|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Project risk - Is an uncertain event or
condition that, if it occurs, has a positive or a negative effect on a project
objective.
A risk has a cause and, if it occurs, a consequence. Risk identification is an
iterative process. (Just like core process). Objective is to decrease the
probability and impact of negative events and vice versa.
Risk Management Planning: deciding on how
to approach, plan and execute risk mgmt activities for a project.
Risk Identification: determining which
risk can effect the project and documenting their characteristics.
Qualitative Risk Analysis – style="font-weight:bold"> Prioritizing risks for subsequent further
analysis or action by assessing and combining their probability of occurrence
and impact.
Quantitative Risk Analysis – Numerically
analyzing the effect on overall project objectives of identified risks.
Risk Response Planning: developing options
and actions to enhance opps and reduce threats to project objectives.
Risk Monitoring and Control: tracking
identified risk, monitoring residual risks, identifying new risks, executing
risk response plans and evaluating their effectiveness though the project life
cycle.
RMP: it is input to cost and time
estimating, schedule development and cost budgeting.
I/P: EE factors (attitude towards risk and
tolerance, which can be found in policy statement or revealed in actions), OP
assets, Project scope statement, PMP
TT: Planning meetings and analysis: Risk
cost element and schedule activities will be developed for inclusion in the
project budget and schedule respectively. Responsibilities will be assigned;
templates will be tailored for use later.
Output:
Risk Management Plan – Describes how Risk
Management will be structured and performed, it includes
Methodology (Approach, tools and data sources)
Roles and responsibilities
Budgeting (assign Resources and
estimated Cost for inclusion in cost baseline)
Timing (When and how often;
includes risk activities in project schedule)
Risk Categories style="font-weight:normal;font-family:"Trebuchet MS";font-size:11.0pt">
(RBS, Good practice is to review risk categories during RMP prior to Risk
Identification Process)
Definition of Risk Probability and Impact style="font-weight:normal;font-family:"Trebuchet MS";font-size:11.0pt">
(Definition of probability and impact)
Probability and Impact Matrix
(Look up table, with impact categorized
as Low, Moderate or High)
Revised Stakeholders tolerances
Reporting Formats style="font-weight:normal;font-family:"Trebuchet MS";font-size:11.0pt">
(Describes Risk Register Contents and format)
Tracking (Auditing and
Documentation for current project, future needs and LL)
Risk Types – 1. Business (Gain or Loss) 2.
Pure Risk (Only Risk of Loss)
Attitude about Risk – Should be made
explicit, Communication about risk should be honest and open. Risk response
reflects organizations perceived balance between risk taking and risk avoidance.
Some one who does not want to take risks is said to be Risk Averse.
Tolerance and Threshold – Tolerance are
areas of risk that are acceptable or unacceptable. A threshold is the amount of
risk that is acceptable. You use this information to help assign levels of risk
on each work package.
Risk Identification
IP: EE Factors, OP assets, project scope
statement (assumptions), risk management plan(R&R, RBS, risk provisions),
project management plan
Tools:
Documentation reviews, info gathering techniques (Brainstorming, Delphi
tech, interviewing, RCA, SWOT); Check List
Analysis - based on Historical information of previous similar projects.
The lowest level of RBS is used as Risk Checklist; Assumption analysis style="font-style:italic">; Diagramming tech: C&E, system/process
flow chart, influence diagram,
OP: Risk Register
Delphi tech: is a way to reach a consensus
of experts, questionnaire is sent to solicit ideas and responses are summarized
and re-circulated to the experts. Consensus is reached in few rounds. It helps
to reduce bias in the data and keeps any one perform fro having undue influence.
Qualitative Risk Analysis: focuses on
prioritizing risks using probability and impact of the risk as well as time
frame and risk tolerance. It also leads to over all risks of the project. It is
also known as Risk assessment.
IP: OP assets, project scope statement,
RMP, Risk Register,
TT: Risk probability and impact
assessment, Probability and impact matrix, Risk data quality assessment, Risk
Categorization (based on common causes, using RBS/WBS/Phases), Risk urgency
assessment.
