING INFLUENCE OVER PROJECT CONTROLLABLES THE PMBOK ALSO POINTS OUT THAT RISK MANAGEMENT INCLUDES MAXIMIZING THE RESULTS OF POSITIVE EVENTS AND MINIMIZING THE CONSEQUENCES OF ADVERSE EVENTS.

  6. ISSUES A RISK SHOULD ONLY BE TAKEN WHEN THE POTENTIAL BENEFIT AND CHANCES OF WINNING EXCEED THE REMEDIAL COST OF AN UNSUCCESSFUL DECISION AND CHANCES OF LOSING BY A SATISFACTORY MARGIN WHAT WILL BE GAINED? WHAT COULD BE LOST? WHAT ARE THE CHANCES OF SUCCESS (AND FAILURE)? WHAT CAN BE DONE IF THE DESIRED RESULT IS NOT ACHIEVED? IS THE POTENTIAL REWARD WORTH THE RISK? POTENTIAL FREQUENCY OF LOSS AMOUNT AND RELIABILITY OF INFORMATION AVAILABLE POTENTIAL SEVERITY OF LOSS MANAGEABILITY OF THE RISK VIVIDNESS OF THE CONSEQUENCES POTENTIAL FOR (ADVERSE) PUBLICITY WHOSE MONEY IS IT?

  7. NATURE OF RISK MANAGEMENT WHEN SPEAKING OF RISK, THINK OF ONLY HAZARDOUS ONES EVERYDAY COMMON DAY ONES ARE IGNORED RARELY DO WE SYSTEMATICALLY IDENTIFY ALL RISKS INVOLVED HOWEVER, INCLINED TO CONSIDER RISK DIFFERENTLY RELATIVE TO FAMILY - VERY PRECIOUS AND LOTS OF POTENTIAL EXAMPLES: SMALL CHILDREN - STAY AWAY FROM ROAD - RISK ID & AVOIDANCE HOW DID DAY GO? - DO MORE TO HELP THEM - INFO FEEDBACK THESE ACTIONS ARE ESTABLISHING THE BASIC ELEMENTS OF MANAGING PROJECT RISK INTO OUR CHILDREN

  8. PROJECT RISK MGMT IS PRO-ACTIVE CLASSIC SYSTEMS METHODOLOGY: INPUT PROCESS OUTPUT FEEDBACK LOOP THIS PROCESS VITAL TO EFFECTIVE PROJECT CONTROL, HOWEVER RISK IS DIFFERENT - - HAS TO DO WITH: UNCERTAINTY, PROBABILITY OR UNPREDICTABILITY, AND CONTINGENT PLANNING

  9. REACTIVE vs. PRO-ACTIVE CRISIS MANAGEMENT -- REACTIVE MODE -- SELECT RESPONSE PRO-ACTIVE -- ANTICIPATE AND PLAN TO AVOID RISK & DECISION MAKING: TAKE RISK IF POTENTIAL BENEFIT AND CHANCE OF WINNING EXCEEDS COST OF UNSUCCESSFUL DECISION AND CHANCES OF LOSING BY A SATISFACTORY MARGIN (CLASSIC COST / BENEFIT ANALYSIS)

  10. Project Risk Management

  11. PMBOK Risk • Opportunities - Positive outcome • Threats - Negative outcome

  12. Benefits of Risk Management • More and better information is available during planning and decision making • Project objectives are verified • Improved communications • Higher probability of project success • Proactive approach • Project might be canceled

  13. Why Organizations don’t doRisk Management • Unwillingness to admit risks exist • Postpone the hard parts of the project until later • Risk management costs money • Up front investment of time • Can’t prove it’s necessary • Think health insurance

  14. Why Organizations don’t doRisk Management • “Can Do” management style severely inhibits risk management • Risk identification can make you look like a whiner

  15. Ways to AvoidRisk Management • “Managing risk is everybody’s business” • “There is only one risk: The project might fail. And we’re managing that by working real hard to assure that doesn’t happen.”

  16. The Uncertainty Spectrum Complete Information NO Information Partial Information (Unknown unknowns) (Known unknowns) (Knowns) GENERAL UNCERTAINTY SPECIFIC UNCERTAINTY TOTAL UNCERTAINTY TOTAL CERTAINTY SCOPE OF PROJECT RISK MANAGEMENT* *Note: in this range the information to be sought is known

  17. Project Risk Integration Communication Scope Project Risk Cost Time Quality Procurement Human Resources

  18. INTEGRATING RISK PROJECT MANAGEMENT INTEGRATION INFORMATION / Life Cycle and SCOPE Environment Variables COMMUNICATIONS Ideas, Directives, Expectations Data Exchange Accuracy Feasibility PROJECT RISK HUMAN Availability Productivity Requirements Standards QUALITY RESOURCES Time Objectives, Services, Plant, Materials: Restraints Performance CONTRACT / Cost Objectives, TIME Restraints PROCUREMENT COST

  19. Project Risk Management A subset of project management that includes the processes concerned with identifying, analyzing, and responding to project risk.

