PROJECT MANAGEMENT-Dize Devrim Hacioglu - Diploma Thesis

Masaryk University
Faculty of Economics and Administration

Field of Study: Business Management
PROJECT MANAGEMENT
DIPLOMA THESIS
Thesis Supervisor Author

Sylva Žáková Talpová, Ph.D. Dize Devrim Hacioglu
BRNO 2017
MASARYK UNIVERSITY
Faculty of Economics and Administration
MASTER’S THESIS DESCRIPTION

Academic year: 2016/2017
Student: Dize Devrim Hacioglu
Field of Study: Business Management (Eng.)
Title of the thesis/dissertation: Project Management
Title of the thesis in English: Project Management
Thesis objective, procedure and methods used: The goal of the thesis is to analyze particular issue within project ma-
nagement, either as a case study in a company, or qualitative or quan-
titative study among larger sample of companies, or combination of
both. Procedure and techniques used: The thesis will consist of two
parts. Theoretical part will be devoted to introduction and discussion
of concepts and methods that will be used in the practical part in order
to achieve the goal of the thesis. In the practical part, these methods
will be applied to a real MNE (case study) or qualitative/quantitative
research will be conducted. Specifically, it will focus on a particular
aspect of project management in organisations (e.g. risk manage-
ment). Student is expected to define the problem and choose ap-
propriate methods to reach the goal of the thesis, as well as to find a
suitable company to cooperate with.
Extent of graphics-related work: According to thesis supervisor’s instructions
Extent of thesis without supplements: 60 – 80 pages
Literature: SANDØY, M., T. AVEN and D. FORD. On Integrating Risk Perspectives in

Project Management. Risk Management, Vol.7, 2005, No. 4, s. 7-21.
PICH, M.T., C.H. LOCH, A DE MEYER and Arnoud de MEYER. On

Uncertainty, Ambiguity, and Complexity in Project Management. Journal
of Advanced Management Science, 2002, Vol. 48, No.8, s. 1008-1023.
ISSN 1526-5501.
MAYLOR, Harvey. Project management. 4th ed. New York: Financial

Times Prentice Hall, 2010. xxiv, 414. ISBN 9780273704324.
MARCELINO-SÁDABA, S., A. PÉREZ-EZCURDIA, A.M.E. LAZCANO

and P. VILLANUEVA. Project risk management methodology for small
firms. International Journal of Project Management, 2014, Volume 32,
Issue 2, s. 327-340. ISSN 0263-7863.
YOUNG, Trevor L. The handbook of project management : a practical guide

to effective policies, techniques and processes. Rev. 2nd ed. London:
Kogan Page, 2007. viii, 295. ISBN 9780749449841.
Thesis supervisor: Ing. Bc. Sylva Žáková Talpová, Ph.D.
Thesis supervisor’s department: Department of Corporate Economy

Thesis assignment date: 2016/04/29
The deadline for the submission of Master’s thesis and uploading it into IS can be found in the academic year calendar.
In Brno, date: 2017/05/12

I hereby declare that I worked out the Diploma work “Project Management” myself, under the
supervision of Sylva Žáková Talpová, and that I stated in it all the literary resources and other
specialist sources used according to legislation, internal regulations of Masaryk University and
internal management acts of Masaryk University and the Faculty of Economics and
Administration.
Dize Devrim Hacioglu

