Chap4 Developing a Risk Management Plan Flashcards
POAM
~ POA&M ~ Plan of Action and Milestones
this plans use to track the project progress
assignment of responsibility: who respond for each task
management follow-up: determine the project status, timeline
It is also useful for audited project
No specific format, it’s a living document ~ update regularly
Gantt chart is a POAM
stakeholder & true stakeholder
is an individual or a group has a stake or interest in the success of a project
true stakeholder is a stakeholder that has a vested interest in project and wants to see it succeed
PM responsible for?
make project is: cost is under control quality is maintained on schedule stay within scope tracking & managing issue info available to all key stakeholders raise issues & problems ensure members and stakeholders aware responsibilities and deadlines
valid contents of risk management plan
Objectives, Scope, recommendations, POAM, CBA, other reports
Objectives of a risk management plan
road map for plan»_space; where you’re going and when reach there ~ goal of project
scope of a risk management plan
scope identifies the boundaries of the RMP. It could include the entire org or a single system. Avoid the plan get out of control
Fish bone diagram
suitable to use cause & effect diagram
cause ~ threat»_space; trying to find the root cause
effect ~ outage
cause & effect diagram
used to discover and document the findings
main purpose of a risk management plan?
to mitigate risk
common objectives of RMP
list of threats list of vulnerabilities cost associated with risks recommendations to reduce risks cost associated with recommendations cost-benefit analysis reports
implementation of the plan tasks?
document management decisions
document and track implementation of accepted recommendations
a POAM
cost of an outage
direct and indirect cost
direct»_space; lost sale revenue, if srv down 1h, how much? or cost of system recover
indirect»_space; reputation, recover the goodwill
recommendations and cost
to mitigate the risks
reduce the impact of the threats
» how much?»_space; cost and benefit analysis (CBA)
document accepted recommendations
& track implementation
management accept/defer/modify recommendations»_space; document their choices
track implementation: track the choices and implementation
scope creep
creep: sự kinh sợ
uncontrolled changes»_space; additional requirements»_space; scope grows»_space; cost grow, missed deadlines