Project Management/Risk



Risk Project risk management is the art and science of identifying, analyzing, and responding to risk throughout the life of a project and in the best interests of meeting project objectives. A frequently overlooked aspect of project management, risk management can often result in significant improvements in the ultimate success of projects. Risk management can have a positive impact on selecting projects, determining their scope, and developing realistic schedules and cost estimates. It helps project stakeholders understand the nature of the project, involves team members in defining strengths and weaknesses, and helps to integrate the other project management knowledge areas.

Objectives and Skills
Objectives and skills for the risk portion of Project+ certification include:
 * Outline the components of a risk management plan
 * Initial risk assessment
 * Risk matrix
 * Risk register
 * Risk response strategies
 * Stakeholder risk tolerance
 * Using the risk management plan determine an appropriate response to potential risk / opportunity events
 * Perform qualitative and quantitative risk analysis
 * Opportunities
 * Sharing
 * Exploiting
 * Enhancing
 * Threats
 * Avoidance
 * Acceptance
 * Mitigation
 * Update risk register with appropriate changes

Objectives and skills for the schedule portion of Project+ PK0-004 certification include:
 * Explain the importance of risk strategies and activities.
 * Strategies
 * Accept
 * Mitigate
 * Transfer
 * Avoid
 * Exploit
 * Risk activities
 * Identification
 * Quantification
 * Planning
 * Review
 * Response
 * Register
 * Prioritization
 * Communication

Readings

 * 1)  Risk management
 * 2)  Risk management plan
 * 3)  Risk breakdown structure
 * 4)  Risk assessment
 * 5)  Risk register
 * 6)  Risk Matrix
 * 7) Qualitative Risk Analysis

Multimedia

 * 1) YouTube: Definitions of Risk
 * 2) YouTube: What is Project Risk Management?
 * 3) YouTube: What is a Risk Register and When To Use It
 * 4) YouTube: Probability and Risk Matrix
 * 5) YouTube: Project Management Concept #2: Qualitative Risk Analysis vs Quantitative Risk Analysis
 * 6) YouTube: Controlling Risks

Activities

 * 1) Brainstorm with your team members to create a list of risks associated with your current project (10 total).
 * 2) Develop a SWOT analysis based on identified risks from your current project.
 * 3) * Place the strengths, weaknesses, opportunities and threats in a table.
 * 4) * Rank each based on the greatest impact on the outcome of the project.
 * 5) Review  Risk breakdown Structure.
 * 6) * Create a risk breakdown structure for identified risks in your current project.
 * 7) Establish a Risk Register using the identified risks from your current project.
 * 8) * Draw a register using the following components: risk name, risk description, cause of risk, impact, probability, response to risk, risk owner, and risk status.
 * 9) Review YouTube: Probability and Risk Matrix: Risk Management | PMI-RMP Certification Training | PMI RMP Exam Tips.
 * 10) * Read Risk.
 * 11) * Build a Risk Matrix using the risks identified in your current project.
 * 12) * Use scale of 1-5 for probability and a scale of 1-3 for impact.
 * 13) * Calculate Risk score (impact X probability).
 * 14) * Prioritize list of risks (high to low).
 * 15) Review YouTube: Drawing a Decision Tree & Expected Monetary Values.
 * 16) * Draw a decision tree diagram and calculate the EMV to determine which vendor to choose using the following scenario:
 * 17) * You are about to start working on a major project for your organization. The company wants you to obtain two bids from vendors they have worked with in the past to do part of the work on the project.  Vendor A and Vendor B both bid $10,000 to do the work.  Vendor A has a 50% probability of coming in on time and on budget, a 30% chance of going $20,000 over budget and a 20% chance of being $10,000 under budget.  On the other hand, Vendor B has a 30% chance of of delivering on time with no additional costs, a 40% of going $15,000 over budget and a 30% of being $10,000 under budget.