I would like to say thank you to my supervisor and all participants in the experimental part of the
present work. I would also like to thank my dear parents, Kutlu Tunca Hacioglu and Funda
Hacioglu and flat-mates, Denis and Stasya for supporting me throughout the duration of creating
my diploma thesis…
CONTENTS
INTRODUCTION................................................................................................................................ 1
1. PROJECT MANAGEMENT .............................................................................................................. 4
1.1 Project and Project Management ........................................................................................................... 4
1.2 Project Management Standards ............................................................................................................. 7
1.3 Fundamental Project Management Approaches .................................................................................... 9
1.4 Phases of Project Management Life Cycle ............................................................................................ 10
2. PROJECT RISK MANAGEMENT .................................................................................................... 13
2.1 Role of Project Managers on Project Risk Management ...................................................................... 14
2.2 Classification of Project Risks ................................................................................................................ 15
2.3 External Risks of Today`s World............................................................................................................ 16
2.3.1 High Economic Uncertainty in United States and Europe After 2008 Economic Crisis ..................... 17
2.3.2. Terrorism........................................................................................................................................... 20
2.3.3. Political Unexpected Events.............................................................................................................. 20
2.4 Life Cycle of Project Risk ....................................................................................................................... 21
2.4.1 Identifying Risks (Phase 1) ................................................................................................................. 23
2.4.2 Risk Analysis (Phase 2) ....................................................................................................................... 24
a) Qualitative Analysis Method ............................................................................................................. 25
b) Quantitative Analysis Method to Estimate Probability ................................................................... 27
c) Risk Prioritizing and Risk Exposure Determining .............................................................................. 28
2.4.3 Risk Response/ Contingency Planning (Phase 3) ............................................................................... 30
2.4.4 Monitoring (Tracking and Controlling) Risk (Phase 4) ....................................................................... 30
2.4.5 Risk Response (Phase 5) ..................................................................................................................... 32
2.4.6 Closure of Risk .................................................................................................................................... 32
3. AGILE ......................................................................................................................................... 34
3.1 Agile Teams ........................................................................................................................................... 41
3.2 Risks and Sprint Concept in Agile .......................................................................................................... 41
3.3 Agile Trainings ....................................................................................................................................... 44
4. METHODS TO BE USED............................................................................................................... 46
5. INTRODUCTION OF MORPHIN CO. AND PROJECTS IN THE COMPANY ........................................ 49
6. SURVEY RESULTS AND ANALYSIS ................................................................................................ 52
6.1 Agility on Project Risk Management Methods ..................................................................................... 52
6.1.1 Life Cycle of the Project Risks in the Company .................................................................................. 52
6.1.2 Flexibility of Project Life-Cycle ........................................................................................................... 56
6.1.3 Iteration Use on the Projects ............................................................................................................. 57
6.1.4 Frequency of Team Meetings ............................................................................................................ 59
6.1.5 General Team Meetings Schedule ..................................................................................................... 59
6.1.6 Training Programs .............................................................................................................................. 60
6.2 External Risks ........................................................................................................................................ 63
6.3. Summary of the Advantages and Disadvantages of Morphin CO. Brno on Project Management
Practices ...................................................................................................................................................... 67
8. RECOMMENDATIONS................................................................................................................. 69
8.1 Recommendations for First Line Managers .......................................................................................... 69
8.1.1 Mandatory Agile Educations .............................................................................................................. 69
8.1.2 Practical In-Class Education Problem on Agile ................................................................................... 70
8.1.3 Mandatory Implications ..................................................................................................................... 70
8.1.4 Motivation of Employees ................................................................................................................... 70
8.2 Recommendations to Improve the Current Project Management Practices ....................................... 71
8.2.1 Kick-Off Meetings............................................................................................................................... 71
8.2.2 Risk Analysis and Team Meeting Frequency Phase Improvements ................................................... 72
8.2.3 Improvements on Flexibility of Project Life Cycle Through Early Detection of Project Risks ............ 73
8.2.4 Improvements on Risk Responding Phase and Risk Tracking/ Monitoring ....................................... 73
8.2.5 Risk Closure Phase Improvements ..................................................................................................... 74
9. COSTS AND BENEFITS ................................................................................................................. 77
9.1 Costs ...................................................................................................................................................... 77
9.2 Benefits ................................................................................................................................................. 78
9.2.1 Benefits on the Budget Use ............................................................................................................... 78
9.2.2 Increase in Client Satisfaction ............................................................................................................ 78
9.2.3 Productivity Rise ................................................................................................................................ 79
9.2.4 Shared Fund of Knowledge through Lessons Learned on Projects .................................................... 79
CONCLUSION ................................................................................................................................. 81
BIBLIOGRAPHY ............................................................................................................................... 83
LIST OF FIGURES............................................................................................................................. 90
LIST OF GRAPHS ............................................................................................................................. 90
LIST OF DIAGRAMS......................................................................................................................... 90
