1 / 38

Project Risk Management

Project Risk Management. Project Risk Management Processes. Risk Management Planning : deciding how to approach and plan the risk management activities for a project Risk Identification : determining which risks might effect the project and documenting their characteristics

tammy
Download Presentation

Project Risk Management

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Project Risk Management

  2. Project Risk Management Processes • Risk Management Planning : deciding how to approach and plan the risk management activities for a project • Risk Identification : determining which risks might effect the project and documenting their characteristics • Qualitative Risk Analysis : performing a qualitative analysis of risks and condition to prioritize their effect for project objectives • Quantitative Risk Analysis : measuring the probability and consequences of risks and estimating their implications for project objectives • Risk Response Planning : developing procedures and techniques to enhance opportunities and reduce threats to the project objectives • Risk Monitoring and Control : monitoring residual risks, identifying new risks, executing risk reduction plans, and evaluating their effectiveness throughout the project life cylce.

  3. Project Risk Management

  4. Project Risk Management • Risk management must be done during the whole life of the project • All risks have a probability > 0 and < 100% • A risk event that has a probability = 100% is not a risk

  5. Risk Tolerance Risks that may not be considered as important to the project are : • Risks that have very high probabilities and very low impacts, and • Risks that have very low probabilities and very high impacts Risks we need to worry about are those that have a reasonably high probability and high impact

  6. Steps in risk management Practices

  7. Idetifikasi Resiko Analisis Proyek untuk mengidentifikasi sumber resiko Resiko diketahui Penilaian Resiko Resiko baru Menilai resiko dalam hal : - Tingkat keparahan dampak - Kemungkinan terjadi - Kemampuannya untuk dapat di kontrol PROSES MANAJEMEN RESIKO Penilaian resiko Menyusun Respons Resiko baru Mengembangkan strategi untuk mengurangi kerusakan yang mungkin terjadi Menyusun rencana kontingensi Rencana Manajemen Resiko Mengendalikan Respons Resiko Resiko baru Implementasi strategi resiko Memonitor dan menyesuaikan rencana untuk resiko baru Manajemen perubahan

  8. Risk Assessment & Control • Risk Assessment • Identification – what are the risks? Make a list!(Or borrow one for ideas) • Analysis – assess risk likelihood and impact; find possible alternatives • Prioritization – which risks to focus on? Sort risks by impact • Risk Control • Management planning – mitigation planning, ensure consistency among plans • Resolution – actively manage and resolve each risk when it occurs • Monitoring – track progress toward risk resolution; and identify new risks

  9. How to Identify Risks • Start with a typical list of software risks • Review development plan • Critical Paths • Critical Staff Members • Critical Vendor Deliveries • Critical Milestones • Review Requirements • Review Technical Design • Review Past Projects

  10. How to Identify Risks (Continued) • Conduct Risk Brainstorming Sessions with Staff, Users, Vendors, Customers, and Management • Try to assess the direction of thinking by third parties as they may give an indication of future requirements, expectations, or vendor changes. • If your dependent on vendors, try to understand their business situation. • Get as much input as possible!

  11. Risks Identification Techniques • Documentation reviews • Brainstorming • Delphi technique • Nominal group technique • Crawford slip • Expert interviews • Analogy

  12. Documentation review • Reviewing lessons learned and risk management plans from previous projects • Reviewing WBS, contract obligations, project baseline for scope, schedule and budget, resource avaibilities, staffing plans, suppliers

  13. Brainstorming • Meeting is called to make a comprehensive list of risks • participants : 10 to 15 • The meeting < 2 hours • Participants can name risks • No discussion • Another participants give new ideas for possible risks

  14. Delphi Technique • Similar to brainstorming but the participants do not know one another (anonymous) • useful if the participants are some distance away (particularly using email) • Process : • Facilitator distributes quesionnaire to the participants to submit risk ideas • Facilitator catagorize and clarify the responses, then circulate to the participant for comments or addition

  15. Nominal Group Technique • The facilitator instructs each of the participants to privately and silently list his or her idea on a piece of paper • The facilitator takes each piece of paper and lists the ideas on a flip chart or blackboard, then make discussion • Now ranks the ideas in order of importance, again in secret • This technique is faster and require less effort of the facilitator than Delphi Tech.

  16. Crawford Slip • It does not require as strong a facilitator as the other techniques • It produces ideas very quickly < 1/2 hour • Process : • The facilitator asks question • The participants write down the answer • After one minute, the facilitator ask the same question and the participants have to make different answer • This is repeated 10 times

  17. Analysis, Exposure, & Prioritization • For Each Risk: • Determine Probability of Occurrence • What is the likelyhood of occurrence? • Determine Impact • What is the impact if it occurres? • Determine Exposure • What will we lose if the risk occurs? • For All Risks: • Prioritize • Where should we put our limited resources?

