Project Risk Management

What is Project Risk Management, and why bother?

Peter Drucker, Management Guru

·      According to Peter Drucker (1990):

·         Start with opportunity, not with risk

·         Ask - if this works, what will it do for us?

·         Then look at the risks

·      Drucker says there are three kinds of risk:

·         The risk we can afford to take

·         If it goes wrong it is easily reversible with only minor damage

·         The irreversible decision

·         When failure may do serious harm

·         The risk is great

·         But we cannot afford not to take it

Project Risk Management Description

Project Risk Management may be described as:

·         The application of art and science (i.e. judgment, techniques and tools) to recognizing and alleviating risk events throughout the project life cycle, and

·         Doing so in a way that is in the best interests of the project’s objectives

·         Especially during the implementation or execution phases

Project Risk Management Definition - 1

There are various definitions of risk management. For example:

·         A process whereby decisions are made to accept known or assessed risks and/or the implementation of actions to reduce the consequences or probability of occurrence

·         Association of Project Management (UK) APMP Syllabus 2nd Edition, January 2000, Abridged Glossary of Project Management Terms (Rev. 4)

Project Risk Management Definition - 2

Another example:

·         The systematic process of identifying, analyzing, and responding to project risk. It includes maximizing the probability and consequences of positive events and minimizing the probability and consequences of adverse events to project objectives

·         Guide to the Project Management Body of Knowledge, 2000 Edition, p127

Project Risk Management Definition - 3

But the one we like best of all is simply:

·         An organized assessment and control of project risks

·         (Because we thought of it!)

Why bother? - 1

·      Strictly speaking you cannot "manage" risks

·         You can only respond to a risk event

·      However, if you are ready with a well thought out response plan

·         The impact of the risk event may be significantly reduced

Why bother? - 2

But there is a more compelling reason:

·         Projects are undertaken to take advantage of some opportunity or other

·         But the outcome is always uncertain

·         Which means there is always a risk of them being less than successful due to untoward events

·         So, by examining the risks associated with project work

·         You may well find better alternatives

·         In other words, uncover additional opportunities

Can you be more specific?

The purpose of risk management is to:

·         Identify factors that are likely to impact on the project objectives of Scope, Quality, Time and Cost

·         Quantify the likely impact of each situation or event

·         Provide a baseline for those risks that are "Non-Controllables"

·         That is to say, they are outside the domain of the project manager's authority and responsibilities

·         And mitigate the impacts of risks that are controllable

·         By exercising influence over them

Caution!

Bear in mind that:

·         Risks are different for each project

·         They also change as the project progresses through its life span

·         Indeed, they change for each stage of each phase of each project

·         The continuing goal is to reduce risk

·         Wherever this can be achieved cost effectively

·         And without compromising quality

Concluding thought. . .

·      If you don't identify opportunities, they won't be in your field of view

·      If you don't actively attack risks, the risks will actively attack you!