You are on page 1of 68

PMP Preparation Training

Risk Management

Chapter 11
Risk Management
Processes required to effectively identify, analyze,
and respond to project risks

Risk
RiskManagement
ManagementPlanning
Planning
Risk
RiskIdentification
Identification
Qualitative
QualitativeRisk
RiskAnalysis
Analysis
Quantification
QuantificationRisk
RiskAnalysis
Analysis
Risk
RiskResponse
ResponsePlanning
Planning
Risk
RiskMonitoring
Monitoring& &Control
Control

Source: PMBOK Guide 2000 Version © 2002 Robbins-Gioia, Inc. 11-2


Risk Management
Planning Controlling
11.1 Risk
Management
Planning 11.4
11.3 Risk 11.5 Risk Risk
Qualitative Response Monitoring
Analysis Planning
11.2 Risk &
Identification 11.4 Risk Control
Quantitative
Analysis

Source: PMBOK Guide 2000 Version © 2002 Robbins-Gioia, Inc. 11-3


Introduction
 Risk – Events or consequences that have the probability of
occurring during a project and that are measured by their
impacts on the project

 Components
 Risk event
 Risk event probability
 Risk outcome or consequence (Amount at stake)
 Risk event status (Probability x amount at stake)

Source: PMBOK Guide 2000 Version © 2002 Robbins-Gioia, Inc. 11-4


Project Risk Management

Processes
Processesfor foridentifying,
identifying,analyzing,
analyzing,and
andresponding
respondingtotoproject
project
risk.
risk. ItItincludes
includesmaximizing
maximizingthetheprobability
probabilityand
andthe
theresults
results
of
ofpositive
positiveevents
events(opportunities)
(opportunities)and
and minimizing
minimizingthethe
probability
probabilityandandconsequences
consequencesof ofadverse
adverseevents
events(risks).
(risks).

Source: PMBOK Guide 2000 Version © 2002 Robbins-Gioia, Inc. 11-5


Project Risk Life Cycle
 Risk varies throughout the life cycle
 Risk is high in the concept and
development phases, decreasing as
work is accomplished
 Amount at stake is low in the early
phases and increases as work is
accomplished
 The area of overlap is known as the
high-risk impact area

Source: PMBOK Guide 2000 Version © 2002 Robbins-Gioia, Inc. 11-6


Risk Management Planning

Deciding how to approach and plan the risk management


activities for a project

Source: PMBOK Guide 2000 Version © 2002 Robbins-Gioia, Inc. 11-7


Risk Management Planning
Tools & Techniques
•• Planning
Planning Meetings
Meetings

Inputs
• Project Charter
• Risk Management Policies Outputs
• Defined Roles & Responsibilities • Risk Management Plan
• Stakeholder Risk Tolerance
• Risk Management Plan Template
• WBS

Source: PMBOK Guide 2000 Version © 2002 Robbins-Gioia, Inc. 11-8


Risk Management Planning

Inputs
■ Project Charter
■ Organization’s risk management policies – predefined
approaches to risk analysis and response
■ Defined roles, responsibilities, and authority levels for
decision-making
■ Stakeholder risk tolerances – expressed in policy
statements or action
■ Template for risk management plan
■ WBS

Source: PMBOK Guide 2000 Version © 2002 Robbins-Gioia, Inc. 11-9


Risk Management Planning

Tools & Techniques


■ Planning meetings to develop the risk management plan
■ Attendees include project manager, project team leaders,
key stakeholders – anyone responsible for planning and
executing activities

Source: PMBOK Guide 2000 Version © 2002 Robbins-Gioia, Inc. 11-10


Risk Management Planning

Outputs
■ Risk Management Plan
■ Methodology – defines approaches, tools, and data sources that might be used to
perform risk management on the project
■ Roles & Responsibilities – defines the lead, support, and risk management team
membership for each type of action in the plan
■ Budget - $
■ Timing – Describes how often the risk management process will be performed
throughout the project life cycle.
■ Scoring and interpretation – methods used for performing qualitative and
quantitative risk analysis
■ Thresholds – the target against which the project team measures the effectiveness of
the the risk response plan execution
■ Reporting formats - defines how the results of the risk management processes will be
documented, analyzed, and communicated to the project team and stakeholders
■ Tracking – Documents all facets of risk activities and how the risk process will be
audited