LIST OF CHARTS.............................................................................................................................. 90
ABBREVIATION LIST........................................................................................................................ 91
APPENDICIES .................................................................................................................................. 92
Appendix A: HPI in US between 2000 to 2016 (Seasonally Adjusted) ........................................................ 92
Appendix B: Unemployment, Total (% of total labor force) (ILO Estimate) ............................................... 93
Appendix C: Risk Register Example 1 .......................................................................................................... 94
Appendix D: Risk Register Example 2 .......................................................................................................... 95
Appendix E: Task Board............................................................................................................................... 98
Appendix F: Sprint Backlog ......................................................................................................................... 99
Appendix G: Phases of Sprint .................................................................................................................... 100
Appendix H: Advantages and Disadvantages of PEST Analysis ................................................................. 101
Appendix I: Risk & Issue Log in Morphin CO. ............................................................................................ 102
INTRODUCTION
Imagine it’s late after midnight and your car is the only one left in the parking lot. It’s there because
you’re still in the office in the dark and a light beam reflects on your face, shoulders slumped, palm
pressed to your forehead, deep in thought. Even though it sounds like a mysterious scene from a
David Lynch12 movie, actually it summarizes the life of a project manager. Then let`s continue
with the story: You’re in the middle of a project, consumed with worry, and the fact that you’ve
barely seen your bed in the past week is one indication that things aren’t going so well. Your
project is a little bit out of control; you’re not sure you’ll make your deadline. Too many loose
ends still need to be pinned down. Moreover, your boss has expressed reservations about how
things are going. You feel isolated, the clock is ticking and you’re uncertain about what to do next.
This out-of-control project scenario plays out often in companies large and small. Halfway into a
project, risks that should have been apparent start emerging. Some typical pitfalls include e.g.
higher than expected risk, variable scope, need for status reports, inadequate planning, inadequate
administration, poor team organization, communication problem in the team, cost problem
implementing phase, countering resistance to change (Goodman, Major, Greenwood, Nokes
2008).
These pitfalls require companies to be more prepared for the risks in the projects. Even though,
companies have been trying to be more prepared for the external risks in the projects recently by
trying to improve the traditional project risk management methods that they have been using, this
change was not enough and a more radical change is needed. On the other hand, Agile as a concept
has been influencing risk management methods which makes the project managers, project
management teams and project management methods more flexible during last years. When
traditional methods focus on one variable in a system and hold the other variables constant, Agile
methods take everything into consideration as variables in the projects. Especially, sprint concept
which is based on the system of iterations throughout the project life cycle and so the project risk
management life cycle is a common concept that is used as part of Agile methodology on the
projects.
Agile methods are important because we are not living in an environment that everything is stable.
Higher instability means higher number of factors with uncertainty and higher risk in the
1
David Keith Lynch (born January 20, 1946) is an American director, screenwriter, producer, painter, musician, and
photographer. Known for his surrealist films, he has developed a unique cinematic style. The surreal and, in many
cases, violent elements contained within his films have been known to "disturb, offend or mystify" audiences.
His films aren't necessarily realistic, they are real in their representation of what life is: a confusing, irrational series
of events that have little purpose, and one makes one's own interpretation of each event, giving life one's own purpose
(Source: www.imdb.com, Lynch and Rodley, 2005)
1
companies just like everything else in life. This introduces us to the concept of risk in the
businesses and projects.
Kindler (1990) defines business risk “a course of action or inaction, taken under conditions of
uncertainty, which exposes one to possible loss in order to reach a desired outcome” and adds to
that decision makers usually have three different ways to deal with the risk: obtaining further
information; securing control of factors that may determine outcome; and reducing the impact of
any negative consequences by sharing the risk.
Motivated by the information which was mentioned here in above, the goal of my thesis is to state
that using Agile methods as part of the project risk management in Morphin CO. Brno (which is a
multi-national company subsidiary in Brno that will be introduced in detail later) would increase
of the chance of success on the projects. To be able to do that, the current fundamentals of project
management literature and Agile methods in comparison with traditional (specially Waterfall
methods) are going to be explained in the theoretical part to give provide insight to the reader about
project management, project risk management and Agile practices respectively.
My research questions and sub-research questions to be used in my work are as follow:
1) Are the risk management methods in Morphin Company Brno Agile project management
methods oriented?
2) What are the external risks in Morphin Company Brno that affected the projects recently?
3) Are the project risk management methods sufficient to prevent or minimize the effects of
external risks on the projects in Morphin Company Brno?
4) How can project risk management be improved through Agile methods in Morphin CO.
Brno?
In order to answer those questions, some research methods will be needed to collect data. Also
there are some analysis techniques will be used to analyze the data (which will be explained
later).
The thesis is going to be divided into two sections which are the theoretical and practical parts and
eight sequenced chapters. The theoretical part is going to start with definitions and explanation of
the fundamentals of project management discipline. The second chapter will explain the project
risk management by specifically focusing on different phases of it. In the next chapter, the
2
traditional Waterfall project risk management and Agile risk management methods will be
introduced and discussed with clarification of the differences between them. However, the main
focus is going to be on Agile practices.
The next step then will to clarify the methods to be used during the practical part.
After that, the practical part of the research will structure as follow: The introduction chapter will
represent introduce the Morphin CO. Brno and project management process in the company. Then
the survey results and analysis chapter will show my findings during the interviews with the 25
project managers in the company and will analyze these findings. By the knowledge that is going
to be obtained throughout the first three chapters, I am going to end up with the recommendations
and costs & benefits of the recommendations for the company subsidiary.
Key words: Agile; external risk; iteration; project; project management; project risk management;
Scrum; Sprint
3
1. PROJECT MANAGEMENT
1.1 Project and Project Management
Projects are important tasks for the both big and small companies but there is sometimes a tendency
on people to be confused about the definitions of the four important words which are used in
project management commonly: project, subproject, program and portfolio. Therefore, it is better
to define these terms and understand the difference between them.
When the project and project management are needed to be defined, we see some common
characteristics between the different definitions in different sources: there must be a goal to
achieve; the goal would be satisfying the expectations of stakeholders in general or it can be about
providing service and creating a product, they have start and end dates. For instance, a project can
be defined as a temporary endeavor with a beginning and an end and it must be used to create a
unique product, service or result and temporary means that every project has a definite beginning
and a definite end (A Guide to the Project Management Body of Knowledge, PMI,1996).
On the other hand, Weiss and Wysocki (1992) follows an explanation that defines the
characteristics of a project separately as follow:
- Complex and numerous activities

