Impact of Risk Handling Measures
Risk management is the identification, evaluation, and prioritization of risks (defined in ISO 31000 as the effect of uncertainty on objectives) followed by coordinated and economical application of resources to minimize, monitor, and control the probability or impact of unfortunate events or to maximize the realization of opportunities.
Risks can come from various sources including uncertainty in international markets, threats from project failures (at any phase in design, development, production, or sustaining of life-cycles), legal liabilities, credit risk, accidents, natural causes and disasters, deliberate attack from an adversary, or events of uncertain or unpredictable root-cause. There are two types of events i.e. negative events can be classified as risks while positive events are classified as opportunities. Risk management standards have been developed by various institutions, including the Project Management Institute, the National Institute of Standards and Technology, actuarial societies, and ISO standards. Methods, definitions and goals vary widely according to whether the risk management method is in the context of project management, security, engineering, industrial processes, financial portfolios, actuarial assessments, or public health and safety.
Strategies to manage threats (uncertainties with negative consequences) typically include avoiding the threat, reducing the negative effect or probability of the threat, transferring all or part of the threat to another party, and even retaining some or all of the potential or actual consequences of a particular threat. The opposite of these strategies can be used to respond to opportunities (uncertain future states with benefits).
Certain risk management standards have been criticized for having no measurable improvement on risk, whereas the confidence in estimates and decisions seems to increase.
A successful risk management program helps an organization consider the full range of risks it faces. Risk management also examines the relationship between risks and the cascading impact they could have on an organization’s strategic goals.
This holistic approach to managing risk is sometimes described as enterprise risk management because of its emphasis on anticipating and understanding risk across an organization. In addition to a focus on internal and external threats, enterprise risk management (ERM) emphasizes the importance of managing positive risk. Positive risks are opportunities that could increase business value or, conversely, damage an organization if not taken. Indeed, the aim of any risk management program is not to eliminate all risk but to preserve and add to enterprise value by making smart risk decisions.
“We don’t manage risks so we can have no risk. We manage risks so we know which risks are worth taking, which ones will get us to our goal, which ones have enough of a payout to even take them,” said Forrester Research senior analyst Alla Valente, a specialist in governance, risk and compliance.
Thus, a risk management program should be intertwined with organizational strategy. To link them, risk management leaders must first define the organization’s risk appetite i.e., the amount of risk it is willing to accept to realize its objectives.
The formidable task is to then determine “Which risks fit within the organization’s risk appetite and which require additional controls and actions before they are acceptable,” explained Notre Dame University Senior Director of IT Mike Chapple in his article on risk appetite vs. risk tolerance. Some risks will be accepted with no further action necessary. Others will be mitigated, shared with or transferred to another party, or avoided altogether.
Every organization faces the risk of unexpected, harmful events that can cost it money or cause it to close. Risks untaken can also spell trouble, as the companies disrupted by born-digital powerhouses, such as Amazon and Netflix, will attest. This guide to risk management provides a comprehensive overview of the key concepts, requirements, tools, trends and debates driving this dynamic field. Throughout, hyperlinks connect to other TechTarget articles that deliver in-depth information on the topics covered here, so readers should be sure to click on them to learn more.
Risk response plan
Risk response planning combines our efforts thus far into a viable risk response for each threat and opportunity we’ve identified as falling within the range of our risk tolerance threshold. Risk response planning increases the probability and/or impact of opportunities identified within the predetermined tolerance range of our risk register, and reduces the probability and/or impact of any threats.
There are four mitigation strategies to consider when developing a Risk Response Plan for both threats and opportunities.
Response to threats:
- Avoid: change plans
- Mitigate: reduce the probability and/or impact of the threat on the project
- Transfer: assign the risk to someone else
- Accept: do nothing
Response to opportunities:
- Exploit: make the opportunity more likely
- Enhance: increase the value of the opportunity to the project
- Share: partner with someone who can capture the opportunity
- Accept: do nothing
Risk monitoring
The last step is risk monitoring. The project manager monitors the risk register, executing on response plans, as well as documenting subsequent threats and opportunities as they become known throughout the project life cycle.
Risk planning is like any other project planning process, and is never really done until the project itself is complete; therefore, a project manager’s risk monitoring is finished only when the project is complete.
Work break Down Structure
A work-breakdown structure (WBS) in project management and systems engineering is a deliverable-oriented breakdown of a project into smaller components. A work breakdown structure is a key project deliverable that organizes the team’s work into manageable sections. The Project Management Body of Knowledge (PMBOK 5) defines the work-breakdown structure as a “hierarchical decomposition of the total scope of work to be carried out by the project team to accomplish the project objectives and create the required deliverables.”
A work-breakdown structure element may be a product, data, service, or any combination of these. A WBS also provides the necessary framework for detailed cost estimation and control while providing guidance for schedule development and control.
Breaking work into smaller tasks is a common productivity technique used to make the work more manageable and approachable. For projects, the Work Breakdown Structure (WBS) is the tool that utilizes this technique and is one of the most important project management documents. It singlehandedly integrates scope, cost and schedule baselines ensuring that project plans are in alignment.
The Project Management Institute (PMI) Project Management Book of Knowledge (PMBOK) defines the Work Breakdown Structure as a “deliverable oriented hierarchical decomposition of the work to be executed by the project team.” There are two types of WBS:
1) Deliverable-Based
2) Phase-Based.
The most common and preferred approach is the Deliverable-Based approach. The main difference between the two approaches are the Elements identified in the first Level of the WBS.
How to Make a Work Breakdown Structure
A good Work Breakdown Structure is created using an iterative process by following these steps and meeting these guidelines:
Gather critical project documents.
Identify content containing project deliverables, such as the Project Charter, Scope Statement and Project Management Plan (PMP) subsidiary plans.
- Identify Key Team Members
- Identify the appropriate project team members.
- Analyze the documents and identify the deliverables.
Define Level 1 Elements
Define the Level 1 Elements. Level 1 Elements are summary deliverable descriptions that must capture 100% of the project scope.
Verify 100% of scope is captured. This requirement is commonly referred to as the 100% Rule.
Decompose (Breakdown) Elements
Begin the process of breaking the Level 1 deliverables into unique lower-Level deliverables. This “breaking down” technique is called Decomposition.
Continue breaking down the work until the work covered in each Element is managed by a single individual or organization. Ensure that all Elements are mutually exclusive.
Ask the question, would any additional decomposition make the project more manageable? If the answer is “no”, the WBS is done.
Create Wbs Dictionary
Define the content of the WBS Dictionary. The WBS Dictionary is a narrative description of the work covered in each Element in the WBS. The lowest Level Elements in the WBS are called Work Packages.
Create the WBS Dictionary descriptions at the Work Package Level with detail enough to ensure that 100% of the project scope is covered. The descriptions should include information such as, boundaries, milestones, risks, owner, costs, etc.
Create Gantt Chart Schedule
Decompose the Work Packages to activities as appropriate.
Export or enter the Work Breakdown Structure into a Gantt chart for further scheduling and project tracking.
One thought on “Impact of Risk Handling Measures, Work break Down Structure”