Source: PMBOK Guide 2000 Version © 2002 Robbins-Gioia, Inc. 11-11


Risk Identification
Determining
Determiningwhich
whichrisks
risksare
arelikely
likelyto
toaffect
affectthe
theproject
projectand
and
documenting
documentingthe
thecharacteristics
characteristicsofofeach
each

 Internal risks – Things that the project team can control


or influence
 External risks – Things beyond the control or influence of
the project team
 Risk identification is concerned with opportunities
(positive outcomes), as well as with threats (negative
outcomes)

Source: PMBOK Guide 2000 Version © 2002 Robbins-Gioia, Inc. 11-12


Risk Identification
• Types
– Business (profit or loss) and insurable (loss)

– Known known Total certainty


– Known unknown Degree of uncertainty
– Unknown unknown Total uncertainty

• Categories
– External, unpredictable Regulatory, etc.
– External, predictable Market risks
– Internal, non-technical Management
– Technical Design
– Legal Contractual

Source: PMBOK Guide 2000 Version © 2002 Robbins-Gioia, Inc. 11-13


Risk Identification
Tools
Tools &
& Techniques
Techniques
•• Documentation
Documentation Reviews
Reviews
•• Information
Information Gathering
Gathering
Techniques
Techniques
•• Checklists
Checklists
•• Assumptions
Assumptions Analysis
Analysis
•• Diagramming
Diagramming Techniques
Techniques

Outputs
Inputs • Risks
• Risk Management Plan • Triggers
• Project Planning Outputs • Inputs to other process
• Risk Categories
• Historical information
Source: PMBOK Guide 2000 Version © 2002 Robbins-Gioia, Inc. 11-14
Risk Identification

Inputs
■ Risk Management Plan
■ Project Planning Outputs
■ Project charter
■ WBS
■ Product description
■ Schedule & cost estimates
■ Resource plan
■ Procurement Plan
■ Assumptions and constraint lists

Source: PMBOK Guide 2000 Version © 2002 Robbins-Gioia, Inc. 11-15


Risk Identification

Inputs
■ Risk Categories (See Note Pages)
■ Technical, quality, or performance risks
■ Project Management risks
■ Organization risks
■ External risks

■ Historical Information
■ Project files
■ Published information

Source: PMBOK Guide 2000 Version © 2002 Robbins-Gioia, Inc. 11-16


Risk Identification

Inputs (cont.)
■ Historical information – Available from the Following
sources
■ Project files – Records of previous projects
 Commercial databases – Historical information available
commercially
 Project team knowledge

Source: PMBOK Guide 2000 Version © 2002 Robbins-Gioia, Inc. 11-17


Risk Identification

Tools & Techniques


 Documentation Reviews

 Information-gathering techniques
 Brainstorming

 Delphi technique

 Interviewing

 Strengths, Weaknesses, Opportunities, Threats (SWOT) analysis

 Checklists – Organized by source of risk

Source: PMBOK Guide 2000 Version © 2002 Robbins-Gioia, Inc. 11-18


Risk Identification

Tools & Techniques


■ Assumptions Analysis – technique that examines the
validity of assumptions to identify risks to project because
of invalid assumptions
■ Diagramming techniques –
■ Cause and effect diagrams used to identify causes of risks
■ System or process flow charts that show how various elements of
a system interrelate and the causes of risks
■ Influence diagrams the graphically represent a problem showing
causal influences, time ordering events and other relationships
among variables and outputs

