Lecture Notes on SPM

Unit- 4
Risk Analysis and Management

What is Risk Management on Projects?

Project risk management is the process of identifying, analyzing and then responding to any risk that arises
over the life cycle of a project to help the project remain on track and meet its goal. Risk management
isn’t reactive only; it should be part of the planning process to figure out risk that might happen in the
project and how to control that risk if it in fact occurs.

A risk is anything that could potentially impact your project’s timeline, performance or budget. Risks are
potentialities, and in a project management context, if they become realities, they then become classified
as “issues” that must be addressed. So risk management, then, is the process of identifying, categorizing,
prioritizing and planning for risks before they become issues.

Risk management can mean different things on different types of projects. On large-scale projects, risk
management strategies might include extensive detailed planning for each risk to ensure mitigation
strategies are in place if issues arise. For smaller projects, risk management might mean a simple,
prioritized list of high, medium and low priority risks.

How to Manage Risk

Jason Westland, CEO, ProjectManager.com, offers his take on why you should care about project
risk. He also offers some practical measures to apply to managing risk when in the midst of your
project. To begin with, he notes, it’s crucial to start with a clear and precise definition of what your
project has been tasked to deliver. In other words, write a very detailed project charter, with your
project vision, objectives, scope and deliverables. This way risks can be identified at every stage
of the project. Then you’ll want to engage your team early in identifying any and all risks.
Devin Deen, Scrum expert and video trainer, says you can’t be afraid to get more than just your
team involved to identify and prioritize risks. “Many project managers simply email out to their
project team and ask their project team members to send them things they think might go wrong on the
project, in terms of a risk to the project,” he says in his training video on how to plot project risk. “But
what I like to do is actually get the entire project team together, some of your clients’ representatives on
the project, and perhaps some other vendors who might be integrating with your project. Get them all in
the room together and do a risk identification session.”

And if you’re not working in an organization with a clear risk management strategy in place? “Talk
openly to your boss or project sponsor about risk,” Westland writes. “You want them to be aware
of what risks are lurking in the shadows of the project. Never keep this information to yourself,
you’ll just be avoiding a problem that is sure to come up later.”

1
And with every risk you define, you’ll want to put that in your risk tracking template and begin to
prioritize the level of risk. Then create a risk management plan to capture the negative and positive
impacts to the project and what actions you will use to deal with them. You’ll want to set up regular
meetings to monitor risk while your project is ongoing. It’s also good to keep communication with
your team ongoing throughout the project. Transparency is critical so everyone knows what to be
on the lookout for during the project itself.
A risk management strategy can be defined as a software project plan or the risk management
steps. It can be organized into a separate Risk Mitigation, Monitoring and Management Plan. The
RMMM plan documents all work performed as part of risk analysis and is used by the project
manager as part of the overall project plan.
Teams do not develop a formal RMMM document. Rather, each risk is documented individually
using a risk information sheet . In most cases, the RIS is maintained using a database system, so
that creation and information entry, priority ordering, searches, and other analysis may be
accomplished easily.
Once RMMM has been documented and the project has begun, risk mitigation and monitoring
steps commence. As we have already discussed, risk mitigation is a problem avoidance activity.
Risk monitoring is a project tracking activity with three primary objectives:
(1) to assess whether predicted risks occur.
(2) to ensure that risk aversion steps defined for the risk are being properly applied; and
(3) to collect information that can be used for future risk analysis.
Effective strategy must consider three issues:
 risk avoidance
 risk monitoring
 risk management and contingency planning.Proactive approach to risk – avoidance
strategy.Develop risk mitigation plan. Develop a strategy to mitigate this risk for reducing
turnover.Meet with current staff to determine causes for turnover.Mitigate those causes
that are under our control before the project starts.
 Organize project teams so that information about each development activity is widely
dispersed.
 Define documentation standards and establish mechanisms to be sure that documents are
developed in a timely manner.Project manager monitors for likelihood of risk,Project
manager should monitor the effectiveness of risk mitigation steps.Risk management and
contingency planning assumes that mitigation efforts have failed and that the risk has
become a reality.RMMM steps incur additional project cost.
THE RMMM PLAN
Risk Mitigation, Monitoring and Management Plan (RMMM) – documents all work performed as
part of risk analysis and is used by the project manager as part of the overall project plan.RIS is
maintained using a database system, so that creation and information entry, priority ordering,

2
searches, and other analysis may be accomplished easily. Risk monitoring is a project tracking
activity.
Three primary objectives:
 assess whether predicted risks do, in fact, occur
 ensure that risk aversion steps defined for the risk are being properly applied
 collect information that can be used for future risk analysis.

