Project Risk Management
Project Risk Management
Project Risk Management
Knowledge Area
Process
Initiating Planning Executing Monitoring & Contol Closing
Risk Plan Risk ManagementIdentify RiskPerform Qualitative Risk AnalysisPerform Quantitative Risk AnalysisPlan Risk Response
Monitor and Control Risks
Enter phase/Start project
Exit phase/End project
InitiatingProcesses
ClosingProcesses
PlanningProcesses
ExecutingProcesses
Monitoring &Controlling Processes
Perform Quantitative Risk Analysis
• The process of numerically analyzing the effect of identified risks on overall project objectives.
Inputs
1. Risk register2. Risk management plan3. Cost management plan4. Project scope statement5. Organizational process assets
Tools & Techniques
1. Data gathering and representation techniques
2. Quantitative risk analysis and modeling techniques
3. Expert judgment
Outputs
1. Risk register updates
If not necessary, this process may be skipped.
Quantitative Risk Analysis
• Is a numerical evaluation (more objective)• This process may be skipped.
• Purpose of this process– Determine which risk events warrant a response.– Determine overall project risk (risk exposure).– Determine the quantified probability of meeting project objectives.
– Determine cost and schedule reserves.– Identify risks requiring the most attention.– Create realistic and achievable cost, schedule, or scope targets.
•Data Gathering and Representation Techniques• • Interviewing. quantify the probability and
impact of risks on project objectives. For instance, information would be gathered on the optimistic (low), pessimistic (high), and most likely scenarios for some commonly used distributions.
Probability distributions. Continuous probability distributions, used in modeling and simulation represent the uncertainty in values such as durations of schedule activities and costs of project components.
Quantitative Risk Analysis and Modeling TechniquesCommonly used techniques include both event-oriented and project-oriented analysis
Sensitivity Analysis
• To determine which risks have the most potential impact to the project• Changing one or more elements/variables and set other elements to its baseline then see the impact.
• One typical display of sensitivity analysis is the tornado diagram
Decision Tree and EMV
• EMV used with Decision Tree to choose between many alternative which take into account the future events
• Example:
(Impact) ty)(ProbabiliEVM
Expected monetary value
P=0.2
P=0.8
P=0.2
P=0.1P=0.7
outcome
300.000$
- 40.000$
- 50.000$
- 20.000$
60.000$
EMV
300.000x0.2 =60.000
-40.000x0.8 =-32.000
-50.000x0.2 =-10.000
-20.000x0.1=-2.000
60.000x0.7 =42.000
=28.000$
=30.000$
• Modeling and simulation.(Monte Carlo technique)
• A project simulation uses a model that translates the specified detailed uncertainties of the project into their potential impact on project objectives.
• Iterative simulations are typically performed using the Monte Carlo technique.
Risk Register Updates
• Update/add additional information to previous output i.e. Risk Register, which include:
– Prioritize list of quantified risks– Amount of contingency time and cost reserve needed– Possible realistic and achievable completion dates, project cost, with confidence level
– The quantified probability of meeting project objectives– Trends
Plan Risk Response
• The process of developing option and action to enhance opportunities and to reduce threats to project objectives.
Inputs
1. Risk register2. Risk management plan3. Cost management plan4. Project scope statement5. Organizational process assets
Tools & Techniques
1. Strategies for negative risks or threats
2. Strategies for positive risks or opportunities
3. Contingent response strategies
4. Expert judgment
Outputs
1. Risk register updates2. Risk-related contract decisions
3. Project management plan updates
4. Project document updates
Plan Risk Responses
• Do something to eliminate threats before they happens• Do something to make sure the opportunities happens• Decrease the probability and/or impact of threats• Increase the probability and/or impact of opportunities
• For the remaining (residual) threats that cannot be eliminated:– Do something if the risk happens (contingency plan).– Do something if contingency plan not effective (fallback plan)– The risks result in applying risk response strategy is called
(secondary risk)– The risk trigger is events that trigger the contingency response– Workaround is unplanned risks
Strategies for Threats
1- Avoid– Eliminate the threat entirely– Example: remove dangerous test or person or material from project
Strategies for Threats
• 2-Transfer (Deflect, Allocate)
– Shift some or all the negative impact
of a threat to a third party
Example : insurance or outsource the
work
Strategies for Threats
• 3-Mitigate– Implies a reduction in the probability and/or impact of an adverse risk event to be within acceptable threshold limits
• Example : provide training for team members, Wear a helmet head
Strategies for Threats
• 4- Accept– Deal with the risks– Project management plan is not changed
• Example : Increasing material prices (contingency)
Strategies for Opportunities
• Exploit– Seek to ensure the opportunities definitely happen
– Example: allocate experience manpower in critical path to complete project early
Strategies for Opportunities
• Share– Allocate some or all of the ownership of the opportunity to a third party who is best able to capture the opportunity for the project benefit.
– Example: buy machine
Strategies for Opportunities
• Enhance– Increase the probability and/or the positive impacts of an opportunity.
– Example: negotiation for the equipment earlier to secure lower price
Strategies for Opportunities
• Accept– Not actively pursuing an opportunity
– Example: decrease material price
Monitor & Control Risk
• The process of ..– implementing risk response plans, – tracking identified risks, – monitoring residual risks, – identifying new risks, and – evaluating risk process effectiveness throughout the project.
Inputs
1. Risk register2. Project management plan
3. Work performance information
4. Performance report
Tools & Techniques
1. Risk reassessment2. Risk audits3. Variance and trend analysis
4. Technical performance measurement
5. Reserve analysis6. Status meetings
Outputs
1. Risk register updates2. Organizational process assets updates
3. Change requests4. Project management plan updates
5. Project document updates
• Risk Reassessment• Monitor and Control Risks often results in
identification of new risks, reassessment of current risks , and the closing of risks that are outdated.
• Project risk reassessments should be regularly scheduled.
.
• Risk Audits• Risk audits examine and document the
effectiveness of risk responses in dealing with identified risks and their root causes, as well as the effectiveness of the risk management process
QUESTIONS?
1- Heba is a Project Manager for software migration at a bank. A major risk that has been identified is attrition of resources. As a strategy to respond to this risk, Heba, with support from Senior Management, provides good increments to his team members. What type of risk response is heba following?
A-Accept
B-Avoid
C-Transfer
D-Mitigate
2-Which of these is not a valid response to positive risks?
A-Exploit
B-Mitigate
C-Enhance
D-Share
3-After conducting a SWOT Analysis, you have determined that a business deal is worth pursuing. You are required to use Agile development practices. In your company, there is no expertise in Agile development. Hence, you partner with another organization that specializes in Agile development. This is an example of:
a) Sharing a Positive Risk
b) Mitigating a Negative Risk
c) Exploiting a Positive Risk
d) Accepting a Negative risk
4-During which stage of Risk planning are modeling
techniques used to determine overall effects of
risks on project objectives for high probability, high
impact risks?
A-Risk identification
B-Risk response planning
C-Qualitative risk analysis
D-Quantitative risk analysis
• 5-if the team cannot identify a suitable
response to an identified risk . Which risk
response would they apply?
A- avoidance
B-acceptance
3- mitigation
4-transference
Thank you