  20. Risk Management Objectives • Reduce the number of surprise events • Minimize consequences of adverse events • Maximize the results of positive events

  21. Risk Classification • Business risks vs. pure (insurable) risks • Classified by uncertainty (business risks) • Classified by impact on project elements • Classified by their nature • Classified by their source • Classified by their probability to occur and amount at stake

  22. Consequences of Risk Analysis Positives • greater information is made available during the course of planning and decision making • project objectives are verified • better communications • better probability that project realization will be optimal • increased chance of project success

  23. Consequences of Risk Analysis Negatives • belief that all risks have been accounted for • project could be shut down

  24. Some Considerations • Real information is the key. • The relationship between uncertainty and information is inverse. • For the project manager, conditions of relative uncertainty (partial information) are the rule. • There is a natural resistance to formal risk analysis. • Risks should only be taken to achieve a project objective.

  25. PMBOK FIGURE 11-1 PROJECT RISK MANAGEMENT OVERVIEW • Risk Identification • Inputs • Product Description • Other Planning Outputs • Historical Information • Tools & Techniques • Checklists • Flowcharting • Interviewing • Outputs • Sources of Risk • Potential Risk Events • Risk Symptoms • Inputs to other Processes • Risk Quantification • Inputs • Stakeholder risk tolerances • Sources of Risk • Potential Risk Events • Cost Estimates • Activity Duration Estimates • Tools & Techniques • Expected Monetary Value • Statistical Sums • Simulation • Decision Trees • Expert Judgment • Outputs • Opportunities to pursue, threats to respond to • Opportunities to ignore, threats to accept • Response Development • Inputs • Opportunities to pursue, threats to respond to • Opportunities to ignore, threats to accept • Tools & Techniques • Procurement • Contingency Planning • Alternative Strategies • Insurance • Outputs • Risk Management Plan • Inputs to other Processes • Contingency Plans • Reserves • Contractual Agreements • Response Control • Inputs • Risk Management Plan • Actual Risk Events • Additional Risk Identification • Tools & Techniques • Workarounds • Additional Risk Response Development • Outputs • Corrective Action • Updates to Risk Management Plan

  26. Risk Identification Risk identification is determining which risks are likely to affect the project and documenting the characteristics of each.

  27. Typical Life Cycle ProfilesRisk versus Amount at Stake Total project life cycle I N C R E A S I N G R I S K Plan Accomplish Phase 1 Conceive Phase 2 Develop Phase 3 Execute Phase 4 Finish Opportunity & Risk $ V A L U E (period when highest risks are incurred) Amount at Stake (period of highest risk impact) TIME

  28. Inputs to Risk Identification • Product description • Specification • SOW • Contract • Other planning outputs • WBS • OBS • Cost and Schedule estimates

  29. Inputs to Risk Identification • Historical information • Commercial databases • Corporate memory • Corporate database (lessons learned) • Websites

  30. Inputs to Risk Identification • Assumptions • Explicit • Implicit • Critical success factors

  31. PHASE 1: RISK IDENTIFICATION IDENTIFY ALL POSSIBLE RISKS WHICH MAY SIGNIFICANTLY IMPACT THE SUCCESS OF THE PROJECT -- CAN DO THIS BY: CAUSE-AND-EFFECT ANALYSIS (WHAT COULD HAPPEN é WHAT ENSUES) EFFECT-AND-CAUSE ANALYSIS (WHAT OUTCOMES TO AVOID é HOW THEY MIGHT OCCUR) BRING IN THE EXPERTS ON THE PROGRAM AND QUESTION THEM BRAINSTORM WBS - INDIVIDUAL WORK PACKAGES PLUS COMBINATIONS THEREOF WILLOUGHBY TEMPLATES, SEI TAXONOMY AND CHARELLET CHECKLIST Risk typically examines possibility of suffering harm or loss; however, Risk Identification is also concerned with opportunities (positive outcomes) and threats (negative outcomes).

  32. TYPES OF RISK • Business vs. Insurable Risk • Risk Sources • External Unpredictable • External Predictable • Internal Non-Technical • Technical • Legal

  33. TYPES OF RISK (2) • Knowns • An item or situation containing no uncertainty • Known Unknowns • Things which we know exist but do not know how they will affect us. These can be identified and evaluated. • Unknown Unknowns • Those risks that cannot be identified and evaluated (unexpected needs). These can be handled via contingency allowances.

