Examples of the Projects That Have Used Risk Management - Contoso - Case Study Example

Risk Management Table of Contents Table of Contents 2 3 Introduction 4 0.Introduction to Principle 6: Risk Management 41.1.Risk identification/initiation 5 1.2.Risk Analysis 5 1.3.Response planning 6 1.4.Risk monitoring 6 1.5.Evaluation of risk 6 1.6.Risk control 6 2.0.Types of project risks and how they can be managed 8 2.1.Scope Risks 8 2.2.Schedule risks 9 2.3.Resource risk 10 2.4.Technology risks 10 3.0.Examples of the projects that have used risk management 11 3.1.IT projects 11 3.2. Business projects 12 Conclusion 13 References 14 Abstract In the current society, almost every sector is concerned with quality of either the product or service. The unanticipated problems cause major problems frequently on projects like the schedule delays, missing functionality and quality issues among others. The heart of risk management entails involves making informed decisions through careful assessment of the situation and likely severity of the impact. The current paper presents the principle 6 of project management that entails management of risks. The paper discusses types of the project risks that are manageable and the process through which this can be done. Various examples have been highlighted to give the impression of how the risks should, and have been managed. Introduction From the overall management perspective, the success of many firms is increasingly becoming dependent of failure or success of the projects they establish. However, the management of risks is a vital business development practice. The risk management process can be traced back in 18th century during the era of enlightenment that involved looking for knowledge and exploration of the unknown. Currently, risk management has been used as a general procedure in resolving risks. Hall (1998) argues that risk management can resolve a risk only when applied and the possible consequences are acceptable. Project development is prone to unanticipated problems that make the projects exceed budgets, miss deadlines, or deliver substandard results. While such problems cannot be eliminated completely, some can be well controlled through taking necessary preventive actions. Risk management comes in handy to prevent the problems from occurring. An organization can be in a position to prevent the large number of problems through use of systematic risk management techniques and procedures (Leach, 2005). Most researchers have been interested in risk management, especially those in the field of project management. While organizations define their risk management approaches, other fail in explicit and systematic management of risks. The risk management approach based on only individual and institution efforts is ineffective and inconsistent (Gladden, 2012). 1.0. Introduction to Principle 6: Risk Management This principle defines uncertainty as being different from variation and provides for the management process. According to this principle, the deterministic process of risk management enhances the control of the risks to the goals of the project. These are the scope, schedule, customer satisfaction and cost risks. Other processes may experience environmental risks or safety risk. The risk management in projects seeks to control the risks to project that are beyond the scope of the project plan and circle of control. The project risk matrix acts as the main tool towards identification and management of risk (Rose, 2013). A risk entails the possibility for loss, destruction or injury that exposes an entity to uncertain events. According to PMI definition, project risk refers to the uncertain event that causes negative or positive effect on the objectives of the project (Leach, 2005). Risk management step process is illustrated below: 1.1. Risk identification/initiation This forms the first process in risk management and involves producing a list of project specific risk items that have a high likelihood of compromising the success of the project. The process requires formal documentation to facilitate reuse of information by new projects from the previous projects. Risk identification activity must be carried throughout the entire project execution process. After identifying the risks, then the identified risks should be analysed (Gladden, 2012). 1.2. Risk Analysis The risk analysis process assesses loss magnitude and loss probability for the identified risk items and then examines compound risks for the risk-item interactions. In PMBOK, risk analysis can be performed either quantitatively or qualitatively. Qualitative analysis prioritises and determines the effect of risk items on the objectives of the project while quantitative analysis determines the consequences and probability of the risks, and estimation of their impacts on the objectives (Rose, 2013). 1.3. Response planning Response planning step helps in preparation of contingency and mitigation plans. This involves determining the resources that are most efficient and which maximizes the performance of the project. The risk management must have all the necessary actions planned initially to enhance a comparative mitigation to the effects of the risk (Rose, 2013). 1.4. Risk monitoring Monitoring the risks implies tracking the progress of the project towards resolving the risk items as well as taking the necessary actions when appropriate. According to PMBOK, corrective actions are effective and necessary when controlling the risk (Leach, 2005). 