- Unique – a one-time set of events
- Finite – with a begin and end date
- Limited resources and budget
- Many people involved, usually across several functional areas in the organizations
- Sequenced activities
- Goal-oriented
- End product or service must result
Finally, IPMA Competence Baseline (2006) defines a project as a time and cost-constrained
operation to release a set of defined deliverables (the scope to fulfil the project’s objectives) up
to quality standards and requirements.
After understanding what the project is, then next step should be to define what the project
management is. According to project management is the application of knowledge, skills, tools,
and techniques to project activities in order to meet or exceed stakeholder objectives and
expectations from a project (A Guide to the Project Management Body of Knowledge, PMI , 1996).
IPMA Competence Baseline (2006) makes a more detailed project management definition and
defines it as the planning, organizing, monitoring and controlling of all aspects of a project and the
4
management and leadership of all involved to achieve the project objectives safely and within
agreed criteria for time, cost, scope and performance/quality. It is the totality of coordination and
leadership tasks, organization, techniques and measures for a project. It is crucial to optimize the
parameters of time, cost and risk with other requirements and to organize the project accordingly.
Project management supports four basic levels of projects: projects, subprojects, programs and
portfolio. Figure 1 illustrates the relationship between the portfolio, program, project and sub-
project. Program has a broader scope than projects which might be divided into sub-projects when
it is necessary. The following two topics are going to focus on the definition of these concepts.
Figure 1: An Overview of Portfolio, Program, Project and Subproject