Source: PMBOK Guide 2000 Version © 2002 Robbins-Gioia, Inc. 11-19


Risk Identification

SWOT
Strengths Weaknesses
Internal
Build On Eliminate or Reduce

Opportunities Threats
External
Exploit Mitigate

Source: PMBOK Guide 2000 Version © 2002 Robbins-Gioia, Inc. 11-20


Risk Identification

Outputs
 Potential Risk Event – Identify discrete occurrences that
might affect the project
 Triggers – Risk symptoms or warning signs that indicate a
risk even has occurred or is about to occur
 Inputs to other processes – may identify a need for
further activity in another area

 Risks are often input to other processes as constraints or


assumptions

Source: PMBOK Guide 2000 Version © 2002 Robbins-Gioia, Inc. 11-21


Qualitative Risk Analysis
The process of assessing the impacts and likelihood of
identified risks.

Qualitative risk analysis requires that the probability


and consequences of the risks be evaluated using
established qualitative-analysis method and tools

Source: PMBOK Guide 2000 Version © 2002 Robbins-Gioia, Inc. 11-22


Qualitative Risk Analysis
Tools
Tools &
& Techniques
Techniques
•• Risk
Risk probability
probability && impact
impact
•• Risk
Risk rating
rating matrix
matrix
•• Project
Project assumptions
assumptions testing
testing
•• Data
Data precision
precision ranking
ranking

Inputs
• Risk Management Plan Outputs
• Identified risks • Overall risk ranking
• Project status • List of prioritized tasks
• Project type • List of risks for additional
• Data Precision Management & Analysis
• Scales of probability & impact • Trends in results
• Assumptions

Source: PMBOK Guide 2000 Version © 2002 Robbins-Gioia, Inc. 11-23


Qualitative Risk Analysis

Inputs
■ Risk management plan
■ Identified Risks – evaluation of risks identified during the risk
identification process and their potential impacts on the project
■ Project Status – identification of risks as the project progresses
through its life cycle
■ Project Type – determines the amount of risk
■ Common or recurrent type have less risk
■ State-of-the-art, first time technology, or highly complex projects
have more risk

Source: PMBOK Guide 2000 Version © 2002 Robbins-Gioia, Inc. 11-24


Qualitative Risk Analysis

Inputs (cont.)
■ Data Precision – measures the extent of data available, as
well as the reliability of the data and source of the data
■ Scales of Probability and Impact – assess the two key
dimensions of risk (probability of occurring and impact on
project)
■ Assumptions

Source: PMBOK Guide 2000 Version © 2002 Robbins-Gioia, Inc. 11-25


Qualitative Risk Analysis

Tools & Techniques


■ Risk Probability and Impact
■ Risk probability - is the likelihood that a risk will occur
■ Risk consequences – is the effect on project objectives if the risk
event occurs
■ Probability/Impact Risk Rating Matrix –
■ Risk Probability Scale falls between 0.0 (no probability) and 1.0
certainty)
■ Ordinal scale – ranked-order scale, such as very low, low, moderate,
high, and very high
■ Cardinal scale – assign values to these impacts. These values are
usually linear (.1/ .3/ .t/ .7/ .9) or nonlinear (.05/ .1/ .2/ .4/ .8/) (See
note pages)

Source: PMBOK Guide 2000 Version © 2002 Robbins-Gioia, Inc. 11-26


Qualitative Risk Analysis

Tools & Techniques


■ Project Assumption Testing – Assumptions are tested
against two criteria: assumption stability and the
consequences on the project if the assumption is false
■ Data Precision Ranking – is a technique to evaluate the
degree to which the data is useful
■ Extent of understanding of the risk
■ Data available about the risk
■ Quality of the data
■ Reliability and integrity of the data

Source: PMBOK Guide 2000 Version © 2002 Robbins-Gioia, Inc. 11-27


Qualitative Risk Analysis

Outputs
■ Overall Risk Ranking – indicates the overall risk position of a
project relative to other projects by comparing risk scores
■ List of Prioritized Risks – Grouped by:
■ Rank (high, moderate,low)
■ Those requiring immediate response and those that can be handled at a
later date
■ Those that affect cost, schedule, functionality, and quality.
■ Significant risks should have a description of the basis for the
assessed probability and impact

