Professional Documents
Culture Documents
Take A Risk - Part 2
Take A Risk - Part 2
Print
Close
In the first installment of this two-part series, we looked at risk management planning, risk identification and
qualitative risk analysis. In this installment, we continue with a look at quantitative risk analysis, risk
response planning and risk monitoring and control.
How does this impact your project? This process adds two important elements to your project planning
process. The first is the results of the probabilistic analysis which provides decision-makers with data on the
probabilities of hitting various cost and schedule targets, taking into account the various options and
decision paths available to the organization. The second is the concept of expected value, which is derived
by multiplying the probability of occurrence of a risk event by the magnitude or value of the impact of the
risk. The expected value of a risk event gives you an idea of your expected financial loss in the event that
the risk occurs. But more importantly, expected value tells you how much you should realistically spend on
your risk responses. You should generally try not to spend more in dealing with the risk than how much you
expect to lose if that risk does occur.
How does this impact your project? Here is where the risk rubber meets the road. Once you have identified
your risks and figured which risk merit the most attention, the PMBOK risk response plan will help you define
the most appropriate strategy to adopt for every identified risk. The risk response plan will also help define
accountability for your risk response strategies by associating every risk with a risk owner who will be
http://www.gantthead.com/articles/articlesPrint.cfm?ID=217628 10/21/2008
Page 2 of 2
responsible for tracking and dealing with the risk. For the risks that you accept, your contingency plans and
reserves will help protect the project from potential cost overruns in the event of those risk events occurring.
How does this impact your project? Risk management doesn't end with the identification, assessment and
handling of risk. You will be performing risk audits and risks reviews to control risk and verify that your risk
response strategies and the people you have assigned responsibility for those risks are effective. Risks can
and will happen at any point in your project lifecycle, and you need to constantly check your project for the
effectiveness of your risk management plans, and quickly correct your plans if things aren't working out as
you had envisioned.
Risks are also hardly static entities and constantly mutate to changing project conditions. Risk monitoring
and control will help ensure that you are able to keep up these changes by constantly monitoring risks to
discover changes in the impact of identified risks. The results of your risk monitoring and control entered into
a risk database which will provide essential historical information for the management of future projects.
Geoff Choo helps plan, design, implement, and manage enterprise software development projects for Northern Italian companies.
He can be reached at gantt.head@tiscali.it.
http://www.gantthead.com/articles/articlesPrint.cfm?ID=217628 10/21/2008