SUB-PROJECT 1
PROJECT 1
1
SUB-PROJECT 2
PROGRAM
1 PROJECT
2
PROJECT
PORTFOLIO
3
PROJECT
1
PROGRAM
2
PROJECT
2
Portfolio is one more important concept to be defined when it comes to learn about projects. A
portfolio is a high-level view of all the projects an organization is running in order to meet the
business’s main strategic objectives. It could be every project across the entire company, a
division, or a department (Bonnie, 2015). Even though project manager Robert Buttrick (2009)
has the similar idea about the definition, he also adds that “Directing the individual project
correctly will ensure it is done right. Directing 'all the projects' successfully will ensure we are
doing the right project.” Therefore, it is possible to state that while project management is about
executing projects right, portfolio management is about executing the right projects.
5
Similarly, projects and programs are different this difference has been being either ignored or
sometimes confused. From the very beginnings of modern project management, the terms have
been used interchangeably; for example, the Manhattan Project create two completely different
atom bombs involved numerous major elements such as the construction of factories and the
operation of those plants. The Manhattan Project was by all modern definitions a full blown
program of work. This confusion in terms continues in many quarters to the current day (Weaver,
2010).
A program differs from a project in the two ways: First of all, a program achieves a strategy or
mission by some different projects and ongoing activity. Secondly, and related to the first reason,
its scope can be broadly defined or specific. Whereas, a project achieves a single set of defined
objectives, has a start and a finish, and is a tactical initiative. It would consist of different sub-
projects. Then it can be said that project, as a concept can be defined under a program (Buttrick,
2009). Similarly, Weiss and Wysocki (1992) clarifies the difference between a project and program
by pointing out the fact that a program is larger in scope and may comprise multiple projects and
supports this definition by giving an examples as follow:
- The US government had a space program that includes several projects such as the
Challenger project.
- A construction company contracts a program to build an industrial technology park with
several separate projects.
Related to the project, project management3 is the planning, organizing, monitoring, and
controlling of all aspects of the project in a continuous process to achieve its objectives.
Likewise, Weiss and Wysocki (1992) enlarges the definition of a project management through
defining it is as a method and set of techniques based on the accepted principles of management
used for planning, estimating, and controlling work activities to reach a desired end result on time,
within budget, and according to specification.
Therefore, we can see that the definition of project management is made based on the different
phases of a project.
Projects are managed by the project managers. Project manager is responsible from the
customizing the different methods of project management but should be careful about the
boundaries/ constraints of the current policy to make appropriate decisions for every single
different project.
3
Source: International Organization for Standardization Web-site (www.iso.org)
6
1.2 Project Management Standards
In the world of project management, there are several standards. The Project Management
Institute, Project Management Professional, International Project Management Association
(IPMA), and PRINCE 2 are the most influential ones. These certifications are fundamentally
different from each and moreover, they are affiliated with different accreditation boards. A serious
applicant should know the differences between each certification and must plan their next step
keeping their career goals in mind (Viergever, 2015).
The Project Management Institute (PMI) is a US nonprofit professional organization for project
management. PMI published "A Guide to the Project Management Body of Knowledge" (PMBOK
Guide) where they described a number of principles of project management. According to the PMI
this document should be seen as "a basic reference and the world's de facto standard for the project
management profession". In the Framework the Context describes the major demands set to project
management and what the prerequisites are. The PMBOK processes describe very high level the
activities for the project manager. The PMBOK also is used as the basic reference for certification
of PMP (Viergever, 2015). PMP stands for Project Management Professional and Many companies
in varied industries use PMP as a standardized requirement for project managers and the processes
and knowledge areas that are taught in preparation for the exam have been integrated into the work
that is done by the project managers in these companies. The PMP has an even more illustrious
reputation in the IT sector. The certification body for PMP is the PMI (Project Management
Institute) which is the world’s leading professional membership association for the project
management profession. Although the PMP is recognized all over the world, it is mainly seen as a
North American certification for two reasons: all the test prep material and exams are in English
and it is advantageous when working with/for North American partners. There is however, a
drawback of sorts to pursuing this certification; PMP is considered to be more knowledge-based
where there is a higher focus on theoretical knowledge than on methodology. This is also reflected
in the amount of material that an applicant is required to go through in order to prepare for this
exam (Findlay, 2016).
The International Practice Management Association (IPMA) is a membership-based