Source: PMBOK Guide 2000 Version © 2002 Robbins-Gioia, Inc. 11-28


Qualitative Risk Analysis

Outputs (cont.)
■ List of Risks for Additional Analysis and Management
– moderate and high risks are candidates for more analysis,
including quantitative and risk analysis, and risk
management action
■ Trends in Qualitative Risk Analysis Results – As the
analysis is repeated, a trend of results may become
apparent, and can make risk response more or less urgent
and important

Source: PMBOK Guide 2000 Version © 2002 Robbins-Gioia, Inc. 11-29


Quantitative Risk Analysis
Measuring
Measuringnumerically
numericallythe
theprobability
probabilityand
andconsequences
consequencesof of
risks
risksand
andestimating
estimatingtheir
theirimplication
implicationfor
forproject
projectobjectives
objectives

 Determine probability of achieving a specific project objective


 Quantify the risk exposure for the project, and determine the size
of cost and schedule contingency reserves that may be needed
 Identify risks requiring the most attention by quantifying their
relative contribution to project risk
 Identify achievable and realistic cost, schedule, or scope targets

Source: PMBOK Guide 2000 Version © 2002 Robbins-Gioia, Inc. 11-30


Quantitative Risk Analysis
Tools
Tools &
& Techniques
Techniques
•• Interviewing
Interviewing
•• Sensitivity
Sensitivity Analysis
Analysis
•• Decision
Decision Tree
Tree Analysis
Analysis
•• Simulation
Simulation

Inputs
• Outputs
Risk Management Plan
• Prioritized List of Quantified Risks
• List of prioritized risks
• Probability Analysis of the project
• List of risks for additional
• Probability of achieving the cost
Management & Analysis
• and time objectives
Historical Information
• Trends in Quantitative Risk Analysis
• Expert Judgment
• Results
Other Planning Outputs

Source: PMBOK Guide 2000 Version © 2002 Robbins-Gioia, Inc. 11-31


Quantitative Risk Analysis

Inputs
 Risk Management Plan
 Identified Risks
 List of Prioritized Risks
 List of Risks for Additional Analysis and Management
 Historical Information – on prior, similar completed projects, studies
of similar projects by risk specialists, and risk databases available
 Expert Judgment – inputs from the project team, other subject matter
experts within the organization, and outside sources
 Other Planning Outputs – schedule logic and duration estimates,
WBS list of all cost elements, and models of project technical
objectives

Source: PMBOK Guide 2000 Version © 2002 Robbins-Gioia, Inc. 11-32


Quantitative Risk Analysis

Tools & Techniques


■ Interviewing – project stakeholders and subject-matter
experts to quantify the probability and consequences of risks
on project objectives
■ The information needed depends upon the type of
probability distributions that will be used

Source: PMBOK Guide 2000 Version © 2002 Robbins-Gioia, Inc. 11-33


Quantitative Risk Analysis

Tools & Techniques (cont.)


• Probability
– Likelihood of occurrence. (Number of occurrences of an event divided by the total
number of all possible occurrences)

• Statistics
– Mean – Average of the values of events
– Mode – Value which occurs most often
– Median – Value in middle of the range of ordered values

• Variance
– Average of the squared deviations from the mean
– Standard deviation – Square Root of the Variance
– Range – Values between upper & lower limits

Source: PMBOK Guide 2000 Version © 2002 Robbins-Gioia, Inc. 11-34


Quantitative Risk Analysis

Normal Distribution Curve


■ 2 standard deviations (+/- 1) = 68.26 %
■ 4 standard deviations (+/- 2) = 95.46 %
■ 6 standard deviations (+/- 3) = 99.73 %

-3 -2 -1 0 +1 +2 +3

Source: PMBOK Guide 2000 Version © 2002 Robbins-Gioia, Inc. 11-35


Quantitative Risk Analysis

Tools & Techniques (cont.)