  18. Analysis, Exposure, Prioritization: How? • Various Techniques Available But Key is Experience • Individual • Organizational • Don’t Rely on Just Yourself - Get lots of Inputs

  19. Risk Assessment: A Simple Classification & Tracking Method • Probability of Occurrence vs Impact • 1 to 5 Scale • Priorities • Red - High • Yellow - Med • Green - Low • Review/Present Chart Periodically

  20. Risk Assessment: Probability Methods • Can we quantitize the risk? • For Each Risk: • For Each Possible Action: • Estimate Probability of an Given Outcome P(O) • Estimate $ Loss of an Given Outcome L(O) • Multiply the P(O) by L(O) to give $ exposure for the unwanted outcome • Sum all $ exposures for each Possible Action • Compare the $ exposures • Calculate Risk Leverage • (Risk Exposure Before Reduction - Risk Exposure After Reduction) / (Cost of Risk Reduction)

  21. Example Risk Assessment Using Probability Method

  22. Detectiondifficulty-LMH Severity-LMH Chance-LMH When Risk event Risk Assessment Matrix

  23. Top 10 Risks • Personnel Shortfalls • Staffing with Top Talent • Job Matching • Team Building • Morale Building • Cross-Training • Pre-scheduling Key People Software Risk Management: Principles and Practices, B.W. Boehm, IEEE Software, Jan., 1991, pg. 32-41

  24. Top 10 Risks • Unrealistic Schedules and Budgets and/or Underestimating Problem Complexity • Detailed multisource cost and schedule estimation • Design to Cost • Incremental Development • Software Reuse • Requirements Scrubbing

  25. Top 10 Risks • Developing the Wrong Software Functions • Domain Analysis • (Organizational Analysis/Mission Analysis) • Operational Concept Formulation • User Surveys • Prototyping • Early User Manuals

  26. Top 10 Risks • Developing the Wrong User Interface • Prototyping • Scenerios • Task Analysis • Gold Plating • Requirements Scrubbing • Prototyping • Cost-Benefit Analysis • Design to Cost

  27. Top 10 Risks • Continuing Stream of Requirements • High Change Threshold • Information Hiding • Incremental Development • (defer changes to later increments)

  28. Top 10 Risks • Shortfalls in Externally Performed Tasks • Reference Checking • Pre-award Audits • Award-fee Contracts • Competitive design or prototyping • Team Building

  29. Top 10 Risks • Shortfalls in Externally Furnished Components • Benchmarking • Inspections • Reference Checking • Compatability Analysis • Examples: • Compilers • Development Environments • Target Hardware

  30. Top 10 Risks • Real-Time Performance Shortfalls • Simulation • Benchmarking • Modeling • Prototyping • Instrumentation • Tuning • Performance Parameter Allocations

  31. Top 10 Risks • Straining Computer Science Capabilities or Introduction of New Technology to an Organization • Technical Analysis • Cost-Benefit Analysis • Prototyping • Reference Checking • Staff Training • Example: • Use of a new language, tool, or method

  32. Risk Control • Risk Reduction • Contingency Planning • Monitoring Risks Response Planning

  33. Risk Reduction • Avoiding Risk : Avoid the risk completely • Modifying project requirements • Transferring the Risk : Move the impact of the risk to some other party, sharing risk • By allocation to other systems, Buying Insurance to cover financial loses, Subcontracting • Mitigating the Risk : reduce the probability or impact of the risk • adding additional tests, hiring duplicate suppliers, adding more expert personnel, designing prototypes • performance bond, guarantees

  34. Contingency Planning • Some risks cannot be reduced • Plan for risk occurrence • Why? • Reduces “Crisis” atmosphere • Reduces chance of mistakes • Reduces time to correct

  35. Perencanaan Kontingensi • Rencana Kontingensi adalah sebuah rencana alternatif yang akan digunakan jika suatu peristiwa resiko yang diperkirakan belum menjadi kenyataan. • Mencegah penundaan keputusan, kepanikan, dan pengambilan keputusan di bawah tekanan.

  36. Matriks Respons Resiko

  37. Monitoring • Periodic Review of Risk Status • Changes in Probabilities or Impacts • Changes in Avoidance/Mitigation/Contingency Plans • Periodic Review of Project to Identify New Risks • Implementation of Risk Avoidance or Mitigation Plans • Keep Management and Customers Informed!!! • Frequent Risk Reviews

  38. Accept, reduce,share, transfer Contingencyplan Risk event Trigger Responses to Risk Matrix

More Related