Risk Management and Response Simplified

Posted on by Cody H

Risk Management is the process by which you predict, single out, measure, and take care of any risk factor that might make itself present throughout the course of a project’s lifespan. These snags are not always easily foreseeable, but successfully predicting and handling them are essential to successful projects in nearly any industry, and at all levels. The most effective strategies will allow a project manager to see a the strengths and weaknesses of a project or process before it’s even out of the planning stages.

Risk Management in Action

Let’s say the IT department is going purchase and phase in a new CRM suite for a company’s sales team. Upper management wants this project done in a month and a half, but the IT department predicts that, due to quirks in connecting the old CRM’s data with the new program, that the project will likely take closer to three months.

In this instance, a proactive project manager would begin developing solutions to projected problems immediately, before these problems occur. While reactive managers are just that–reactive–a project manager who is committed to hitting the one and a half month deadline may actually do just that, even though a risk assessment predicts that it would take longer. When solutions to likely problems are already on hand, valuable time isn’t lost reacting to a problem that was already predicted.

PMBOK Guideline Processes

PMI’s Project Management Body of Knowledge is a set of standard terminology and guidelines for project management that evolves over time. Boston University’s online Master of Science in Business Continuity, Security, and Risk Management program has aggregated the six processes for managing project risk. From their blog post:

  1. Plan Risk Management: This process describes how you intend to plan, execute and control risks.
  2. Identify Risks: The Identify Risks process documents all risks and opportunities and their characteristics in a risk register.
  3. Perform Qualitative & Quantitative Risk Analysis: These two processes assess the impact and likelihood of identified risks and then quantifies their value numerically.
  4. Plan Risk Responses: As the name suggests, we need to respond to opportunities and threats. Responses may include preventing, transferring and mitigating.
  5. Implement Risk Responses: This is the new process belonging to the Executing Process Group in the 6th edition of PMBOK which deals with implementing risk responses.
  6. Monitor & Control: Once the project is underway risks need to be monitored and managed proactively via this process.

These six steps will not help anybody reduce the likelihood of risk, but it will reduce the magnitude of impact if an event does occur.

Source of Risk

The first steps in risk management involve identifying sources of risk to your project. These sources are either going to be internal or external. Business Improvement Architects mentions that your various internal sources of risk might be:

  • Top management not recognizing the importance of your project
  • A multitude of projects occurring at the same time
  • Impossible schedule commitments
  • Lack of delegation of responsibility in project
  • Problems with team members and team dynamics
  • Unrealistic planning, scheduling, or funding allocations

Though this list is not definitive, these internal sources are the ones that most companies have most control over from the get-go, and are much easier to assess and prepare for. External sources are going to break down into both unpredictable and predictable sources, such as natural disasters or unforeseen regulatory requirements. Along with risk management programs, you’ll want to implement disaster recovery programs as well to cover your bases during worst-case scenarios. These measures include services such as colocation and data recovery services to ensure that downtime is minimized and business, as well as projects, can get back on track as quickly as possible.

An Ongoing Process…

Just because you’ve developed a risk management plan doesn’t mean that the risk management process is over. From the inception of the project (and even before, often times) until the project has reached completion, you will be constantly monitoring and managing risk. It’s a natural part of a project manager’s life. However, with the right tools and the right mindset, no obstacle will be too tall an order to overcome, and no risk will become a hindrance to your project.