Three values with probabilities; used to calculate expected values
– Optimistic
– Most likely
– Pessimistic

e.g. Optimistic 0.2 x $ 100 K = $ 20 K


Most Likely 0.6 x $ 130 K = $ 78 K
Pessimistic 0.2 x $ 180 K = $ 36 K
Expected Value = $ 134 K
Source: PMBOK Guide 2000 Version © 2002 Robbins-Gioia, Inc. 11-36
Quantitative Risk Analysis

Tools & Techniques (cont.)

Example 0.6 Success

0.5 Project A Failure


0.4

0.7
0.5 Project B Success

0.3
Failure
What is the probability that Project B will
be selected and will be successful? Answer: 0.35
Source: PMBOK Guide 2000 Version © 2002 Robbins-Gioia, Inc. 11-37
Quantitative Risk Analysis

Tools & Techniques (cont.)


• Probability distribution (Method of moments) –
Calculates project range estimates
• Expected monetary value – Probability times cost
• Three values – low (a) , most likely (m), and high (b) –
with probabilities for each; used to calculate expected
value

Source: PMBOK Guide 2000 Version © 2002 Robbins-Gioia, Inc. 11-38


Quantitative Risk Analysis

Tools & Techniques (cont.)


0.1 0.1

0.0
0.0
Beta Distribution Triangular Distribution
Using PERT approximations Mean = (a+m+b) / 3
Variance = [(b-a)2 + (m-a)(m-b)] / 18
Mean = (a +4m +b) / 6 Variance = [(b-a) / 6]2

Source: PMBOK Guide 2000 Version © 2002 Robbins-Gioia, Inc. 11-39


Quantitative Risk Analysis

Tools & Techniques


■ Sensitivity Analysis – determines which risks have the most
potential impact on the project
■ Decision Tree Analysis – use of a diagram that describes a
decision under consideration and the implications of
choosing one or another of the available alternatives
■ Incorporates probabilities of risks and the costs or rewards of each
logical path of events and future decisions
■ Solving the decision tree indicates which decision yields the greatest
expected value when all the uncertain implications, costs, rewards,
and subsequent decisions are quantified

Source: PMBOK Guide 2000 Version © 2002 Robbins-Gioia, Inc. 11-40


Quantitative Risk Analysis

Tools & Techniques (cont.)


Decision Trees High Demand
Probability =0.3
$ 550,000
Production Successful
Probability = 0.7 Low Demand
Probability = 0.7
Decide to pursue
- $100,000

Expect Value of Pursuing Project A


Production Unsuccessful
Probability = 0.3 0.7 x 0.3 x $ 550,000 = $ 115,500
- 0.7 x 0.7 x –
$ 100,000 = –
$ 49,000
Terminate = $ 200,000
0.3 x – $ 200,000 = –
$ 60,000
Decide not to pursue
$0 $ 6,500
The expected value of Project A is $6,500. The expected value of
not preceding is $0. Preceding is the lucrative option.
Source: PMBOK Guide 2000 Version © 2002 Robbins-Gioia, Inc. 11-41
Quantitative Risk Analysis

Tools & Techniques (cont.)


■ Simulation – Uses a model or copy of a system to analyze the
behavior or performance of the system

■ Monte Carlo
– “Perform” project many times to provide a statistical distribution of
calculated results
– Uses results to quantify the risk of various schedule alternatives,
different project strategies, different paths through the network, and
individual activities
– Can be used to assess the range of possible cost options

Source: PMBOK Guide 2000 Version © 2002 Robbins-Gioia, Inc. 11-42


Quantitative Risk Analysis

Tools & Techniques (cont.)