professional organization that promotes the development, professional standing and visibility of
paralegal and legal practice support management professionals. Its membership consists of
paralegal managers and other practice support managers (those who manage non-attorney fee
earners in law firms and legal departments4.
4
Source: http://www.theipma.org/about-the-ipma
7
They seek cooperation with the PMI. The certification has four level: A to D. A is the highest level
(experienced project director) and D the lowest (theoretical knowledge). Level C requires three-
year prior experience in project management as well a university degree (like PMP). Level D only
requires the University degree so there is a level of choice and flexibility. It is a competence-based
certification that is applicable to all sectors. This certification is all the more advantageous when
working with European Partners (Findlay, 2016).
To be able to certify, the IPMA described a number of knowledge areas of which a few can be
compared to the Components of PRINCE2.
PRINCE2 (an acronym for PRojects IN Controlled Environments) is a de facto process-based

method for effective project management. Used extensively by the UK Government, PRINCE2 is
also widely recognized and used in the private sector, both in the UK and internationally. The
PRINCE2 method is in the public domain, and offers non-proprietorial best practice guidance on
project management. Key features of PRINCE25:
 Focus on business justification

 Defined organization structure for the project management team
 Product-based planning approach
 Emphasis on dividing the project into manageable and controllable stages
 Flexibility that can be applied at a level appropriate to the project.
For individuals, PRINCE2 certification is an invaluable asset to their career as it increases

employment prospects and helps them do their job more effectively. This is true for any job
function. A survey6 which was made in 2016 questioned individuals in project management and
other roles, such as IT, senior management and operations. They reported that "regardless of
function, candidates do find that PRINCE2 is valuable to their career"7.
According to the same survey, 86.2% of PRINCE2 certified respondents see the value of agile,
compared to 75.6% of those without PRINCE2. While both are high, given that PRINCE2 is
sometimes stereotyped as a waterfall approach to project management it is interesting to see
PRINCE2-certified individuals generally seeing more value in working in an agile way than those
without it.
5 56
https:// https://www.prince2.com/eur/what-is-prince2
6
https://www.axelos.com/CMSPages/GetFile.aspx?guid=3c8f9353-f970-4880-9566-0edb3ea9fc78
8
Project managers can learn to integrate the flexibility and responsiveness of Agile methodologies
into the PRINCE2 framework. PRINCE2 Practitioners can achieve this with the PRINCE2 Agile
tutor-led classroom course8.
Due to these reasons, even though I use all PMBOK, IPMA, and PRINCE2 standards as sources
of my work, PRINCE2 will be more important for the chapter that I will explain Agile concept.
1.3 Fundamental Project Management Approaches
There have been different project management approaches being used on project management
discipline. Some of them are called traditional, sequential approaches and others are relatively new
approaches and get together under Agile methodology. The most popular traditional approach
which is still used by many companies is Waterfall methodology9 .
Waterfall traditional project management methods are sequential and follow a progression such as
defining, planning, managing, and closing. In the waterfall method, the gates are one-way gates.
This implies that, once a gate has been passed, the project cannot return to the work that was being
carried out prior to passing through the gate. This can make it difficult to pass through gates.” (Orr,
2004). The power of this methodology is that every step is preplanned and laid out in the proper
sequence. While this may be the simplest method to implement initially, any changes in customers’
needs or priorities will disrupt the sequence of tasks, making it very difficult to manage10.
Agile management, or agile process management, or simply agile refers to an iterative,