OP: risk register (updates)
Quantitative Risk Analysis: it assigns
numerical ranking to the prioritized risks primarily uses Monte Carlo Simulation
and Decision Tree Analysis. It should be redone after RRP and RMC to asses risk
reduction.
IP: OP Assets, Scope Statement, RMP, Risk
Register, PMP (SMP, CMP).
TT:
Expert Judgment
Data Gathering and Representation Techniques
Interviewing,
Probability
Distribution
Beta Distribution and
Triangular Distribution
can use
ordinal or cardinal values. Both uses 3 point estimates and are continuous
distribution. Decision tree uses representation of discrete distribution.
Uniform distribution can be used when no obvious value in early concept stage of
design.
Quantitative Risk Analysis and Modeling Techniques
Sensitivity
Analysis – Determine which risks have most potential impact,
Tornado style="font-family:"Trebuchet MS";font-size:11.0pt"> Diagram
(compares relative importance of variables that have a high degree of
uncertainty to those more stable)
Expected
Monetary Value – Opportunity expressed as Positive, Risk expressed as negative
example Decision tree. Modeling and Simulation is recommended for Cost &
Schedule Risk analysis because they are more powerful and less subject to misuse
than EMV analysis.
Decision
tree analysis – Shows available choices and their possibilities with more
complex process than EMV. It assumes mutual exclusivity.
Modeling and
Simulation – Done using
Monte Carlo Technique style="font-family:"Trebuchet MS";font-size:11.0pt">. In
simulation project model is calculated many time (iterated), with the input
values randomized from a probability distribution function and a probability
distribution is made.
Cost Risk Analysis style="font-family:"Trebuchet MS";font-size:11.0pt"> use CBS or
WBS.
Schedule Risk analysis use PDM.
OP: Risk Register (updates)
Risk Response planning: it creates owner
for each agreed to and funded risk. Risks responses are developed in risk
planning and risk response planning stage
IP: RMP, Risk Register
TT: Strategy for negative risk (avoid,
transfer, mitigate), Strategy for positive risk ( exploit, share, enhance), for
both acceptance, contingent response strategy,
OP: Risk Register (Updates), PMP
(updates), Risk related contractual agreement.
Risk Management Control
Process of identifying, analyzing and planning for newly arising risks, keeping
track of identified risks and those on the watch list, reanalyzing existing
risks, monitoring trigger condition for contingency plans, monitoring residual
risks and reviewing the execution of the risk responses and their effectiveness.
IP: RMP, Risk Register, App CRs, work
performance Info
TT: Risk reassessment, Risk Audits,
Variance and trend analysis, Technical performance measurement, reserve
Analysis, Status Meetings (RM is an agenda)
Risk Audits:
examine and document the effectiveness of risk responses in dealing with
identified risks and their root causes, well as the effectiveness of the risk
management process.
Variance and trend analysis:
reviewed using performance data, EV anal and other methods used. Measure overall
project performance deviation from baseline indicating the potential impact of
threats or opps.
Technical performance measurement:
compares technical accomplishments during project ececution to the PMP’s
schedule of technical achievement. Reveals degree of success in achieving
project’s scope.
Reserve Analysis: style="font-weight:normal;font-family:"Trebuchet MS";font-size:11.0pt">
it monitors contingency reserves remaining to the amount of risk remaining at
any time in the project in order to determine if the remaining reserve is
adequate.
