Download
project risk management n.
Skip this Video
Loading SlideShow in 5 Seconds..
Project Risk Management PowerPoint Presentation
Download Presentation
Project Risk Management

Project Risk Management

726 Vues Download Presentation
Télécharger la présentation

Project Risk Management

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. Project Risk Management

  2. Common Mistakes in Managing Project Risk • Not Understanding the Benefits of Risk Management • Not Providing Adequate Time for Risk Management • Not Identifying and Assessing Risk Using a Standardized Approach

  3. Effective and successful project risk management requires: • Commitment by all stakeholders • Stakeholder Responsibility • each risk must have an owner • Different Risks for Different Types of Projects

  4. Various Software Risks

  5. IT Project Risk Management Planning Process • PMBOK definition of Project Risk • An uncertain event or condition that, if it occurs, has a positive or negative effect on the project objectives. • PMBOK definition of Project Risk Management • The systematic process of identifying, analyzing, and responding to project risk. It includes maximizing the probability and consequences of positive events and minimizing the probability and consequences of adverse events.

  6. IT Project Risk Management Process

  7. IT Project Risk Management Planning Process • Risk Planning • Requires a firm commitment to risk management from all project stakeholders • Ensures adequate resources to plan for and manage risk • Focuses on preparation

  8. IT Project Risk Management Planning Process • Risk Identification of: • Threats and opportunities • Causes and effects of each risk • Effective strategies for and responses to risk

  9. IT Project Risk Management Planning Process • Risk Assessment • What is the likelihood of a particular risk occurring? • What is the impact on the project if it does occur?

  10. IT Project Risk Management Planning Process • Risk Strategies • Accept or ignore the risk • Avoid the risk completely. • Reduce the likelihood or impact of the risk (or both) if the risk occurs. • Transfer the risk to someone else (i.e., insurance).

  11. IT Project Risk Management Planning Process • Risk Monitoring and Control • Risk Response • Risk Evaluation • How did we do? • What can we do better next time? • What lessons did we learn? • What best practices can be incorporated in the risk management process?

  12. Identifying IT Project Risks • Types of Risks • Generic Risks are a potential threat to every software project. • Product-specific Risks are threats that are specific to the project at hand.

  13. General Risks • Product size - risks associated with the overall size of the software to be built or modified. • Examples: • Estimated size of product in LOC or FP • Number of users of the product • Amount of reused software • Size of database created or used by the product • Number of projected changes to the requirement.

  14. General Risks • Business impact - risks associated with constraints imposed by management or the marketplace • Examples: • Effect of this product on company revenue • Reasonableness of delivery deadline • Governmental constraints • Number of other products with which this product must be interoperable • Costs associated with late delivery

  15. General Risks • Customer characteristics - risks associated with the sophistication of the customer and the developer’s ability to communicate with the customer. • Examples: • Have you worked with the customer in the past? • Does the customer have a solid idea of what is required? • Will the customer agree to spend time in formal requirements gathering meetings.

  16. General Risks • Process definition - risks associated with the degree to which the software process has been defined and is followed by the development organization. • Examples: • Do you have specific methods used for software analysis • Are published software engineering standards provided for every software developers. • Has your organization developed a written description of the software process to be used on this project.

  17. General Risks • Development environment - risks associated with the availability and quality of the tools to be used to build the product. • Examples: • Is a software project management tool available? • Are tools for analysis and design available? • Are local experts available to answer questions about the tools? • Is on-line help and documentation for the tools adequate?

  18. General Risks • Technology to be built - risks associated with the complexity of the system to be built and the newness of the technology that is packaged by the system. • Examples: • Is the technology to be built new to your organization? • Does the software interface with new or unproven hardware

  19. General Risks • Staff size and experience - risks associated with the overall technical and project experience of the software engineers who will do the work. • Examples: • Are the best people available? • Do the people have the right combination of skills? • Are enough people available? • Are staff committed for entire duration of the project?

  20. Identifying IT Project Risks • Tools and Techniques • Learning Cycles • Brainstorming • Nominal Group Technique (NGT) • Delphi Technique • Interviewing • Checklists • SWOT Analysis • Cause and Effect Diagrams • Past Projects

  21. Learning Cycles

  22. Identifying IT Project Risks • Nominal Group Technique (NGT) a. Each individual silently writes her or his ideas on a piece of paper b. Each idea is then written on a board or flip chart one at a time in a round-robin fashion until each individual has listed all of his or her ideas. c. The group then discusses and clarifies each of the ideas. d. Each individual then silently ranks and prioritizes the ideas. e. The group then discusses the rankings and priorities of the ideas. f. Each individual ranks and prioritizes the ideas again. g. The rankings and prioritizations are then summarized for the group.

