Holmes institute assignment cover sheet

Introduction

This week, we will explore risk management. Risk management is one of those areas in project management that separates good project managers from great project managers. A good project manager makes risk management an integral part of every phase of project work. Risks are identified, prioritized, and understood. There are clear responsibilities within the team as to whose is responsible for implementing a risk response to reduce the impact should it occur. So let's get started.

What is Risk?

*Risk: An uncertain event or condition that, if it occurs, has a positive or negative effect on one or more project objectives.

Risks can be positive, meaning beneficial to the project, or they can be negative, meaning detrimental to the project.

Many students have a difficult time visualizing positive risks. A positive risk is an opportunity that may increase the probability of success, the return on investment, or the benefits of the project. They may also be ways to reduce project costs or ways to complete the project early. There may even be methods to improve project quality or overall performance. These are all examples of positive risks.

A negative risk can be easier to understand. It is the possibility that something will go wrong, a threat to the success of the project. It is important to remember that a risk is a possibility, not a fact. It is a potential problem. At GettaByte Software, there is the potential that a power outage would occur during data transfer. The potential exists that a key resource could become unavailable due to some unforeseen circumstance, like illness. Those are threats to the success of the project.

When buying a house to renovate, there are potential risks with respect to plumbing, wiring, the foundation, and so on.

A project manager needs to consider trying to make positive risks happen while trying to prevent negative ones from occurring. To do this, a project manager can take a proactive approach to risk management. This means he or she plans a risk response should it look as though the risk will become a reality. In this way, everyone knows exactly how to prepare and respond to the risk once it does become an issue.

The Risk Management Process

A project has both good and bad risks, which are referred to as positive and negative risks or opportunities and threats. For positive risks or opportunities, the project manager can choose from a range of risk responses. For threats, a project manager has a similar range of choices. The following, as described in the PMBOK® Guide, are the risk management processes.

Plan Risk Management:

· Risk Strategy

· Defines the general approach to managing risk on the project

· Methodology

· Defines the specific, tools, approaches, organizational considerations, data, and measurements that will be used to perform risk management

· Roles and Responsibilities

· Identifies potential risk owners and defines risk owner responsibilities

· Budget (Funding)

· Allocates specific funds for risk management

· Schedule (Timing)

· Defines when and how often risk management processes will be performed during the project so risk management activities become part of the project schedule

· Risk Categories

· Defines the general categories of risks that could occur during this project into a hierarchical representation of potential sources of risk—a risk breakdown structure (RBS)

· Stakeholder Risk Tolerance

· Defines and measures risk thresholds for each project objective, determining the acceptable level of overall project risk exposure

· Definitions of Risk Probability and Impact

· Define levels of risk probability and impact to create consistency in qualitative risk analysis

Identify Risks

· Data Gathering

· Identify risks using brainstorming, checklists, interviews, or review of similar projects. Identifying risks is an iterative process throughout the life of the project. Time for risk identification should be part of every status meeting or update.

· Data Analysis

· Use tools such as SWOT analysis, root cause analysis, and others to identify additional risks.

· Risk Register

· Create a categorized risk register, including the list of identified risks, potential risk owners, and risk responses. The register is updated throughout the course of the project. Here is a look at the risk register you will be using for your project.

Risk Register

Perform Qualitative Risk Analysis

During this process, each risk is evaluated for impact and probability. Impacts and probabilities are listed on a scale of either one to three (low, medium, high), or one to five (very low, low, medium, high, very high). Shown below is a 5 by 5 impact probability matrix used to visualize risk. It is an example of a very high to very low scale matrix. Each risk is rated based on its impact and probability and given a color code. Therefore, looking at the impact (very low to very high) and comparing it on the matrix to the risk's probability (very low to very high) provides a color risk ranking for a given risk. Red risks usually require a proactive response, yellow risks monitoring and a possible contingency plan, and green risks are placed on a watchlist because they are too low in impact or probability to require an action plan. It is important to realize that risks can change in impact and probability throughout the course of the project