Results from a Monte Carlo Simulation of a Project Schedule
100

90
Cumulative Probability

80

70

60

50

40

30

20

10

0
110 120 130 140 150 160 170 180 190 200

Days After Project Start


This S-curve shows the cumulative probability of project completion by a particular date. For example, the
intersection of the dashed ones shows that there is a 50 percent probability that the project will be finished
within 145 days of its start. Project completion dates toward the left have higher risk while those toward the
right have lower risk.
Source: PMBOK Guide 2000 Version © 2002 Robbins-Gioia, Inc. 11-43
Quantitative Risk Analysis

Outputs
 Prioritized List of Quantified Risks – risks that pose greatest threat
or present the greatest opportunity to the project together with a
measure of their impact

 Probabilistic Analysis of the Project – forecasts potential project


schedule and cost results, listing the possible completion dates or
project duration and costs with their associated confidence levels

 Probability of Achieving Cost and Time Objectives - under the


current project plan and with the current knowledge of the risks facing
the project

 Trends in Quantitative Risk Analysis Results – as analysis is


repeated, a trend of results may become apparent

Source: PMBOK Guide 2000 Version © 2002 Robbins-Gioia, Inc. 11-44


Risk Response Planning

Process
Processof
ofdeveloping
developingoptions
optionsand
anddetermining
determiningactions
actionsto
to
enhance
enhanceopportunities
opportunitiesand
andreduce
reducethreats
threatsto
tothe
theproject’s
project’s
objectives
objectives

Risk response planning must be appropriate to the severity of the risk,


cost effective in meeting the challenge, timely to be successful,
realistic within the project context, agreed upon by all parties involved,
and owned by a responsive person

Source: PMBOK Guide 2000 Version © 2002 Robbins-Gioia, Inc. 11-45


Risk Response Planning
Tools
Tools&&Techniques
Techniques
•Avoidance
•Avoidance
•Transference
•Transference
•Mitigation
•Mitigation
•Acceptance
•Acceptance

Outputs
Outputs
•• Risk
Riskmanagement
managementplan
Inputs
Inputs plan
•• Inputs
Inputstotoother
otherprocesses
processes
•• Opportunities
Opportunities •• Contingency
Contingencyplans
plans
•• Threats
Threatsand
andrisks
risks •• Reserves
Reserves(Mitigation)
(Mitigation)
•• Contractual
Contractualagreements
agreements

Source: PMBOK Guide 2000 Version © 2002 Robbins-Gioia, Inc. 11-46


Risk Response Planning

Tools & Techniques

Mitigation
(Corrective action)

Acceptance
Avoidance
(Accept consequences)
(Prevention)

Transference
(Shift Responsibility)
Source: PMBOK Guide 2000 Version © 2002 Robbins-Gioia, Inc. 11-47
Tools & Techniques (cont.)
■ Avoidance – Change project plan to eliminate the risk or
condition or to protect the project objectives from its
impact
■ Transference – Shift the consequences of a risk to a third
party together with the ownership of the response
■ Mitigation – Reduce the probability and/or consequences
of an adverse risk event to an acceptable threshold
■ Acceptance – Do not change project plan, but develop a
contingency plan should the risk event occur

Source: PMBOK Guide 2000 Version © 2002 Robbins-Gioia, Inc. 11-48


Quantification Risk Analysis

Tools & Techniques


• Expected monetary value
– Estimate of the probability that the risk event will occur
– Estimate of the gain or loss that will be incurred if the risk event
does occur
– Risk events reflect both tangibles and intangibles

• Statistical sums – Calculation of the range of total project


costs, based on the cost estimates for individual work items.
Used to quantify the relative risk of alternative project
budgets or proposals.