What Is Risk Mitigation and How Does It Relate to Project

Management?
Risk Mitigation, within the context of a project, can be defined as a measure or set of measures
taken by a project manager to reduce or eliminate the risks associated with a project. Risks can be
of various types such as technical risks, monetary risks and scheduling-based risks. The project
manager takes complete authority of reducing the probability of occurrence of risks while
executing a project.

Mitigating Technical Risks

When delegating tasks to individuals, the technical competency of those individuals might be
overlooked. If so, it increases the chances of the project being delayed and not meeting the
deadline. Such delays can be avoided by increasing the communication frequency between the
team members and monitoring their work.

Another alternative is to divide a complex task between team members and then delegate each part
to a single individual. By reducing a complex technical task into smaller simple tasks, the
execution time may increase but the chances of missing the deadline for task completion can be
managed as the risk involved in the task is being diversified by the project manager among multiple
individuals.

Mitigating Monetary Risks

Cost-based risk factors are difficult to estimate. The experienced manager developes an intuition
about decisions so that those that will increase the costs of deploying a task can be avoided. A
safer bet used by project managers is the use of sophisticated cost estimation techniques. Some of
the techniques such as Critical Path Method (CPM)/Program Evaluation and Review Technique
(PERT) are used to oversee deployment of a task or a set of tasks and in analyzing the risks
involved. Advanced techniques such as Expected Monetary Value (EMV) provide an insight on
financial gain or loss if an event does or does not occur.

3
Mitigating Scheduling Risks
Executing the right task at the right time helps to lower the risk of not meeting the project due date.
Tasks can be assigned to individuals in two ways. The first one is to calculate the estimated
processing time of each of the tasks and executing the tasks based on the Shortest Processing Time
(SPT). The second one is to define due dates for each of the tasks and process them based on the
Earliest Due Date (EDD). A project manager is the best judge here as to which method he would
like to use in scheduling the tasks and delegating them to the individuals associated with the
execution of the project. An advanced method of decreasing the risks while scheduling work-based
tasks is by using the Monte Carlo Simulation method.

What Are Software Metrics?

A software metric is a measure of software characteristics which are quantifiable or countable.
Software metrics are important for many reasons, including measuring software performance,
planning work items, measuring productivity, and many other uses.

Within the software development process, there are many metrics that are all related to each other.
Software metrics are related to the four functions of management: Planning, Organization, Control,
or Improvement.

Benefits of Software Metrics

The goal of tracking and analyzing software metrics is to determine the quality of the current
product or process, improve that quality and predict the quality once the software development
project is complete. On a more granular level, software development managers are trying to:

 Increase return on investment (ROI)

 Identify areas of improvement
 Manage workloads
 Reduce overtime
 Reduce costs

These goals can be achieved by providing information and clarity throughout the organization
about complex software development projects. Metrics are an important component of quality
assurance, management, debugging, performance, and estimating costs, and they’re valuable for
both developers and development team leaders:

 Managers can use software metrics to identify, prioritize, track and communicate any issues
to foster better team productivity. This enables effective management and allows assessment
and prioritization of problems within software development projects. The sooner managers
can detect software problems, the easier and less-expensive the troubleshooting process.

4
 Software development teams can use software metrics to communicate the status of software
development projects, pinpoint and address issues, and monitor, improve on, and better
manage their workflow.

Software metrics offer an assessment of the impact of decisions made during software
development projects. This helps managers assess and prioritize objectives and performance goals.