  23. Identifying IT Project Risks • Top 10 Software Risk Items • Personal shortfalls • Unrealistic schedules and budgets • Developing the wrong functions and properties • Developing the wrong user interface • Gold-plating • Continuing stream of requirements changes • Shortfalls in externally furnished components • Shortfalls in externally performed tasks • Real-time performance shortfalls • Straining computer-science capabilities

  24. SWOT Analysis

  25. Cause and Effect Diagram • Identify the risk in terms of a threat or opportunity. • Identify the main factors that can cause the risk to occur. • Identify detailed factors for each of the main factors. • Continue refining the diagram until satisfied that the diagram is complete.

  26. Cause and Effect Diagram

  27. Risk Analysis and Assessment • Qualitative Approaches • Subjective analysis analysis of risks based upon a project stakeholder’s experience or judgement • Tools • Expected Value – probability weighted sum • Decision Trees • Risk Impact Table • Tusler’s risk classification scheme

  28. Expected Value of a Payoff Table

  29. Decision Tree Analysis

  30. IT Project Risk Impact Analysis

  31. Chart Showing High-, Medium-, and Low-Risk

  32. Risk Ranking

  33. Tusler’s Risk Classification Scheme

  34. Risk Analysis and Assessment • Quantitative Approaches • Normal • PERT • Triangular • Simulations

  35. Normal Distribution

  36. Normal Distribution • shape is determined by its mean (µ) and standard deviation () • Probability is associated with area under the curve. • Since the distribution is symmetrical, the following probability rules of thumb apply • About 68 percent of all the values will fall between +1  of the mean • About 95 percent of all the values will fall between +2  of the mean • About 99 percent of all the values will fall between +3  of the mean

  37. Normal Distribution – Example • Suppose that the project’s task would be expected to complete in 10 days. • We could estimate that the task would be completed within 6-14 days with 95% certain. • μ ± 2σ = 10 ± 2*2 • We also say that we would be about 99% confident that the task would be completed b/w 4-16 days. • μ ± 3σ = 10 ± 3*2

  38. PERT Distribution

  39. PERT Distribution • PERT distribution uses a three-point estimate where: • a denotes an optimistic estimate • b denotes a most likely estimate • c denotes a pessimistic estimate • PERT Mean = (a + 4m + b) / 6 • PERT Standard Deviation = (b - a) / 6

  40. Triangular Distribution

  41. Triangular Distribution • uses a three-point estimate similar to the PERT distribution where: • a denotes an optimistic estimate • b denotes a most likely estimate • c denotes a pessimistic estimate • weighting for the mean and standard deviation are different from PERT • TRIANG Mean = (a + m + b) / 3 • TRIANG Standard Deviation = [((b-a)2 + (m-a)(m-b)) /18]1/2

  42. Simulations • Simulation uses a representation or model of a system to analyze the expected behavior or performance of the system • Monte Carlo analysis simulates a model’s outcome many times to provide a statistical distribution of the calculated results • To use a Monte Carlo simulation, you must have three estimates (most likely, pessimistic, and optimistic) plus an estimate of the likelihood of the estimate being between the optimistic and most likely values

  43. Sample Monte Carlo Simulation Results for Project Schedule

  44. Sample Monte Carlo Simulations Results for Project Costs

  45. Risk Strategies • Factors: • The nature of the risk itself • The impact of the risk on the project’s MOV and objectives • The project’s constraints in terms of scope, schedule, budget, and quality • Risk tolerances or preferences of the various project stakeholders

  46. Risk Strategy Alternatives • Accept or Ignore • Management Reserves • Contingency Reserves • Contingency plans • Avoidance • Mitigate – Reduce likelihood and/or impact • Transfer – e.g. insurance

  47. Project Risk Radar

  48. Risk Monitoring and Control • Monitoring risks involves knowing their status • Controlling risks involves carrying out the risk management plans as risks occur • Workarounds are unplanned responses to risk events that must be done when there are no contingency plans • The main outputs of risk monitoring and control are corrective action, project change requests, and updates to other plans

  49. Risk Monitoring and Control • Tools for monitoring and controlling project risk • Risk Audits by external people • Risk Reviews by internal team members • Risk Status Meetings and Reports

  50. Example of Top 10 Risk Item Tracking