Source: PMBOK Guide 2000 Version © 2002 Robbins-Gioia, Inc. 11-49


Risk Response Development

Inputs
• Opportunities (Ignore or pursue)

• Threats and risks (Ignore/accept or pursue)

Source: PMBOK Guide 2000 Version © 2002 Robbins-Gioia, Inc. 11-50


Risk Response Development

Tools & Techniques


• Procurement or contracting – Acquiring goods or
services from outside the immediate project organization
• Contingency planning – Defining action steps to be taken
if an identified risk occurs
• Alternative strategies – Risks can be prevented or
avoided by changing the planned approach
• Insurance – or Bonding

Source: PMBOK Guide 2000 Version © 2002 Robbins-Gioia, Inc. 11-51


Risk Response Development

Outputs
Risk management plan – Part of the project plan; it is used to
document the procedures that will be used to manage risk throughout
the project

• Should contain:
– Results of the risk identification and risk quantification processes
– Who is responsible for managing various areas of risk
– How the initial identification and quantification outputs will be maintained
– How contingency plans will be implemented
– How reserves will be allocated

Source: PMBOK Guide 2000 Version © 2002 Robbins-Gioia, Inc. 11-52


Risk Response Development

Outputs (cont.)
• Contingency Plans – Pre-defined action steps to be taken
if an identified risk event should occur
• Reserves (Mitigation) – Provision in the project plan to
mitigate cost and schedule risk
• Contractual agreements – May be entered into for
insurance, services, and other items, as appropriate, in
order to avoid or mitigate threats

Source: PMBOK Guide 2000 Version © 2002 Robbins-Gioia, Inc. 11-53


Risk Response Development

Classes of Contractual Documents

LOW HIGH
Seller Risk

Buyer Risk
HIGH LOW

CPPC CPFF CPIF FPI FFP

100 0 Variable Sharing Ratio 0 100

Cost Plus Cost Plus Fixed Cost Plus Fixed Price Firm Fixed Price
Percentage of Incentive Fee Incentive (FPI)
Fee (CPFF)
Costs (CPPC) (CPIF)

Spectrum of risk

Source: PMBOK Guide 2000 Version © 2002 Robbins-Gioia, Inc. 11-54


Risk Response Control

Insurable Risk
• Direct property damage – Insurance of principal assets, e.g.,
equipment, materials, property, auto
• Indirect consequential loss – Indirect loss suffered by third party,
resulting from actions by the contractor
• Legal liability – Design errors, public bodily injury, project-
performance failure
• Personnel – Bodily injury
• Wrap-up insurance – All the above integrated into one
agreement – usually provided by the owner

Source: PMBOK Guide 2000 Version © 2002 Robbins-Gioia, Inc. 11-55


Risk Response Control
Providing
Providingananapproach
approachfor
formonitoring
monitoringand
andcontrolling
controllingthe
therisk-
risk-
event
eventoccurrence,
occurrence,in
inaccordance
accordancewith
withthe
therisk
riskmanagement
management
plan
plan

Source: PMBOK Guide 2000 Version © 2002 Robbins-Gioia, Inc. 11-56


Risk Response Control
Tools
Tools
•• Work-arounds
Work-arounds
•• Additional
Additionalrisk-
risk-
response
responsedevelopment
development

Inputs
Inputs
• Risk management plan
• Risk management plan
• Actual risk events
• Actual risk events Outputs
• Additional risk identification
• Additional risk identification
Outputs
•• Corrective
Correctiveaction
action
•• Updates
UpdatestotoRMP
RMP

Source: PMBOK Guide 2000 Version © 2002 Robbins-Gioia, Inc. 11-57


Risk Response Control

Inputs
• Risk management plan (RMP)

• Actual risk events – Those events which occur and are recognized by
the PM team

• Additional risk identification

Source: PMBOK Guide 2000 Version © 2002 Robbins-Gioia, Inc. 11-58


Risk Response Control

Tools & Techniques


• Work-arounds – Unplanned responses to negative risk
events

• Additional risk-response development – If the risk event


was not anticipated, the planned response may not be
adequate, and it may be necessary to repeat the response
development process, and perhaps the risk quantification
process, as well

Source: PMBOK Guide 2000 Version © 2002 Robbins-Gioia, Inc. 11-59


Risk Response Control

Outputs
• Corrective action – Performing the planned risk response

• Updates to the RMP – As anticipated risk events occur, or fail to


occur, and as actual risk-event effects are evaluated, estimates of
probabilities and values, as well as other aspects of the risk
management plan, should be updated

