1 / 22

Risk Management

Risk Management. The future can never be predicted with 100% accuracy. Failure to plan for risks leads crisis management or firefighting The lure of crisis management Attention and visibility Access to resources Rewards. What is a Risk?.

reeves
Download Presentation

Risk Management

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Risk Management • The future can never be predicted with 100% accuracy. • Failure to plan for risks leads crisis management or firefighting • The lure of crisis management • Attention and visibility • Access to resources • Rewards Computer Engineering 203 R Smith Risk Management 7/2009

  2. What is a Risk? • Risk is a measure of the probability and consequence of not achieving a defined project goal. • A probability of occurrence of that event. • Impact of the event occurring • Risks change though out the life of a project Computer Engineering 203 R Smith Risk Management 7/2009

  3. Risk Management • Risk management is the act or practice of dealing with risk. • Risk management is proactive rather than reactive. • Risk management is not a separate activity but rather on aspect of sound project management. Computer Engineering 203 R Smith Risk Management 7/2009

  4. Common Mistakes in Risk Management • Not understanding the benefits of Risk Management • Not providing adequate time or resources for Risk Management • Not identifying and assessing risk using a standardized approach Computer Engineering 203 R Smith Risk Management 7/2009

  5. Requirements for successful risk management • Commitment by stakeholders • Stakeholder responsibility • Planning for risk management • Creation of a risk management plan • Committing resources to risk management • Top 10 risk list • Determine a manageable number of risks Computer Engineering 203 R Smith Risk Management 7/2009

  6. Resources for Risk Management • When looking at the resources to commit to risk management, one needs to consider the overall project size and the impacts of the risks. • The Survival Guide recommends about 5% of the total project resources on specific risk management activities. Computer Engineering 203 R Smith Risk Management 7/2009

  7. Risk Management Planning • Risk management planning is a on going process. • Develop a plan for risk identification. • Determine the resources available for risks. • What is available beyond the ordinary? • This is a good time for out of the box thinking Computer Engineering 203 R Smith Risk Management 7/2009

  8. Simplified Risk Management Process • Risk identification • Risk analysis/evaluation • Risk planning strategies • Risk monitoring and control • Risk response Computer Engineering 203 R Smith Risk Management 7/2009

  9. Risk Identification • The need to proactively identify risks. • When an event happens it is too late to plan. • Tools for identifying risk • Brainstorming • Nominal Group Technique • Each member identifies their ideas • Each member writes an idea on the board until all ideas are listed Computer Engineering 203 R Smith Risk Management 7/2009

  10. Risk Identification • The group discusses each idea • Each individual ranks each of the ideas • The group then ranks all the ideas • Each individual ranks all the ideas again • Rankings are summarized • Delphi technique • Experts asked individually to provide input • Input summarized and distributed • Experts rank input Computer Engineering 203 R Smith Risk Management 7/2009

  11. Risk Identification • Strength, Weakness, Opportunities, Threats • Cause and effect diagrams • Past Projects Computer Engineering 203 R Smith Risk Management 7/2009

  12. Possible Risks • Creeping user requirements • Excessive schedule pressure • Low quality • Cost overruns • Poor estimates • Low customer satisfaction • Long schedules Computer Engineering 203 R Smith Risk Management 7/2009

  13. Qualitative Risk Analysis • Probability and Impact • Impacts a Software Project Manager is most likely to face: • Costs • Schedule • Quality • Probability is most often determined by expert opinion and historical data Computer Engineering 203 R Smith Risk Management 7/2009

  14. Qualitative Analysis • Cause and Effect Diagrams • Risk Impact Tables Computer Engineering 203 R Smith Risk Management 7/2009

  15. Quantitative Risk Analysis • Discrete probability distributions • Coin toss • Continuous probability distributions • Normal distribution or bell shaped curve • Running simulations • Using PERT to study the impact. • PERT does identify risks it only helps understand the impact Computer Engineering 203 R Smith Risk Management 7/2009

  16. Risk Response Planning • Who is going to detect when the risk occurs? • Who has the responsibility to respond and communicate? • What is the response? Computer Engineering 203 R Smith Risk Management 7/2009

  17. Risk Strategies • Factors impacting the strategy • Impact of the risk • Project constraints • Tolerances • Strategy • Accept or Ignore • Provide reserves • Contingency plans • Natural disaster/backup plans Computer Engineering 203 R Smith Risk Management 7/2009

  18. Risk Strategies • Avoidance, eliminate the risk • Mitigate, lessen the impact of the risk • Performance impact, provide extra hardware • Transfer the risk • Offsite backup planning • Server farms • Outside management Computer Engineering 203 R Smith Risk Management 7/2009

  19. Risk Monitoring and Control • Risk monitoring • Determine who is responsible for monitoring • How are risks monitored? • Project tracking, resources, quality, etc • Communicating the status of identified risks • Reviews and Audits • Once a risk is identified as occurring • Communicate • Take action Computer Engineering 203 R Smith Risk Management 7/2009

  20. Risk Response and Evaluation • Trigger the defined risk response plan • Identify the risk owner • Assign resources • Understand the impacts • PERTs, Dependencies • Communicate • Evaluate once action is taken • Is more action needed? • What additional risks are triggered? Computer Engineering 203 R Smith Risk Management 7/2009

  21. Common Software Project Risks • Discussion of common risks • Requirements: • Feature creep • Developer gold plating • Quality • Low quality • Squeeze on testing time • Over optimism • Schedules • Tools Computer Engineering 203 R Smith Risk Management 7/2009

  22. Common Software Project Risks • Resources • Not enough • Weak personnel • Contractor issues • Customer • Customer developer friction • Customer acceptance Computer Engineering 203 R Smith Risk Management 7/2009

More Related