ELEVEN - Risk Management Flashcards
What does a PM’s work focus on?
Preventing, not dealing with, problems
What is Risk Management?
The process of identifying, evaluating, and planning responses to events, both positive and negative, that might occur. Through risk management, a PM can increase the probability and impact of opportunities, while decreasing the probability and impact of threats.
What is Uncertainty?
A lack of knowledge about an event that reduces our confidence in the conclusions we can draw from specific data
What are Risk Factors?
When assessing risk, it is necessary to determine:
Probability a risk event will occur;
Range of possible outcomes (impact and how much is at stake);
Expected timing for it to occur;
Anticipate frequency
What is a risk event?
Something identified in advance that may or may not happen, and that can have positive or negative impacts on the project
What is Risk Appetite?
AKA risk tolerance. A general, high-level description of the level of risk acceptable to an individual or organization. Example, a sponsor is willing to accept little risk to the schedule.
What is Risk Thresholds?
Refers to the specific point at which risk becomes unacceptable. Example, sponsor will not accept a risk of the schedule being delayed by 15 days or longer
What is Risk Averse?
A stakeholder who does not want to be negatively impact by threats is said to be Risk Averse
Who is involved in Plan Risk Management?
PM, sponsors, team, customer, other stakeholders, and experts
What does the Plan Risk Management process answer?
Answers the question of how much time should be spent on risk management based on the needs of the project. Includes Risk appetite of management and other key stakeholders. Also identifies who will be involved and how the team will perform risk management.
What are the inputs to Plan Risk Management (P)?
PM Plan - Includes info on how risk management will be handled in relation to scope, schedule, cost, etc
Project Charter - Indicates initial high level risks
Stakeholder Register
EEFs - Areas of risk org. is willing to accept and risk threshold of an org.
OPAs - templates, procedures (for risk management), LL, historical info,
What are the outputs of plan risk management?
Risk Management Plan
What does the Risk Management Plan include?
Risk Strategy - overall approach to managing risks;
Methodology - How risk management will be performed to meet needs of a project;
Roles and Responsibilities;
Funding - Cost of risk management process and plan for utilizing reserves;
Timing - When do to risk management. This time needs to be allocated for in the schedule;
Risk Categories;
Stakeholder risk appetite/thresholds - Info also used when ranking risks based on prob/impact;
Definitions of probability and impact - Help PM standardize interpretations of probability and impact matrix;
Reporting - Describes risk management reports, what they will include, and to whom they will be sent. Composition of risk register is defined here as well;
Tracking - how risk management process will be audited and how results of risk management efforts will be documented
When should risk management occur?
As soon as the PM has the required inputs and should be repeated throughout the life of the project.
What are Risk categories (Sources of Risk)?
A standard list of risk categories can help ensure no areas of risk are missed. The categories are broad, common areas or sources of risk (technology changes, lack of resources, regulatory hurdles, cultural issues).
Orgs and PMOs should maintain a standard list of risk categories that all PMs can use. A Risk Breakdown structure can help identify and document risk categories
What are 5 ways risks can be categorized?
External - regulatory, environmental, governmental issues, market shifts, problems with project sites
Internal - Changes to schedule or budget, scope changes, inexperienced team members, staffing, materials, equipment
Technical - Changes in technology, technical processes
Commercial - customer stability, contract terms and conditions, vendors
Unforeseeable - Only small amount of risks are unforeseeable
What are the two main types of risks?
Business risk: Risk of a gain or loss
Pure (Insurable) Risk: Risk of loss only (fire, theft, etc)
What are nonevent risks?
Variability - Risks caused by the inability to predict future changes
Ambiguity - Risks caused by lack of understanding
What occurs in identify risks (P)?
In this process, risks to the project are identified. This effort should involve all stakeholders, and possibly with nonstakeholders.
When is risk identification done?
At beginning during planning, during integrated change control, when working with contracts and/or resources, and when dealing with project issues
What are the tools and techniques to Identify Risks?
Brainstorming, Checklist Analysis, Interviewing, Root Cause Analysis, Assumption Analysis, Constraint Analysis, SWOT Analysis, Documentation Review, Prompt Lists, Facilitation
What is Risk Checklist Analysis?
Organization may compile a list of risks encountered on projects which help in identifying risks on new projects. Involves reviewing a checklist of generic risk categories to help identify specific risks from each category
Root Cause Analysis - Identify Risks
Identified risks are reorganized by their root causes to help identify more risks
SWOT Analysis - Risk
Analyzes the project to identify strengths and weaknesses, as well as opportunities and threats