Professional Documents
Culture Documents
SPM WEEK 10 Risk Management
SPM WEEK 10 Risk Management
SPM WEEK 10 Risk Management
Contents
• What is a Risk
• Categories of Risk
• Risk Management Approaches
• Framework for Dealing with Risk
• Risk Identification
• Risk Analysis
• Risk Planning
• Risk Monitoring
• Effects
• Testing takes longer than planned
• Planned effort and time for activities exceeded
• Project scope increases
• Time delays in getting changes to plan agreed
Negative Risk
• A dictionary definition of risk is “the possibility
of loss or injury”
6
Risk Can Be Positive
• Positive risks are risks that result in good things
happening; sometimes called opportunities
7
Residual and Secondary Risks
• It’s also important to identify residual and
secondary risks
• Residual risks are risks that remain after all of
the response strategies have been
implemented
• Secondary risks are a direct result of
implementing a risk response
8
Risk Categories
• Organisational risks.
• Requirements risks.
• Estimation risks/Financial Risk
• Market risk
• Technology risk
• People risk
• Structure/process risk
Continue….
Risk type Possible risks
Organizational 1. Organization is restructured so that different
management is responsible for the project.
2. Organizational financial problems force reduction
in the budget.
Specification delays Project and Specification of essential interfaces are not available on
product schedule
Technology change Business The underlying technology in which the system is built is
superseded by new technology
Risk Planning
• Interviewing
• SWOT analysis
Risk Identification - Checklists
• Brainstorming
• Representatives of the main stakeholders of the project, are
brought together , in order to identify the problems that might
occur using their individual knowledge of different parts of the
project.
• This collaborative approach may generate a sense of ownership
in the project.
Interviewing
27
SWOT Analysis
28
Risk Analysis and Prioritization
• This can be done by estimating the risk exposure for each risk.
Risk Exposure (RE)= (potential damage) × (probability of
occurrence)
Risk Analysis and Prioritization
• The higher the RE, the more attention or priority is given to the
risk.
Risk Analysis and Prioritization
• Risk Avoidance
• Some activities are so prone to accident that it is best to avoid
them altogether.
• For example to avoid all the problems associated with
developing software solutions from scratch, a solution could be
to
• Retain to existing clerical methods.
• To buy an off-the-shelf solution.
Risk Planning
• Risk Transfer:
• In this case the risk is transferred to another person or
organization.
• For example a software development task is outsourced for a
fixed fee.
Risk Monitoring and management
45
Example
55
Risk Register Contents
(continued)
• Triggers for each risk; triggers are indicators or
symptoms of actual risk events
• Potential responses to each risk
• The risk owner or person who will own or take
responsibility for each risk
• The probability and impact of each risk occurring
• The status of each risk
56
Template for a Risk Register
Risk Mitigation, Monitoring
and Management (RMMM) Plan