Chapter 12: Risks and Issues Flashcards
C12 Risks and Issues: Terms and terminology
- Contingency plan (не путать с Contingency Reserve) - =Risk Response plan. Что конкретно будет делаться если возникнет threat / opportunity. Активируется через Risk Triggers. Exam question: next steps if a big problem accures - по умолчанию правильный ответ “implementing a contingency plan”
- Fallback plans - что будет сделано, если Contingency Plan не сработает
- Fast failure (agile) - чем раньше фейлим, тем лучше. Если знаем что будет фейл, можем специально его вызвать
- PIQQRIM - Plan->Identify->Qualitative->Quantative->Responses->Implement->Monitor
- Project Pre-mortem (Agile) - Problem solving game. Aims to find failure points before they happen. Представляем что проект по шел не по плану. Ищем причины. Переделываем план
- Risk breakdown structure (RBS) - hierarchical chart looks like an orga chart - help indentify and document risk categories
-
Risk levels (?):
- Individual project risks - конкретный риск в проекте (?)
- Overall project risk - шансы в принципе сделать проект
- Risk Report - общий репорт (?) с перечнем рисков, exposure, anticipated changes and outcomes of risk responses.
- Risk mitigation actions in agile - are added to the backlog as user stories
- Set-based Design (agile) - involves exploring multiple options (designs) early in the proj and eliminating the ones that won’t work. Tools like decision tree analysis can be used. Creates flexibility and allows teams to develop knowledge as they work through the different options
-
Spike / Risk spike (agile) - short iteration dedicated to exploration (an issue or approach)
- Architectural spike - for proof-of-concept efforts. E.g. trying new technology
- Watch list - низкоприоритетные риски (по результатам Qualitative Analysis, выяснили) здесь документируются, и периодически просматриваются
- Workaround - в отличие то contingency response, которые планируются заранее, WA - unplanned responses to deal with unanticipated events (or deal with risks that had been accepted because of the unlikelihood of an occurence and.or minimal impact). PM who do not perform risk management spend a lot of time creating workaround. На них могут management reserves использоваться (по согласованию через Integr Change Control)
Risk Appetites and Thresholds
- Risk appetite (risk tolerance) - general level of risk acceptable. Описывается словами “little”, например
- Risk threshold - specific point at which risk becomes unacceptable (e.g. schedule delay 15+ days)
- Risk averse - individual or organization with a very low appetite for the negative impact and threats
Risk management plan
Включает:
- Risk strategy - overall approach to managing risks
- Methodology - how risk mang will be performed to meet the needs of the project
- Roles and responsibilities - тут не только PM может быть
- Funding - plan for utilizing reserves in response to risks
- Timing - when to do risk management during the proj
- Risk categories (см. в другой карточке)
- Stakeholder risk appetite/thresholds
- Definitions of probability and impact- helps standardize interpretations
- Reporting - какие risk-related репорты будут созданы
- Tracking - how risk manag process will be audited and how the results of risk management will be documented
Risk categories (=Source of risk)
Различные разрезы рисков
General Risk Categories
300+ разновидностей , e.g. The customer, Suppliers etc.
By Project Constraint
Scope, Shedule, Cost, Quality, Resources, Customer Satisf
By Business / Pure Risk
- Business risk - risk of a loss OR GAIN
- Pure risk (=insurable) - ONLY risk of loss (injury, fire, theft etc.)
By Variability / Ambiguity (“non-event risks”)
- Variability risks - a type of risk based on the variations that may occur in the project, such as production, number of quality errors, or even the weather
- Ambiguity risks (неопределенность, двусмысленность) - deals with the probability or possibilities that are unknown. Risks that have an uncertain, unclear nature, impossible to predict (e.g. new laws or regulations, the marketplace conditions)
Risk factors
- Probability that a risk event will occur
- Impact - range of possible outcomes
- When - expected timing for it to occur in the project life cycle
- How often - anticipated frequency of risk events from that source
Risk Parameters
Определяются в процессе Qualitative assessment. Используется в дополнение к стандартным probability matrix, как доп. фактор для ускорения проработки
- Urgency - вероятность, что возникнет скоро, или требует много времени на plan a response. Такие в первую очередь толкаем вперед
- Dormancy - время между возникновением риска и появлением импакта от него
- Manageability and controllability - если возникнет, насколько сложно управлять
- Strategic impact - если возникнет, как сильно повлияет на стратегические цели компании
Expected monetary value (EMV)
- В тч для agile. The monetary value of a risk exposure based on the risk’s probability and impact in the risk matrix.
- This approach is typically used in quantitative risk analysis because it quantifies the risk exposure.
- Ex$V = [СТОИМОСТЬ РИСКА или “ИМПАКТ”] * вероятность
- Может применяться для подсчета value of cost, schedule/path, value of your decision
Risk Response Strategies
Общие statements и понятия
-
Residual Risks responses - risks that cannot be anticipated or planning for. В т.ч. risks that are expected to remain after a risk response (e.g. застрахованная от пожара недвижимость всё равно приведет после пожара к задержке), либо . Что делать:
- Do something if the risk happens (contingency plans)
- Do something if contingency plans are not effective (fallback plans)
- Видимо где-то здесь же management reserve начинает использоваться
- Secondary risk - риск, созданный исправлением изначального риска (например, привлекли вендора, и появился риск его ухода с рынка). PM need to decide what to do about possible secondary risks
- Risk triggers - events that trigger the Contingency Responce
Strategies for Threats
-
High-prioriry/high impact cases:
- Avoid (Eliminate) - eleminating the cause (e.g. removing a work package or changing the person assigned to do work)
- Mitigate - reduce the probability or (отдельно) impact removing it from the list of top risks.
-
Low priority / low impact BUT with higher impact as well cases
- Transfer (deflect, allocate) (особенно для Pure Risks) - like “insurance”. Risk ownership is transferred to third party, usually for a fee. A fee and contractual relationships are typically involved
Strategies for Opportunities
- Exploit (reverse of Avoid) - делаем шаги чтобы риск точно случится, и из него извлекаем выгоду
- Enhance (reverse of Mitigate) - увеличиваем probability/impact что риск произойдет
- Share - shares the advantages of a positive risk with other companies or within the organization (e.g. bonus or incentive для вендора, за раннее окончание работ)
Strategies for BOTH Threats and Opportunities
(обычно для Low priority / low impact BUT with higher impact as well cases)
- Escalating - events that may outside of the proj scope or PM authority to act upon. Обычно решаются на уровне program/portfolio
-
Acceptance:
- Passive - ничего не делаем. Если случится, будем workarounds изобретать
- Active - создаем contingency plan and allocating time and costs reserves
Risk Management Process overview
- Лучший ответ на экзамене - implement a contingency plan
- Contingency plan = risk response plan for specific risk
- Risk triggers - triggers contingency response (видимо как contingency plan, так и contingency reserve)
- Risk register - содержит все Residual / Secondary risks, Contingency (specific actions to be taken if opport / thread occurs!)/ Fallback plans, Triggers, Contingency / Management Reserves