Lesson Summary

 * Risk, is an event that will impact something or someone in a positive or negative way. Two factors that affect risk include the likelihood of the event occurring and the consequences of it occurring. Positive risks result in opportunities, whereas negative risks result in threats to the project.
 * Risk assessment involves answering six questions:
 * What is the purpose of the project?
 * What possible benefits or hindrances could alter the project's outcome?
 * Which identified risks are most important?
 * Which identified risks will have the greatest impact?
 * What should the response be to these identified risks?
 * What changes have occurred due to responding to these risks?
 * There are different responses to risks depending on the nature of a risk. Responses to positive risks include exploitation, enhancement, sharing and acceptance.  On the other hand, responses to negative risks include avoidance, mitigation, transference and acceptance.
 * Exploitation ensures that the opportunity associated with the risk definitely occurs.
 * Enhancement increases the impact and/or the probability of the opportunity that results from the risk.
 * Sharing allocates the ownership of the opportunity that results to a third party to ensure the benefits from the risk occur.
 * Acceptance of a positive risk means being willing to take advantage of the opportunity that may arise as a result of the risk.
 * Avoidance tries to eliminate the risk or its impact entirely from the project.
 * Mitigation reduces the impact and/or the probability of the risk from occurring.
 * Transference shifts the impact of the risk and its response to a third party.
 * Acceptance of negative risks acknowledges that risks may occur, but takes no action until the risk surfaces.
 * Risk management is a process therefore to identify, analyze, respond, monitor and control risks that may arise when working on a project.
 * In order to avoid risk or take advantage of risk, first we have to identify it and classify it. The goal of Risk Management is to take adequate action when classified events may harm, delay, or change the course of a developing project.
 * The Risk Management Plan is a continuous process that occurs throughout the duration of the project because only identified risks can be properly managed.  Its aim is to increase the impact of positive risks while lessening the impact and probability of negative risks.
 * The assessment part is nothing else, but risk appraisal using qualitative and quantitative approaches, the assessment is done after identifying a risk.
 * Qualitative analysis looks at the qualities (impact and probability) related to risks by using a grading scale (high, medium, or low) or a numeric scale. Using a numeric scale allows for the calculation of a risk score. This type of analysis is subjective.
 * Quantitative analysis quantifies the impact of risk in relation to costs and schedule. This analysis is used to justify increasing the budget or using contingency reserves.
 * In order to quantify the impact of the risk, a few different techniques or specialized software can be used. These techniques include decision tree analysis, Expected Monetary Value (EMV) and Monte Carlo method.
 * One can also estimate risk by doing the following things: creating a Risk Breakdown Structure, using a Risk Matrix, and devising a Risk Register.
 * Risk Breakdown Structure is a tool that is used to identify risks. It is a comprehensive list of risk events that are likely to occur and it is organized hierarchy.  It uses a drill down technique to identify subcategories of risks.
 * Risk matrix is a tool that is used to prioritize the risks associated with a current project. Probability is plotted on the x-axis and impact is plotted on the y-axis. A score is generated when a numeric scale is used by multiplying impact and probability. The team determines what score is an acceptable and unacceptable level of risk.
 * Risk register is a log that catalogs the identified risks to the project and documents how the team plans to respond. The components that make up a risk register include the following: risk number, risk name, description, cause of risk, risk owner, risk response, probability of risk, impact of risk, and risk status. These tools allow one to assess how likely a risk will occur, the impact of the risk, and how to address these risks so that the project has a favorable outcome.

Key Terms

 * brainstorming
 * A group creativity technique by which efforts are made to find a conclusion for a specific problem by gathering a list of ideas spontaneously contributed by its members.


 * contingency plans
 * A plan devised for an outcome other than in the usual (expected) plan. It is often used for risk management when an exceptional risk that, though unlikely, would have catastrophic consequences. During times of crisis, contingency plans are often developed to explore and prepare for any event.


 * decision tree
 * A decision support tool that uses a tree-like graph or model of decisions and their possible consequences, including chance event outcomes, resource costs, and utility.


