Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
SlideShare a Scribd company logo

PMP Training - 11 project risk management

Download as PPTX, PDF
ejlp12
ejlp12

The document discusses project risk management processes including: 1) Planning risk management to define the approach and ensure sufficient resources. 2) Identifying risks through various techniques like brainstorming and checklists. 3) Analyzing risks qualitatively by assessing probability and impact, and quantitatively using tools like decision trees. 4) Developing responses like mitigation plans, contingency plans and fallbacks to enhance opportunities and reduce threats. 5) Monitoring and controlling risks, residual risks, and the effectiveness of the risk management process.

1 of 32
Created by ejlp12@gmail.com, June 201011 - Project Risk ManagementProject Management Training
Project Risk ManagementMonitoring &Controlling ProcessesPlanningProcessesEnter phase/Start projectExit phase/End projectInitiatingProcessesClosingProcessesExecutingProcesses
Project Risk ManagementRisk is an uncertain event or condition that, if occurs, has an effect on at least one project objective.Risk management objectives:increase the probability and impact of positive events (opportunities).decrease the probability and impact of negative events (threat).Terms & concepts:Uncertainty: a lack of knowledge about an event that reduces confidenceRisk averse: someone who does not want to take risks.Risk tolerances: area of risk that are acceptable/unacceptable.Risk thresholds: the point at which a risk become unacceptableRemember that in this area there is no activity in executing process groupProject Risk Management
11.1 Plan Risk ManagementThe process of defining how to conduct risk management activities for a project.
Plan Risk ManagementImportance of Risk Management PlanningEnsure that the degree, type, and visibility of risk management are commensurateProvide sufficient resource and time for risk management activitiesEstablish an agreed-upon basis for evaluating risk Risk CategoriesA standard list of risk categories can help to make sure areas of risk are not forgotten.Companies and PMO should have standard list of risk categories to help identify risk.2 Main type of RiskBusiness – Risk of gain or lossPure (insurable) risk – Only a risk of loss (i.e. fire, theft, personal injury, etc)Sources of risk = risk categories
Risk categories may be structured into Risk Breakdown Structure (RBS)Risk Management PlanRisk management plan describe how risk management will be structured and performed on the project.Subset of project management plan.May includes:Methodology
Roles & responsibilities
Budgeting
Timing
Risk categories.
Definition of probability and impact
Stakeholder tolerances
Reporting formats
Tracking
Probability and impact matrix (?)8.2 Identify RiskThe process of obtaining seller responses, selecting a seller, and awarding a contract.Q: Who should be involved in risk identification? A: EVERYONE
Identify RiskRisk should be continually reassessed (iterative) such as in integrated change control activity, when working with resources, when dealing with issues.Information gathering techniquesBrainstormingDelphi technique: Expert participate anonymously; facilitator use questionnaire; consensus may be reached in a few rounds; Help reduce bias in the data and prevent influence each others.Interviewing: interviewing experts, stakeholders, experienced PMRoot cause analysis: Reorganizing the identified risk by their root cause may help identify more risksChecklist analysis: checklist developed based on accumulated historical information from previous similar projectAssumption analysis: identify risk from inaccuracy, instability, inconsistency, incompleteness.SWOT analysis – Strengths, Weaknesses, Opportunities, ThreatsDiagramming techniquesCause and effect diagrams (fish-bone diagram)System or process flow charts.Influence diagramsshow the casual influences among project variables, the timing or time ordering of events, and the relationships among other project variables and their outcomes.excellent for displaying a decision’s structureDescribed in Quality ManagementRisk RegisterAfter Indentify Risk process the output is initial entries into the risk register. It includes:
List of risk
List of POTENTIALresponses
Root causes of risks
Updated risk categories11.3 Perform Qualitative Risk AnalysisThe process of prioritizing risks for further analysis of action by assessing and combining their probability of occurrence and impact.
Qualitative Risk AnalysisHelp to focus on high priority risksA subjective analysisAnalysis using…Relative probability or likelihood of occurrenceImpact on project objectiveTime frame responseOrganization’s risk toleranceEtc.Can be also used to:Compare risk to the overall risk of other projectsDetermine whether the project should be selected, continued or terminated.Determine whether to proceed to Perform Quantitative Risk Analysis
Probability Impact MatrixDifferent matrices can be used for cost, time, scopeIt helps guide risk responses (priority action & response strategies)Colors shows level of importance
Probability Impact MatrixDifferent matrices can be used for threats and opportunitiesSample fromPMBOKImage Source: PMBOK Guide 4th Edition. PMI © 2009, p.292
Risk Register UpdatesUpdate/add additional information to previous output i.e. Risk Register, which include:Relative ranking/priorityRisk grouped by categoriesList of risk requiring additional analysis in the near termList of risk for additional analysis and responseWatch-list (non-critical or non-top risks)TrendsSince risk analysis process is iterative, PM should know if risk is increasing, decreasing or staying the sameCause of risk requiring particular attention
11.4 Perform Quantitative Risk AnalysisThe process of numerically analyzing the effect of identified risks on overall project objectives.If not necessary, this process may be skipped.
Quantitative Risk AnalysisIs a numerical evaluation (more objective)This process may be skipped.Purpose of this processDetermine which risk events warrant a response.Determine overall project risk (risk exposure).Determine the quantified probability of meeting project objectives.Determine cost and schedule reserves.Identify risks requiring the most attention.Create realistic and achievable cost, schedule, or scope targets.
Quantitative Risk Analysis: Tools & TechniquesDetermining Quantitative Probability and Impact might be done by: InterviewingCost and time estimatingDelphi techniqueUse of historical records from previous projectsExpert judgmentSensitivity analysis – tornado diagramExpected monetary value (EMV) analysis Decision treeMonte Carlo analysis (simulation)
Decision Tree and EMVEVM used with Decision Tree to choose between many alternative which take into account the future eventsExample:Example Source:
Sensitivity AnalysisTo determine which risks have the most potential impact to the projectChanging one or more elements/variables and set other elements to its baseline then see the impact.One typical display of sensitivity analysis is the tornado diagram
Risk Register UpdatesUpdate/add additional information to previous output i.e. Risk Register, which include:Prioritize list of quantified risksAmount of contingency time and cost reserve neededPossible realistic and achievable completion dates, project cost, with confidence levelThe quantified probability of meeting project objectivesTrends
11.5 Plan Risk ResponseThe process of developing option and action to enhance opportunities and to reduce threats to project objectives.
Plan Risk Responses/MitigationDo something to eliminate threats before they happensDo something to make sure the opportunities happensDecrease the probability and/or impact of threatsIncrease the probability and/or impact of opportunities For the remaining (residual) threats that cannot be eliminated:Do something if the risk happens (contingency plan).Do something if contingency plan not effective (fallback plan)

