MANAGING PROJECT RISK

PGM4814
Post Graduate Diploma in Project
Management
PROJECT RISK MANAGEMENT PLAN

2
THE RISK MANAGEMENT PLAN

• Risk Management Plan

– Ties together the project risk management processes and summarizes the proposed risk management
approach for the project
– Is usually included as a section in the Project Plan.

• The Risk Management Plan describes:

– The process which will be used to identify, analyze and manage risks initially and throughout the life of the
project;
– How often risks will be reviewed, the process for review and who will be involved;
– Who will be responsible for which aspects of risk management;
– How risk status will be reported and to whom;
– The initial snapshot of the major risks; impact and probability; planned risk response strategies (risk register);
and
– Who will be responsible for implementing them (on risk register?)

3
PROJECT RISK MANAGEMENT AND CORPORATE
RISK MANAGEMENT

4
PROJECT AND CORPORATE RISK MANAGEMENT

• Projects may trigger a significant risk to the parent organization or other units of the organization – e.g.,
a new product arising from a project may trigger a competitor into launching a new product, or project
team members or partners may bring about regulatory non-compliance
• Project risk management may result in secondary or residual risks that do not capture the attention of
the corporate decision-makers
• Traditional risk management leaders within the organization have not been involved in the project
strategic planning process, leading to new risks not being considered by management.
• Solutions –
– Effective enterprise risk management (ERM) should be adopted within the organisation
– Project managers should proactively think about risks that the project exposes the organization to
and vice versa, during risk management processes
– Use of a project risk management maturity (PRMM) for project-based organizations
PROJECT vs. CORPORATE RISK MANAGEMENT
Risk that project outcomes undermine existing Risk that project ’work-arounds’ or processes lead
core products or strategic initiatives to IT security protocol breaches

Marketing,
Sales & Production & Finance/ Human Legal &
IT
Customer Distribution Treasury Resources Compliance
Service Risk that
project
Risk No. 1 Risk No. 1 Risk No. 1 contractual or
Risk No. 1 Risk No. 1 Risk No. 1 operational
Risk No. 2 relationships
contravene
Risk No. 2 Risk No. 2
compliance.,
Risk No. 3 legal
Risk No. 2 Risk No. 2 Risk No. 2 requirements
Risk No. 3 Risk No. 3 Risk No. 4

Risk that a new competitor launches an innovative Risk that project HR contractual or working
product or service in response arrangements breach HR protocols

Risk No. 1 Risk No. 2 Risk No. 3 Risk No. 4 Risk No. …
 PROJECT RISK MANAGEMENT MATURITY
• Project risk management maturity (PRMM) refers to the competency or proficiency of an
organisation to implement project risk management (PRM) process
• project risk management maturity (PRMM) for project-based organization
• The efficacy of a PRMM however diminishes for organizations with lower level of project
complexity or less frequent use of projects
Level Description
Level 1: Initial Process The organization does not have a method or approach related to
PRM, the process is only done on an ad hoc basis, management
awareness related to project risk management is very low
Level 2: Structured There is a PRM process but it is only used for large scale project,
Process and Standards management has supported the implementation of project risk
management
Level 3: Organizational All PRM processes have standards for all projects and can be
Standards and reused, the processes and standards used by the organization
Institutionalized Process are formally documented
Level 4: Managed The PRM process has been integrated with organizational
Process processes and systems, management has mandated to comply
with the PRM process, there is an analysis of project performance
Level 5: Optimizing There is a process to measure the effectiveness and efficiency of
Process the project, there are lessons learned, management is more
focused on continuous improvement
RISK MANAGEMENT AND THE PROJECT LIFE
CYCLE

8
THE PROJECT RISK MANAGEMENT PROCESSES

Revisiting the project risk management

process…
RISK MANAGEMENT AND THE PROJECT LIFE CYCLE
• Project Risk Management must be
performed at all stages of the project
life cycle, with a proportional level of
effort, tools and techniques expended
• Generic project life cycle:
• Defining
• Planning
• Executing
• Delivering

10
RISK MANAGEMENT AND THE PROJECT LIFE CYCLE
• Project Risk Management must be performed at all stages of the project life cycle,
with a proportional level of effort, tools and techniques expended

11
RISK MANAGEMENT AND THE PROJECT LIFE CYCLE
Tools Outcomes • projects Value-added
- PESTEL - Established project context - Starting point for risk identification
- SWOT - Identified preliminary risk - Clarity on project environment &
Pre-project - Stakeholder analysis sources structures
- PESTEL - Initial risks - Starting point for extra risk identification
- SWOT - Mapped events, causes and - Early view of risks
- Analogy effects, outcomes
- Stakeholder analysis
Conception - Document reviews
- Brainstorming, affinity diagramming

- Project plan analysis (estimates, schedule) - Detailed risk list - Less obvious risks uncovered
- WBS analysis - Mapped events, causes and - Major risks identified
- Interviews effects, outcomes
- Analysis of assumptions
- Document reviews
Definition - Delphi
- Flowcharts, process flowcharts
- Cause and effect diagrams/ Wishbone diagrams

- Risk management plan - More complete risks - Benefit from the experience of others
- Checklists
Execution - Specifications
- Risk management plan - Cross-checked list - Mapping of the list to the WBS
Handover - Checklists Added risks from review of WBS
- Specifications

Post-project - Project audits - Detail for complete risk statement

- Close-out reports
RISK MANAGEMENT AND THE PROJECT LIFE CYCLE
• For Agile projects

13
STAGE GATES FOR RISK ASSESSMENTS

• Each project life cycle phase is separated from the previous and subsequent phases by evaluation and approval
points termed gates
• At gates the project must first get through approval before it can continue to the next phase
• This is an opportunity for the project manager to formalize and standardize procedures for risk analysis and
management in each stage (e.g., by using making it part of the deliverables in each stage)

Risk
breakdown
structure Updated Risk Risk
Concept
Project risk (RBS), Risk Management sharing, risk
risks for
management Management Plan, risk transfer
business
during the Plan register agreements
case, CBA
phase

Project Life Pre-

Concept Definition Execution
Cycle Model planning

Decision Decision Decision Decision

Project gates Gate 1 Gate 2 Gate 3 Gate 4

14
END

15 15