Source: PMBOK Guide 2000 Version © 2002 Robbins-Gioia, Inc. 11-60


Risk Monitoring & Control

The process of keeping track of the identified risks,


monitoring residual risks and identifying new risks,
ensuring the execution of risk plans and evaluating their
effectiveness in reducing risk

Source: PMBOK Guide 2000 Version © 2002 Robbins-Gioia, Inc. 11-61


Risk Monitoring & Control
Tools
Tools
•• Project
Projectrisk
riskresponse
responseaudits
audits
•• Periodic
Periodicproject
projectrisk
riskreviews
reviews
•• Earned
Earnedvalue
valueanalysis
analysis
•• Technical
Technicalperformance
performance
measurement
measurement
•• Additional
Additionalrisk
riskresponse
responseplanning
planning
Outputs
Outputs
Inputs
Inputs
• Risk management plan
Risk management plan
•• Work-aroundplans
Work-around plans
• Risk response plan
•• Correctiveaction
action
• Risk response plan

• Project communication
Project communication
Corrective
• Additional
••
risk identification &
• Additional risk identification &
• analysis Projectchange
Project changerequests
requests
analysis
• Scope changes
• Scope changes •• Updatestotorisk
Updates riskresponse
responseplan
plan
•• Riskdatabase
Risk database
•• Updatestotorisk
Updates riskidentification
identificationchecklist
checklist

Source: PMBOK Guide 2000 Version © 2002 Robbins-Gioia, Inc. 11-62


Risk Monitoring & Control

Inputs
■ Risk management plan
■ Risk response plan
■ Project communication – work results and other project
records provide information about project performance and
risks
■ Additional risk identification and analysis – as project
performance is measured and reported, potential risks not
previously identified may surface.
■ Scope changes – often require new risk analysis and
response plans

Source: PMBOK Guide 2000 Version © 2002 Robbins-Gioia, Inc. 11-63


Tools & techniques
■ Project Risk Response Audits – risk auditors examine and
document throughout the life cycle of the project the
effectiveness of the risk response in avoiding, transferring, or
mitigating risk occurrence as well as the effectiveness of the risk
owner
■ Periodic Project Risk Reviews – should be regularly scheduled
to monitor the progress and any changes to the project
■ Earned Value Analysis – used for monitoring overall project
performance against a baseline plan.
■ If a project deviates significantly from the baseline, updated risk
identification and analysis should be performed

Source: PMBOK Guide 2000 Version © 2002 Robbins-Gioia, Inc. 11-64


Tools & Techniques (cont.)
■ Technical Performance Measurement – compares
technical accomplishments during project execution to the
project plan schedule of technical achievement
■ Additional Risk Response Planning – If a risk emerges
that was not anticipated in the risk response plan, or it
impact on objectives is greater than expected, the planned
response may not be adequate and required additional
response planning to control risk

Source: PMBOK Guide 2000 Version © 2002 Robbins-Gioia, Inc. 11-65


Outputs
■ Work-Around Plans – unplanned responses to emerging
risks that were not previously identified or accepted
■ Corrective Action – performing the contingency plan or
work-around
■ Project Change Requests – implementing contingency
plans or work-around, frequently results in a requirement
to change the project plan to respond to risks
■ Updates to Risk Response Plan – Risks that do occur
should be documented. Risks that do not occur should also
be documented and closed in the risk response plan

Source: PMBOK Guide 2000 Version © 2002 Robbins-Gioia, Inc. 11-66


Outputs (cont.)
■ Risk Database – a repository for collection, maintenance,
and analysis of data gathered and used in the risk
management processes
■ Updates to Risk Identification Checklists – will help risk
management of future projects

Source: PMBOK Guide 2000 Version © 2002 Robbins-Gioia, Inc. 11-67


Summary
■ Review Questions

Source: PMBOK Guide 2000 Version © 2002 Robbins-Gioia, Inc. 11-68

You might also like