  34. TYPES OF RISK (3) • Risks can also be classified as: • External Unpredictable • External Predictable • Internal Non-Technical • Technical • Legal

  35. EXTERNAL UNPREDICTABLE • Regulatory • Natural Hazards • Postulated Events • Unexpected Side Effects of the Project • Failure to Complete Project Due to Uncontrollable External Events

  36. EXTERNAL PREDICTABLE • Market Risks • Operational • Environmental Impacts • Social Impacts • Currency Risk • Inflation • Taxes

  37. INTERNAL, NON-TECHNICAL • Management • Schedule • Cost • Cash Flow • Loss of Potential Benefit or Profit

  38. TECHNICAL • Changes in Technology • Performance Uncertainty • Risks Associated with Project’s Technology • Design • Sheer Size or Complexity

  39. LEGAL • Licensing • Patent Rights • Contractual Difficulties • Outsider Suits • Insider Suits • Force Majeure (PMI’s Word)

  40. OTHER RISK ID SOURCES • Overly Aggressive Cost Estimates • Overly Aggressive Duration Estimates • Staffing Plan - Personnel With Special Skills • Procurement Management Plan • Historical Project Files & Project Team Knowledge • Commercial Databases

  41. KEEP IN MIND • How can you assess risks? • Break things down into individual elements and determine their relationships • What risks should you assess? • All of them • Concentrate on those with greatest impact and most likely probability of occurrence

  42. RISK FACTORS ALL PROJECT RISKS ARE CHARACTERIZED BY THE FOLLOWING THREE RISK FACTORS RISK EVENT: PRECISELY WHAT MIGHT HAPPEN TO THE DETRIMENT OF THE PROJECT Write it as an “If - Then” Statement RISK PROBABILITY: HOW LIKELY THE EVENT IS TO OCCUR AMOUNT AT STAKE: THE SEVERITY OF THE CONSEQUENCES WITH THIS DATA, THE RISK EVENT STATUS ("CRITERION VALUE" OR RANKING) OF A GIVEN RISK EVENT CAN BE DETERMINED BY: RISK EVENT STATUS = RISK PROBABILITY X AMOUNT AT STAKE

  43. RISK EVENT vs. RISK SYMPTOM • RISK EVENT ARE DISCRETE OCCURRENCES • RISK SYMPTOM ÞTRIGGERS • THESE ARE INDIRECT MANIFESTATIONS OF ACTUAL RISK EVENTS • EXAMPLES OF RISK SYMPTOMS: • POOR MORALE = EARLY WARNING SIGN OF SCHEDULE DELAY • EARLY PROJECT COST OVERRUN = POTENTIAL POOR PROJECT • OVERALL ESTIMATING

  44. Risk IdentificationTools and Techniques • Checklists • Project Healthcheck • Flowcharting • Cause & Effect (fishbone or Ishikawa charts • What could happen What ensues • Effect & Cause • Outcomes to avoid How they occur • System or Process flowcharts

  45. Risk IdentificationTools and Techniques • Interviewing • Brainstorming

  46. Outputs • Sources of risk (i.e., categories) • Stakeholder actions • Estimates • Staffing plans • Common sources of risk: • Changes in requirements • Design errors, omissions, and misunderstandings • Poorly defined R & R • Insufficiently skilled staff

  47. Outputs • Potential Risk events • Specific discrete events that might effect the project • Generally include: • Probability • Alternative outcomes • Timing • Frequency (more than once?)

  48. Outputs • Risk Symptoms • Triggers, or trip wires, or indicators • Indirect manifestations of risk events • Poor morale • Lack of reported progress • Inputs to other processes • Improved estimating • More training

  49. Risk Quantification Risk quantification consists of evaluating the risks and risk interactions to assess the range of possible project outcomes.

  50. PHASE 2: RISK QUANTIFICATION GOALS OF QUANTIFICATION (OR ASSESSMENT) INCREASE THE UNDERSTANDING OF THE PROJECT IDENTIFY THE ALTERNATIVES AVAILABLE ENSURE THAT UNCERTAINTIES AND RISKS ARE ADEQUATELY CONSIDERED IN A STRUCTURED AND SYSTEMATIC WAY AND INCORPORATED INTO THE PLANNING AND DEVELOPMENT PROCESS ESTABLISH THE IMPLICATIONS OF THESE UNCERTAINTIES ON ALL OTHER ASPECTS OF THE PROJECT

More Related