 * Delphi technique
 * A structured communication technique or method, originally developed as a systematic, interactive forecasting method which relies on a panel of experts. Delphi is based on the principle that forecasts (or decisions) from a structured group of individuals which are more accurate than those from unstructured groups.


 * flowcharts
 * A type of diagram that represents an algorithm, workflow or process, showing the steps as boxes of various kinds, and their order by connecting them with arrows. This diagram representation illustrates a solution model to a given problem.


 * influence diagram
 * A compact graphical and mathematical representation of a decision situation. ID is directly applicable in team decision analysis, since it allows incomplete sharing of information among team members to be modeled and solved explicitly.


 * interviewing
 * A conversation between two or more people where questions are asked by the interviewer to elicit facts or statements from the interviewee. Interviews are a standard part of qualitative research.


 * Monte Carlo analysis
 * A broad class of computational algorithms that rely on repeated random sampling to obtain numerical results.


 * probability/impact matrix
 * A matrix that is used during Risk Assessment to define the various levels of risk as the product of the harm probability categories and harm severity categories. This is a simple mechanism to increase visibility of risks and assist management in decision making.


 * residual risks
 * The risk or danger of an action or an event, a method or a (technical) process that, although being abreast with science, still conceives these dangers, even if all theoretically possible safety measures would be applied (scientifically conceivable measures).


 * risk
 * The intentional interaction with uncertainty. Uncertainty is a potential, unpredictable, unmeasurable and uncontrollable outcome, risk is a consequence of action taken in spite of uncertainty.


 * risk activities
 * The identification, evaluation, and prioritization of risks followed by coordinated and economical application of resources to minimize, monitor, and control the probability or impact of unfortunate events or to maximize the realization of opportunities.


 * risk appetite
 * The level of risk that an organization is prepared to accept, before action is deemed necessary to reduce it. It represents a balance between the potential benefits of innovation and the threats that change inevitably brings.


 * risk averse
 * The behavior of humans (especially consumers and investors), when exposed to uncertainty, to attempt to reduce that uncertainty. It is the reluctance of a person to accept a bargain with an uncertain payoff rather than another bargain with a more certain, but possibly lower, expected payoff.


 * risk breakdown structure
 * A depiction of the identified project risks arranged in a hierarchy by category.


 * risk factors
 * A variable that is quantitatively associated with a disease or other outcome, but direct alteration of the risk marker does not necessarily alter the risk of the outcome.


 * risk management plan
 * A document that a project manager prepares to foresee risks, estimate impacts, and define responses to issues. It also contains a risk assessment matrix.


 * risk neutral
 * Preferences are neither risk averse nor risk seeking. A risk neutral party's decisions are not affected by the degree of uncertainty in a set of outcomes, so a risk neutral party is indifferent between choices with equal expected payoffs even if one choice is riskier.


 * risk register
 * A risk management tool commonly used in risk management and regulatory compliance. It acts as a central repository for all risks identified by the organization and, for each risk, includes information such as source, nature, treatment option, existing counter-measures, recommended counter-measures and so on.


 * risk seeking
 * A risk-seeker or risk-lover is a person who has a preference for risk.


 * risk strategies
 * A document that a project manager prepares to foresee risks, estimate impacts, and define responses to issues.


 * risk tolerance
 * A more specific measure of the degree of uncertainty that an investor is willing to accept in respect of negative changes to its business or assets, as opposed to risk appetite being a broad-based level.


 * sensitivity analysis
 * The study of how the uncertainty in the output of a mathematical model or system (numerical or otherwise) can be apportioned to different sources of uncertainty in its inputs.


 * workarounds
 * A bypass of a recognized problem in a system. A workaround is typically a temporary fix that implies that a genuine solution to the problem is needed.

Assessments

 * Flashcards: Project Management-Risk
 * Quiz: Quizlet: Project Management-Risk