Professional Documents
Culture Documents
SPM WEEK 10 Risk Management
SPM WEEK 10 Risk Management
• What is a Risk
• Categories of Risk
• Risk Management Approaches
• Framework for Dealing with Risk
• Risk Identification
• Risk Analysis
• Risk Planning
• Risk Monitoring
What is Risk
• Effects
• Testing takes longer than planned
• Planned effort and time for activities exceeded
• Project scope increases
• Time delays in getting changes to plan agreed
Negative Risk
8
Types of Risks
Project Risks
• Organisational risks.
• Requirements risks.
• Estimation risks/Financial Risk
• Market risk
• Technology risk
• People risk
• Structure/process risk
Sociotechnical model for Risk
Categories
•A different way to categorize risks is a sociotechnical
model proposed by Kalle Lyytinenand and his colleagues,
presented as
Continue…
Risk Planning
• Interviewing
• SWOT analysis
Risk Identification - Checklists
• Brainstorming
• Representatives of the main stakeholders of the project, are
brought together , in order to identify the problems that might
occur using their individual knowledge of different parts of the
project.
• This collaborative approach may generate a sense of ownership
in the project.
Interviewing
32
SWOT Analysis
33
Risk Analysis and Prioritization
• This can be done by estimating the risk exposure for each risk.
Risk Exposure (RE)= (potential damage) × (probability of
occurrence)
Risk Analysis and Prioritization
• Risk Avoidance
• Some activities are so prone to accident that it is best to avoid
them altogether.
• For example to avoid all the problems associated with
developing software solutions from scratch, a solution could be
to
• Retain to existing clerical methods.
• To buy an off-the-shelf solution.
Risk Planning
• Risk Transfer:
• In this case the risk is transferred to another person or
organization.
• For example a software development task is outsourced for a
fixed fee.
Risk Monitoring and Management
51
Example
• Risk reduction’ will usually incur some cost regardless of the risk
materializing or not.
• The cost of a contingency measure will only be incurred if the risk
actually materializes.
• However, there may be some things that have to be done in order for
the contingency action to be feasible.
• An obvious example is that back-ups of a database have to be taken if
the contingency action when the database is corrupted is to restore it
from back-ups. There would be a cost associated with taking the back-
ups.
Risk Monitoring – Continued….
61
Risk Register Contents
(continued)
• Triggers for each risk; triggers are indicators or
symptoms of actual risk events
• Potential responses to each risk
• The risk owner or person who will own or take
responsibility for each risk
• The probability and impact of each risk occurring
• The status of each risk
62
Template for a Risk Register
Risk Mitigation, Monitoring
and Management (RMMM) Plan