Managing Risk in Computer Game Production Tony OakdenAGDC 2004

What is risk management?

How does it work in computer game development?

Do I need it?

What are the benefits?

IGA and risk managementImprove productivity

Developing publisher/developer relationship

Personal/professional development

Perceived benefitsIncreased productivity - efficiencies

Improved quality of product

Reduction in costs through increased efficiency

Greater confidence in project viability for developer and publisher

Unexpected benefits Team cohesiveness

Confidence in project viability

Structured approach to production management

Development of culture of risk awareness

Project goals and scope CostTimeQuality

Risk identification All team members encouraged to identify risks

No risks were dismissed until they had been analysed and given a risk rating

Gibs Law:Anything you need to quantify can be measured in some way that is superior to doing nothing at all

Analysing risksCombination of consequence and likelihood to produce a level of risk

Perceptions of risk vary depending on who is driving the process

Essential to make the risk management plan flexible and adaptable to changing demands

AS/NZS 4360:1999 Risk Management StandardRisk Matrix

Treatment of RisksAvoid

Avert/contingency

Transfer

Accept

Avoid risksAlter the scope of the project to remove the risk altogether

Avoidance and transfer are typically employed during the early planning stages of the project

Eg:Risk of producing a FPS engine from scratch extreme; treatment was to use Unreal engine

Avert/ContingencyMaintain a reasonable contingency throughout project

Build a model of accumulated risk

Contingency can be found in time, budget or quality and is commonly used to handle scheduling risks

Transfer risksInsurance

Contractors and third parties

Distribution of risk to various stakeholders

Accept risksSome risks have to be accepted despite their risk level

Meteorite strike - high consequence but very low likelihood

Employee illness - low consequence but high likelihood

Monitor and reviewEssential to monitor and review the implementation of treatment actions

This highlights any areas that require closer scrutiny, deployment of resources or alteration of risk level

CommunicationEssential to ensure open lines of communication between all stakeholders throughout the life of the project

Involve whole team ownership of the project and its associated risks

Beware of the temptation to

build the best there is

T:V examples of successful risk management

Volumetric shadows

Contingency planning of art assets

Scheduling of critical technology

T:V opportunities for improvement

Contingency allowance when integrating technology

Management of external resources

Acting on identified risks

Lessons learntEngagement and ownership

Flexibility and adaptability

Contingency

Risk management takes time but it is worth it

Summary Risk management takes time and resources but results in:Reduced risk of project deviationIncreased efficiencyIncreased qualityIncreased cost effectivenessIncreased job satisfaction

ReferencesAS/NZS 4360:1999 Risk Management StandardStandards Australia (update 2004)Project Management (G. R. Heerkens)ISBN: 0-07-137952-5Project Managers Toolbox (D. Z. Milosevic)ISBN:0-471-20822-1Project & Program Risk Management (PMI) ISBN: 1-880410-06-0Peopleware (De Marco & Lister)ISBN: 0-932633-43-9

Introduce myself Tony Oakden, Producer, IGA, Tribes Vengeance, 2.5 years, on budget and scheduleThis talk is about how IGA applied risk management to the production of Tribes VengeanceWell start with an over view looking at such things as why IGA became interested in risk management, what tangible benefits we gained, what unexpected benefits we gained, the risk management process we used. Then well look at risk assessment followed by a bit of audience participation.

Well hten move onto quantifying risks and talk about quantifying seriousness and probability of risks and using that to evaluate the overall seriousness of the risk. Well then have another short section of audience participation.

Some examples of actual risk management problems from T:V will be given both those that went right and wrong

Finally Ill draw some conclusions and suggest ways these techniques could be improvedThere are essentially four main stages in the risk management process

Identifictaion of risksanalysis leading to a level of riskTreatment of riskOngoing evaluationAll stakeholders should be involvedNo risk discounted at this staThe more risks identified the less risky the project because you are aware of themThe level of risk is a combination of likelihood.Estimation of risk level varies according to who is doing the assesment so it is important to get feedback from as many involved parties as possibleAs circumstances change so will the risk management planA Risk matrix is the tool we use to combine likelihood and consequence to determine the overall level of riskE.G risks with a very serious consequence but low likelihood (terrorist attack) have only a moderate level of riskRisks identified which are likely to occur and have a major impact on the project (major delays to art assets caused by technology coming in late) are rated as extreme risksSo we have looked at the identification and analysis of risks the next part of the process is the treatment. And there are four treatment methods I am going to focus on: Avoidance, Aversion, Transfer and acceptancePrevention is better than cureRisks which cannot be avoided still need to be controlled. Contingency is a common way of doing this in project managementIn our experience its best to maintain some contingency throughout the project rather than a lump sum at the end.Estimating how much contingency is difficult and consider accumulated riskSometimes its possible to transfer risks to a third partyLow impact risks can be acceptedItterative process throughout the project and after the project is completeEssential to maintain open Interactive: Risk assessment documentI used an XL spreadsheet for this but there are commercially available tools. But this worked fine for me.Rows risks identified, columns monitoring and review.Personal lesson learnt Anything which might delay production of assets is a high risk