OP: Risk register (updates), CRs,
recommended CAs and Pas, OP asset (update), PMP (update)
Risk Register – (O/P of Risk
Identification)
margin-top:0in;margin-bottom:0in;font-family:"Trebuchet MS";font-size:11.0pt"
type="1">
List of Identified Risks
(including root causes and assumptions)
List of
Potential Responses
Root causes
of Risks
Updated Risk
Categories (RBS which is developed in RMP is enhanced or amended)
Updates after Qualitative Risk Analysis
margin-top:0in;margin-bottom:0in;font-family:"Trebuchet MS";font-size:11.0pt"
type="1">
Relative Ranking or Priority
list of Project Risks
Risks
grouped by categories
List of Risk
requiring Response in the near term
Watch list
of low priority risks
Trends in
Relative Risk analysis results
Updates after Quantitative Risk Analysis
margin-top:0in;margin-bottom:0in;font-family:"Trebuchet MS";font-size:11.0pt"
type="1">
Probabilistic Analysis of the
project: this output typically expressed as a cumulative distribution is used
with stakeholder risk tolerances to permit quantification of the cost and time
contingency reserves
Probability
of Achieving Cost and Time Objective
Prioritized
List of Quantified Risks
Trends in
Quantitative Risk Analysis Results
Updates after Risk Response Planning
margin-top:0in;margin-bottom:0in;font-family:"Trebuchet MS";font-size:11.0pt"
type="1">
Identified Risks, their
descriptions, areas of the project and how they affect project objectives
Risk owners
and their responsibilities
Agreed upon
response strategies
Symptoms and
warning signs of risks occurrence
Budget and
Schedule activities required to implement the chosen responses
Contingency
reserves of Time and Cost and Triggers.
Fallback
plan
Residual and
Secondary Risks
Risk Response Planning
Techniques
Strategies for Negative Risks or Threats
Avoidance (elimination/abatement)
Eliminate the threat posed by an adverse risk. Can be done by changing the
Project Plan or protecting (isolating) project objectives from its impact. Or
relaxing time, cost, scope and quality or cut scope
Mitigation (reduction) Reduce the Expected
Monetary Value by reducing probability or impact. Float can be use to mitigate
potential risks. Reduction in the probability or impact of an adverse risk.
Adoption less complex processes, conducting more tests, stable supplier.
Transfer Deflect or share (eg. Insurance,
warranties). Shifts the negative impact of a threat to a third party it doesn’t
eliminate it, insurance, performance bonds, warranties, guarantees etc,
Strategy for positive Risks or opps
Exploit: assigning better quality resource
to reduce time to complete
Share: allocating ownership to third party
who has expertise.
Enhance: by facilitating or strengthening
the cause of the opportunity, targeting its trigger.
Strategy for both
Acceptance Accept or retain consequences.
2 types: Active Acceptance (develop a
contingency reserve) or Passive
Acceptance (no action).
Residual Risks – Risks that are expected
to remain after planned responses have been taken, as well as those have been
deliberately accepted.
Secondary Risks – Risks that arise as a
direct outcome of implementing a risk response.
Recommended Corrective Actions – For Risk
monitor and Control include Contingency plans
and workaround plans.
Workaround Unplanned response to negative
risk events (requires to be impacted by the risk first).Work around plans are
not initially planned but are required to deal with emerging risks that were
previously unidentified or accepted.
Contingency Plan Planned action steps to
be taken if an identified residual risk occurs. (e.g. developing alternative
activity sequences). It is for the risks which are accepted.
Contingency Reserve: calculated based on
the quantitative analysis of the project and organization’ risk thresholds.
Fall Back Plan: It is plan executed when
contingency plan is not effective.
Risk database style="font-style:italic"> - A repository that provides for
collection, maintenance, and analysis of data gathered and used in the risk
management processes.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| style="margin:0in;font-family:"Trebuchet MS";font-size:11.0pt;color:black"> 68.3% |
|
| style="margin:0in;font-family:"Trebuchet MS";font-size:11.0pt;color:black"> 95.5% |
|
| style="margin:0in;font-family:"Trebuchet MS";font-size:11.0pt;color:black"> 99.7% |
|
|
|
|
The range of an estimate with the smallest range is the least risky.
Documentation
Risk Management Plan – would most likely
be developed during scope planning phase of the scope management process.
Decision Tree Analysis - 1. Takes into
account future events in trying to make decision today
2. It calculates EMV in more complex situations 3. Involves mutual exclusivity
Fall back Plan – Specific actions that
will be taken if the contingency plan is not effective.
No comments:
Post a Comment