There will always be unexpected events that can impact any given project. These events can have a negative effect on the resources, technology, people, and processes involved in the project. Organisations must be prepared to handle or manage any event that may affect one, some, or all the different aspects of the project. This is to make sure that the project proceeds as planned.
Risks as Threats and Opportunities
Risks, being totally unexpected events, can be viewed as either positive or negative.
An event that may provide the project with an unexpected additional value can be considered as an opportunity.
On the other hand, if the unexpected event has a negative impact on the project, then that event can be considered as a threat.
It is for this reason the project risk management is all about two very important things. One is to optimise or maximise the opportunities that present to the project. The other one is to mitigate or reduce the negative consequences that may arise from threats.
In simple terms, project risk management involves increasing the pluses and decreasing the minuses of the project.
Tools and Techniques in the Identification of Project Risks
No one in the project team can accurately predict when or where in the project cycle risks will arise. It is important for the organisation to employ a variety of tools and techniques for the effective and accurate identification of risks that can impact the project.
- Brainstorming
A special group of people meet to identify as many potential risks as possible that may affect the project.
- SWOT Analysis
Identification and analysis of the different strengths and weaknesses of the project, both of which can provide the project team with an idea of project risks.
- Assumption Analysis
The project team identifies the different assumptions associated with each component of the project planning phase. Each assumption is then analysed for the potential existence of a risk.
- Constraints Analysis
The focus of this technique is the identification of limiting or restricting factors. These are taken as threats to effective project implementation.
- Prompt Lists
This is a tool that is important in the accurate categorisation of risks based on structured areas, such as technical, legal, environmental, commercial, and resources.
- Checklists
Almost like a prompt list, checklists provide a list of predetermined risks. The project team ‘ticks off’ the risk that may be applicable to a certain project.
- Interviews
This involves gathering risk information from project participants, including the stakeholders, end-users, client, and experts, among others.
Assessing and Managing Project Risks
Identifying the presence of risks is the first step to their effective management. It is equally important for organisations to know how to assess such risks. This paves the way for the more effective management of the risk, whether it is a threat or an opportunity.
- Using Probability and Impact Grids
This is a tool that allows the project team to prioritise the different risks. Each identified risk is given a probability and an impact score. The aim of the probability and impact grid is to identify which project risks will require a more detailed plan as a response to the risks.
- Determining Risk Ownership
A key activity in project risk management is the determination of a person or group of persons who will serve as risk owners. This ensures accountability for the different actions that the organisation will take relative to the identified risks.
Our Favourite Agile Books
We found these books great for finding out more information on Agile Scrum:
Basic Responses to Threats and Opportunities
Threats produce a negative impact on the project. As such, an organisation can respond to project threats in the following manner.
- Avoid – Involves changing the project strategy to circumvent the risk.
- Reduce – Mitigation of the risk through carefully-planned action.
- Transfer – The risk gets transferred or handed over to another entity or third party.
- Accept – The organisation takes on the risk head-on.
Opportunities provide a potential benefit to the project and the organisation. As such, the organisation may respond to such opportunities by the following actions.
- Exploit – Focuses on the optimal use of the resources brought about by the occurrence of the risk.
- Enhance – Activities are focused on increasing the likelihood of risk occurrence.
- Share – Involves the distribution of the identified risks across projects, teams, or partners.
- Accept – The project team uses the risks to its advantage.
The Risk Log/Register
An effective project management should always have a risk register or a risk log. This is a very important document that all the different information about the risks associated with the project. It includes the results of the analyses of each identified risk, including the impact of the risk, its probability of occurring, and its identified effects or impacts on the project.
The risk log also contains risk response plans. These plans detail the different steps that the organisation and/or the project team must take should the identified risk manifest.
In general, a risk register allows the organisation and the project team to monitor the project and control the different risks that may arise at any point in the project life cycle.
Benefits and Costs of Risk Management
Effective project risk management can provide the organisation with the following benefits.
- Easier identification of potential trouble spots or problem areas.
- Limitation or reduction of unnecessary and unwanted surprises.
- Ensures better quality data necessary for effective decision-making.
- Facilitates better quality communication, especially between project team and stakeholders.
- Allows for more judicious and equitable budget planning.
- Provides for clearer project expectations.
- Promotes better project team focus.
- Allows for the easier and more efficient escalation of concerns.
- Promotes greater satisfaction among customers.
- Improves the organisation’s bottom line.
Risk management does entail costs. Whether it is through the hiring of a third-party provider to assume the risk or the purchase of a technology to enhance the occurrence of the opportunity, the organisation will still have to spend.
The sum of all the different activities related to an organisation’s risk management programme defines the cost of risk. It can include administrative costs, loss-adjustment expenses, transfer costs, and risk control costs, among others.
Risk management is a very important aspect of any project. The project team should be ready to address the threats that may negatively impact the project. It should also be able to take full advantage of the different opportunities that a positive risk can have on the project.