More Related Content

PMP Training - 11 project risk management

  • 1. Created by ejlp12@gmail.com, June 201011 - Project Risk ManagementProject Management Training
  • 2. Project Risk ManagementMonitoring &Controlling ProcessesPlanningProcessesEnter phase/Start projectExit phase/End projectInitiatingProcessesClosingProcessesExecutingProcesses
  • 3. Project Risk ManagementRisk is an uncertain event or condition that, if occurs, has an effect on at least one project objective.Risk management objectives:increase the probability and impact of positive events (opportunities).decrease the probability and impact of negative events (threat).Terms & concepts:Uncertainty: a lack of knowledge about an event that reduces confidenceRisk averse: someone who does not want to take risks.Risk tolerances: area of risk that are acceptable/unacceptable.Risk thresholds: the point at which a risk become unacceptableRemember that in this area there is no activity in executing process groupProject Risk Management
  • 4. 11.1 Plan Risk ManagementThe process of defining how to conduct risk management activities for a project.
  • 5. Plan Risk ManagementImportance of Risk Management PlanningEnsure that the degree, type, and visibility of risk management are commensurateProvide sufficient resource and time for risk management activitiesEstablish an agreed-upon basis for evaluating risk Risk CategoriesA standard list of risk categories can help to make sure areas of risk are not forgotten.Companies and PMO should have standard list of risk categories to help identify risk.2 Main type of RiskBusiness – Risk of gain or lossPure (insurable) risk – Only a risk of loss (i.e. fire, theft, personal injury, etc)Sources of risk = risk categories
  • 6. Risk categories may be structured into Risk Breakdown Structure (RBS)Risk Management PlanRisk management plan describe how risk management will be structured and performed on the project.Subset of project management plan.May includes:Methodology
  • 15. Probability and impact matrix (?)8.2 Identify RiskThe process of obtaining seller responses, selecting a seller, and awarding a contract.Q: Who should be involved in risk identification? A: EVERYONE
  • 16. Identify RiskRisk should be continually reassessed (iterative) such as in integrated change control activity, when working with resources, when dealing with issues.Information gathering techniquesBrainstormingDelphi technique: Expert participate anonymously; facilitator use questionnaire; consensus may be reached in a few rounds; Help reduce bias in the data and prevent influence each others.Interviewing: interviewing experts, stakeholders, experienced PMRoot cause analysis: Reorganizing the identified risk by their root cause may help identify more risksChecklist analysis: checklist developed based on accumulated historical information from previous similar projectAssumption analysis: identify risk from inaccuracy, instability, inconsistency, incompleteness.SWOT analysis – Strengths, Weaknesses, Opportunities, ThreatsDiagramming techniquesCause and effect diagrams (fish-bone diagram)System or process flow charts.Influence diagramsshow the casual influences among project variables, the timing or time ordering of events, and the relationships among other project variables and their outcomes.excellent for displaying a decision’s structureDescribed in Quality ManagementRisk RegisterAfter Indentify Risk process the output is initial entries into the risk register. It includes:
  • 20. Updated risk categories11.3 Perform Qualitative Risk AnalysisThe process of prioritizing risks for further analysis of action by assessing and combining their probability of occurrence and impact.
  • 21. Qualitative Risk AnalysisHelp to focus on high priority risksA subjective analysisAnalysis using…Relative probability or likelihood of occurrenceImpact on project objectiveTime frame responseOrganization’s risk toleranceEtc.Can be also used to:Compare risk to the overall risk of other projectsDetermine whether the project should be selected, continued or terminated.Determine whether to proceed to Perform Quantitative Risk Analysis
  • 22. Probability Impact MatrixDifferent matrices can be used for cost, time, scopeIt helps guide risk responses (priority action & response strategies)Colors shows level of importance
  • 23. Probability Impact MatrixDifferent matrices can be used for threats and opportunitiesSample fromPMBOKImage Source: PMBOK Guide 4th Edition. PMI © 2009, p.292
  • 24. Risk Register UpdatesUpdate/add additional information to previous output i.e. Risk Register, which include:Relative ranking/priorityRisk grouped by categoriesList of risk requiring additional analysis in the near termList of risk for additional analysis and responseWatch-list (non-critical or non-top risks)TrendsSince risk analysis process is iterative, PM should know if risk is increasing, decreasing or staying the sameCause of risk requiring particular attention