1.5. Evaluation of risk The risk evaluation approach involves examining the risk identification activities, classification of risks and risks analysis, and then evaluates the probability of their occurrence and related impacts. The evaluation prioritizes generation an ordinance for the risks based on previous analysis (Leach, 2005). 1.6. Risk control The risk control process involves planning and defining the strategies required to control the identified risks for resolving the risks with potential of simulating situations where risks are decided. This also involves monitoring the risks through accompaniment of the project progress and taking the necessary corrective actions (Rose, 2013). The Software Development Institute (SEI) defines risk management as a process involving five distinct phases in an ongoing communication effort, in risk management. The five phases include: - identification, analysis, tracking, control and monitoring of risk. According to PMBOK (PMI, 2000), risk management entails five processes. These are initiation, planning, execution, control and closure processes (Leach, 2005). Figure 1: PMBOK risk management processes (Source: Rose, 2013) Risk management becomes valuable when the actions taken to control or prevent the potential impacts can be identified. The process involves deciding on appropriate courses of actions for the project plan depending on relative risk of the events that may or may not happen. Any project assumption requires making of the project risk decision since the future reality depends on the assumption made. When the assumption fails, then the project risk events result (Leach, 2005). The project managers must, therefore, take considerable measures towards risk management. These include: Prevent occurrence of risk Identify and monitor risk triggers like reviewing and monitoring the weather forecasts Prevent actions with potential risk consequences Insurance Prepare mitigation measures in case a risk occurs Accept the risk Since lean project management deals with the common-cause variation of task, the project risk management process must, therefore, deal only with the special-cause risks. The next section evaluates the most common types of risk to the project management (Leach, 2005). 2.0. Types of project risks and how they can be managed There are four main risks on projects which, when wrongly handled, cause an imminent collapse of the project. These are: Scope risks Schedule risks Resource risks Technology risks 2.1. Scope Risks Scope risks entail problems with the definition of the project objectives. The scope risk includes changes in the project scope due to various factors such as scope creep making the project become more complex as clients add to the requirement and the developers begin gold plating. The project scope can also be affected by problems in integration, defects in both hardware and software components and change in dependencies. The scope risks also entail the risks occurring due to unexpected changes in regulatory and legal frameworks and insufficient definition of scope (Gladden, 2012). The scope risks can be minimized by being recognized, whether quantifiable or not. Various methods can be used to help stakeholders identify scope of the project. The project dependency on market and technology can be analyzed through risk framework. Thereafter the assessment of the effect of the changes on the outcome of the project should be done (Leach, 2005). 2.2. Schedule risks The most serious challenge experienced by project managers is keeping timelines and maintaining the agreed critical paths. The project can be delayed by extensive overreliance on external parties, hardware delays and postponed decision making. In most cases, the external parties are mostly too optimistic and their output might not be within the scope of the project control, hence poor estimation of errors (Leach, 2005). These risks prevent the project managers from progressing in the way scheduled due to unexpected delays at the external vendor, errors in estimation, natural factors and delays in acquiring the parts. For example, the test team may be unable to begin working until developers finish with the milestone deliverables. These risks can be reduced through use of WBS, Responsibilities, Accountabilities, Consulting and Information (RACI) and Gantt charts to assist in scheduling (Leach, 2005). The schedule risks can be minimized through use of various techniques. First, the project process should be broken into clearly defined small subsections with relatively short allocated timeframe. This necessitates the identification of any errors when the tasks veer off the schedule. Also, schedule risks can be minimized by carefully noting the external parties or members who hesitate in giving their estimates, or even give unrealistic estimates based on previous experience or historical data (Rose, 2013). 2.3. Resource risk The main resource base for any project is funds and people. Some of the human resource factors exposing the project to risks include incompetent and unskillful human resource and inadequate human resource. Also, when the key members chip in the long way after the project inception, the project process becomes risky. From a financial perspective, lack of sufficient funds to perform the necessary tasks may lead to the failure of the project. Enough funds are necessary to enhance the provision of necessary training programs and well as invest adequately in required machinery or technology. Example is the cost risk (Leach, 2005). The resource risks mostly arise from personnel and outsourcing issues. A project may involve many people and this creates the need to manage attrition issues. The risk may also arise when a new worker is brought aboard. Lack of enough skills may potentially slow down the project. For instance, a project may require a lot of website front-end tasks. If a team does not have a designer with skills in HTML/CSS, then there may be potential for unexpected delays (Leach, 2005). 