ist 302 project risk management

17
11/9/2015 1 IST 302 Project Risk Management Why Do We Care? Risk management can improve project success Helps Select good projects Determine project scope Develop realistic estimates KPMG study (~2000) 55% of poor projects did no risk management

Upload: others

Post on 27-Mar-2022

0 views

Category:

Documents


0 download

TRANSCRIPT

Microsoft PowerPoint - 11_riskMgmt.pptxWhy Do We Care?
• Helps  – Select good projects
– Determine project scope
– Develop realistic estimates
• KPMG study (~2000) – 55% of poor projects did no risk management
11/9/2015
2
Scope 3.45 3.25
Time 3.41 3.03
Cost 3.22 3.20
Quality 3.22 2.88
HR 3.20 2.93
Communications 3.53 3.21
Risk 2.87 2.75
Procurement 3.01 2.91
0%
20%
40%
60%
80%
100%
Percentage of Respondents Citing Benefit
KLCI Research surveyed 260 software organizations in 2001  and several common cited benefits of risk management. 
11/9/2015
3
Deciding how to approach and plan the risk management activities
Risk Analysis
Quantitative: Measuring the probability and consequences of risks and estimating their effects
Qualitative: Characterizing and analyzing risks and prioritizing their effects on project objectives
Identifying Risks
Determining which risks are will affect a project and documenting the characteristics of each
Planning Risk Response
Taking steps to enhance opportunities and reduce threats to obtaining project objectives
Risk Monitoring and Control
Project Risk Management Processes
Risk management is like insurance.
A risk is an uncertain event or condition that, if it  occurs, has a positive or negative effect on a project.
11/9/2015
4
Risk utility is the amount of satisfaction or pleasure  received from a potential payoff.
ut ili
11/9/2015
5
• How will risk management be performed on this project? What tools and data sources are available and applicable?
• Which people are responsible for implementing specific tasks?
• What are the estimated costs and schedules for performing risk- related activities?
• What are the main categories of risk? Is there a risk breakdown structure?
• How will probabilities and imapcts be assessed?
• Have stakeholders’ tolerances changed?
Questions Addressed in a Risk Management Plan
• Creeping user requirements
• Unanticipated acceptance criteria
• Unanticipated integration issues
11/9/2015
6
A risk breakdown structure is useful in identifying  potential risks in a categorical way.
Business
Competitors
Suppliers
The Standish Group identified success criterion and relative  weights.
11/9/2015
7
Planning to Handle Risks
• Contingency Plans – Predefined actions that the project team will take if an  identified risk event occurs
• Fallback Plans – Developed for risks that have a high impact on meeting  project objectives
• Contingency Reserves – Provisions held by the project sponsor that can be used to  mitigate cost or schedule risk if changes in scope or quality  occur
• Market risk – Will the new product be useful to the organization or marketable to 
others?  Will users accept and use the product or service?
• Financial risk – Can the organization afford to undertake the project?  Is this project 
the best way to use the company’s financial resources?
• Technology risk:  – Is the project technically feasible? Could the technology be obsolete 
before a useful product can be produced?
Categories of Risk
• Tools and techniques include
11/9/2015
9
Qualitative Risk Analysis assess the likelihood and impact of  identified risks to determine their magnitude and priority
• Tools and techniques include 
– Expert judgment
Quantitative Risk Analysis provides formal numerical analysis usually  based on the outputs of the qualitative analysis.
11/9/2015
10
Avoidance
Four Strategies 
Risk Response Planning defines how the project will  respond to risks as they occur.
Technical Risks Cost Risks Schedule Risks
Emphasize team support  and avoid standalone  project structure
Improve communication, project goals  understanding, and team  support
Select the project manager  most experienced
Increase project manager  authority
Increase project manager  authority
Improve problem handling  and communication
Increase the frequency of  project monitoring
Use WBS and CPM
Use WBS and CPM
Use WBS and CPM
• Controlling risks  – Involves carrying out the risk management plans
• Workarounds are unplanned responses to risk events that  must be done when there are no contingency plans
Results of Good Project Risk Management
• Good project risk management often goes unnoticed
• Wellrun projects appear to be almost effortless
Project managers should strive to make their jobs look  easy to reflect the results of wellrun projects
11/9/2015
12
• Probability/Impact matrixes
– Plots the relative probability of a risk occurring vs. the  relative impact of the risk occurring 
• The Top 10 Risk Item Tracking technique
– Periodic review of the top 10 risk items
• Expert judgment
Simple Probability/Impact Matrix
Risk Prob. Impact Response
Average team member leaves
High Low Ensure plan has contingency to allow for less  than expected resource availability
Key team member  leaves
Medium Medium Ensure project includes good knowledge sharing  and documentation.
Solution doesn’t meet  business needs
Low High Ensure sufficient participation of diverse  stakeholder base
Insufficient user  participation
High Medium Ensure supporting sponsors are aware of the  importance of participation.
Significant change in  business needs
Medium High Plan project to be agile to respond efficiently to  changes.
Technical solution has  major flaws
Low High Ensure testing is sufficiently planned and  supported. Have fallback plan to rev to previous  system.
Technical solution has  operational flaws
High Low Ensure processes, resources, and responsibilities  for ongoing maintenance are established early.
Examples of Common Risks
Risk Prob. Impact Response
System Failure High Medium Invest in fault tolerant components and  redundancy. Ensure disaster recovery plans are  established.
Infrastructure sizing  inadequate to meet  demands
Medium Medium Plan for scalability.
Users fail to use  system effectively and  efficiently
Medium Medium Plan for a detailed training needs analysis.  Consider how to coach and support users after  deployment.
Users resist change High High Use change management experts to assess the  issues and create a change program.
Examples of Common Risks
11/9/2015
14
A more complex approach is to try to quantify the risk.
• Quantify the probability of failure • Quantify the consequence of failure
• Compute the risk factor:
RF = (PF + CF) – (PF * CF)
RF : Risk Factor PF : probability of failure CF : consequence of failure
Value Maturity HW/SW Complexity HW/SW
Support Base
0.5 Major Change Fairly Complex Several Parallel  Programs
0.7 Complex/New Design
0.9 Completely Novel Extremely Complex No additional  programs
Sample Categorization: Probability of Failure (PF)
11/9/2015
15
Schedule  Factor
Confident  Reduce DT
Unconfident  On Schedule
Unconfident  Reduce DT
Figure 11-3, Schwalbe
• Expected Monetary Value
– Diagramming method used to select a best course  of action
– Type of decision tree / probability tree
• Simulation
What’s expected value?
Project 1
Project 2
PW = 0.2
PL = 0.8
P1 = 0.2
P3 = 0.7
Project 1:
Decision trees can get very complex when risks have  interdependencies.
How are probabilities computed?
P1
P2