  • 25. 11.4 Perform Quantitative Risk AnalysisThe process of numerically analyzing the effect of identified risks on overall project objectives.If not necessary, this process may be skipped.
  • 26. Quantitative Risk AnalysisIs a numerical evaluation (more objective)This process may be skipped.Purpose of this processDetermine which risk events warrant a response.Determine overall project risk (risk exposure).Determine the quantified probability of meeting project objectives.Determine cost and schedule reserves.Identify risks requiring the most attention.Create realistic and achievable cost, schedule, or scope targets.
  • 27. Quantitative Risk Analysis: Tools & TechniquesDetermining Quantitative Probability and Impact might be done by: InterviewingCost and time estimatingDelphi techniqueUse of historical records from previous projectsExpert judgmentSensitivity analysis – tornado diagramExpected monetary value (EMV) analysis Decision treeMonte Carlo analysis (simulation)
  • 28. Decision Tree and EMVEVM used with Decision Tree to choose between many alternative which take into account the future eventsExample:Example Source:
  • 29. Sensitivity AnalysisTo determine which risks have the most potential impact to the projectChanging one or more elements/variables and set other elements to its baseline then see the impact.One typical display of sensitivity analysis is the tornado diagram
  • 30. Risk Register UpdatesUpdate/add additional information to previous output i.e. Risk Register, which include:Prioritize list of quantified risksAmount of contingency time and cost reserve neededPossible realistic and achievable completion dates, project cost, with confidence levelThe quantified probability of meeting project objectivesTrends
  • 31. 11.5 Plan Risk ResponseThe process of developing option and action to enhance opportunities and to reduce threats to project objectives.
  • 32. Plan Risk Responses/MitigationDo something to eliminate threats before they happensDo something to make sure the opportunities happensDecrease the probability and/or impact of threatsIncrease the probability and/or impact of opportunities For the remaining (residual) threats that cannot be eliminated:Do something if the risk happens (contingency plan).Do something if contingency plan not effective (fallback plan)
  • 33. Strategies for ThreatsAvoidEliminate the threat entirelyIsolate project objectives from the risk’s impactTransfer (Deflect, Allocate)Shift some or all the negative impact of a threat to a third partyMitigateImplies a reduction in the probability and/or impact of an adverse risk event to be within acceptable threshold limitsAcceptDeal with the risksProject management plan is not changedTransferring a risk will leave some risk behind.
  • 34. Strategies for OpportunitiesExploitSeek to ensure the opportunities definitely happenShareAllocate some or all of the ownership of the opportunity to a third party who is best able to capture the opportunity for the project benefit.EnhanceIncrease the probability and/or the positive impacts of an opportunity.AcceptNot actively pursuing an opportunity
  • 35. 11.6 Monitor & Control RiskThe process of ..implementing risk response plans, tracking identified risks, monitoring residual risks, identifying new risks, and evaluating risk process effectiveness throughout the project.
  • 36. Risk Monitoring & ControllingOther purposes are to determines if Project assumptions are still validRisk has changed or can be retiredRisk management policy & procedure are being followedAlign contingency reserves with current risk assessment
  • 38. Important TermsMutual Exclusive: if two events cannot both occur in a single trialProbability: something will occurNormal Distribution: common probability density distribution chart Statistical independence: the probability of one event occurring does not affect the probability of another event occurringStandard deviation (or Sigma): how far you are from the mean3 or 6 sigmaRepresent the level of quality has decided to try to achieve6σ is higher quality standard than 3σUsed to calculate the upper and lower control limits in a control chart
  • 39. Example: Definition of Risk Probability and ImpactThis should be defined in Risk Management PlanRequired for Perform Qualitative Risk AnalysisCan reduce the influence of biasImage Source: PMBOK Guide 4th Edition. PMI © 2009, p.281
  • 40. Example: Risk Breakdown Structure (RBS)Showing risk categorizationHelp to ensure a comprehensive process of systematically identifying risk to a consistent level of detailImage Source: PMBOK Guide 4th Edition. PMI © 2009, p.281
  • 41. Example: Influence DiagramDiagramming technique used when Identify RiskDecision NodeValueNodeUsagedecisionTestSurveyEconomicValueNet ValueChance event NodeHumanExposureCancerCostCancerRiskCarcinogenicpotentialImage Source: Influence Diagram & Decision Trees, Lecture slide MHA 6350, Dr. Lloyd R. Burton
  • 42. Next topic: Project Procurement ManagementThank You