2.4. Technology risks The technological risks arise from the defects in hardware and software components of the underlying platform or service. For instance, the team may realize the problems with the cloud provider benchmarks midway the project. Other issues that arise include software updates (Rose, 2013). 3.0. Examples of the projects that have used risk management This paper has given two examples of risk management approaches uses in IT department and businesses. 3.1. IT projects This project was initiated by Contoso, Inc. in order to reorganize the IT projects. Its primary infrastructure have been shifting and expanding to a distributed environment, which was initially centralized in nature. Through use of sound practices in risk management, Contoso conducted risk identification discussions in order to come up with master risk list. The first risk was the Risk ID ITRERG010 that results in inefficiencies in service desk process. This increased the costs of support IT services. The field office does not present a coordinated approach towards the centralized help desk functions. This compels the field support professionals to resolve incidents without recording. The root cause of the risk is lack of an effective knowledge base. This causes downstream outages and inadequate communications on resolution status. This means that the IT department is not aligned to the needs of the business and the perceived values thereof diminished. The other risk is ITREORG010. The risk changes by the IT group can negatively affect the system and delivered services. Despite the changes in situation, there lacks a common formal management across all the groups in IT, making some changes being improperly assessed during the weekly status meetings. This is caused by lack of commitment to the standard operational processes that causes the business units to fail in their trust of one another. This causes frustrations among the groups since the systems will be affected. The business effect is that the risk has potential of causing service disruptions that erupts the business functions. Failure of communicating the downtime costs reduced the trust between the people in IT. This compels the business to doubt the value of the current IT. The two risks form the topmost list in the IT reorganization project in Contoso. The risks were discussed in various meetings in order to come up with the mitigation steps through determining whether the triggers were in a fulfilled environment as well as ensure proper setting of the of probability and impact levels. The discussion was critical in the project to help in determining whether the contingencies identified within the master risk list were to be acted upon in order to avoid service disruptions as much as possible. As the project progressed, there arose various activities around the MOF-based management processes which started to reduce the probability of the risks occurring. Thereafter, the project team was compelled to modify the probability that reduced the exposure of risks. This decreased as the company adopted MOF-based problem and incident management processes. 3.2. Business projects Loss of key staff in the project, making it hard to complete the tasks. This requires emphasis on importance of the project to all staff when there are constant reports of absence from work. The major action taken could involve identifying alternative resources for the unexpected absence as well as checking whether the extra resources can be used to shadow the work by a single staff. The project must ensure availability of complete records at any point. Other examples of projects that have used risk management include the establishment of workplace rules which explain the required or expected goals and consequences which apply. For instance, this can involve establishment of how an organization spends unexpected donations or even cutting costs in case the revenue fall short of their expectations. Conclusion Risk management is a component of project management and entails the development of a structural approach for identification and analysis of risks in order to initiate the response planning. Risk management planning entails decision on how to plan and approach the risk management activities for the project. Identification of the risk entails determining the risks with potential of affecting the project and documenting the characteristics. The risk analysis can either be qualitative or quantitative. Risk response planning determines the enhancement of opportunities and minimizes the threats to the objectives. The monitoring and control of risks involve execution of the risk response plans, identification of new risks and evaluating the effectiveness of the responses. References Gladden, R. (2012). The Project Risk Maturity Model: Measuring and Improving Risk Management Capability. Project Management Journal 43(5), 101. Leach, L. P. (2005). Lean Project Management: Eight Principles for Success. Boise, ID: Advanced Projects. Rose, K. H. (2013). A Guide to the Project Management Body of Knowledge (PMBOK® Guide)-Fifth Edition. Project Management Journal 44(3), E1. Read More