incremental method of managing the design and build activities of engineering, information
technology, project management and other business areas that aim to provide new product or
service development in a highly flexible and interactive manner; an example is its application in
Scrum, an original form of agile software development (Moran, 2015). In project management,
Agile techniques use iterations of defining, planning, managing, and testing throughout the life
cycle of the project until stakeholder value is achieved. Continuous collaboration is key, both
within the project team members and with project stakeholders (Orr, 2004).
I will make a more comprehensive comparison between Waterfall and Agile later in the third
chapter of my work.
9
Source: https://www.wrike.com/project-management-guide/methodologies/
9
1.4 Phases of Project Management Life Cycle
There can be different ways to separate the different phases of a project. However, there is usually
a tendency to separate it into five or six different phases. For example, Baars (2006) collocates six
different phases of a project as follows: Initiation phase, Definition phase, Design phase,
Development phase, Implementation phase, Follow-up phase (please see Figure 2).
Figure 2. Six Phases of Project Management with Their Central Themes
Source: Baars (2012)
According to Figure 2, during the initiation phase, the idea is created. Later on, what is going to
be made during the project should be defined. It has to be followed by the design phase and the
ways that will make the project come into life should be researched. After that implementation
phase should be started which content the planning od implementation and the implementation of
the project itself. Finally, follow-up phase concludes the project with the maintenance of it.
On the other hand, Weiss and Wysocki (1992) defines the phases project management life-cycle
in five groups respectively: Define, Plan, Organize, Control, Close; and twenty-five action steps
under the five main phases (please see Figure 3).
10
Figure 3. Five Phases of Project Management Life-Cycle
Source: Weiss and Wysocki (1992)
In addition to these, IPMA Competence Baseline (2006) defines three main project parts
throughout the life cycle: Initiation and start-up, Plan & control, Close-out. They consist of
different phases. Initiation and start-up contents preparation; Plan and control contents design and
execution and finally close-out has completion phases. All of these phases include starting,
planning & controlling and finishing sections (Please see Figure 4).
Figure 4: Project Life Cycle Parts and Phases
Source: IPMA Competence Baseline (2006)
11
Then all the projects should have initiation and start-up, definition and
planning/controlling/designing phases which can generally be included in planning part of the
project. Next, they should be followed by implementation part which should include the
development of implementation and implementation phase itself. Implementation phase would
consist of organizing, controlling and closing of the project.
12
2. PROJECT RISK MANAGEMENT
You step out of your office for lunch and approach the curb. Before you cross the street, you look
to the left and right. Then you proceed. This routine activity is actually an example of risk
management. While checking for traffic doesn’t guarantee you will safely reach the other side of
the street, it greatly improves your chances. However, you have one chance to use to cross the
street and it should be done in the best way possible after all. van Well-Stam and Lindenaar van
Kinderen (2004) emphasizes this chance by stating that “When managing a project, you get one
chance to get it right.”
When applying risk management principles to an upcoming project, it is critical to understand that
risk management is actually something people do every day, whether by fastening their seat belt
or checking the rear view mirror twice before they change lanes. Risk is part of life, and managing
risk is part of a reasonable life. As people delve into the intricacies of risk management, it’s
occasionally useful to return to this starting point: risk management may appear complex, but it’s
actually an element of daily routine.
Managing the risk involved in a major project, however, is an issue of an entirely different scale.
Every project has risk, but human nature tends to avoid looking at risk and to focus on goals, such
as completing the project. There is only one opportunity to get a project right, yet newspapers daily
offer many examples of overruns, setbacks, delays and even projects that grind to a halt until
problems can be solved. These reports suggest that proper risk management planning is not always
the normal course of business. Another thing is to think about in this case whether the characteristic
of the risk defined involves internal or external features.
Risk is definable in many different ways. It can be tried to defined in terms of the possibility of
bad events. Also, it can be taken as an approach of decision making by using the probability of
good and bad outcomes. (Damodaran, 2007). Similarly, risk can be defined as the chance of loss
or an unfavorable outcome associated with an action. Uncertainty is not knowing what will happen
in the future. The greater the uncertainty, the greater the risk (Crane, Gantz, Isaacs, Jose, 2013).
Related to the definition of risk, it is a necessity to obtain what the risk management is. There is a
general consensus about the definition of risk management. For instance, Douglas (2009) defines
risk management as the identification, assessment, and prioritization of risks followed by
coordinated and economical application of resources to minimize, monitor, and control the
probability and/or impact of unfortunate events or to maximize the realization of opportunities. In
a similar manner, van Well-Stam, Lindenaar and van Kinderen, (2004) emphasizes the importance
of risk management by stating that “The strength of risk management lies in being able to think
ahead about all of the things that could possibly go wrong in a project.”
13
Risks must be defined and analyzed in the project selection phase and during the project life-cycle
to be able to address changing conditions and project priorities. As new risks are identified,
strategies and plans must be developed to address them. It is needed to be developed different
strategies and plans as different kind of risks identified throughout the project (Buttrick, 2009).
Then, we can summarize the common components of risk as following:
 A risk is something that can negatively affect the project.

 A risk is tied to a future event, typically a project milestone or project phase.
 A risk must have conditions around it that can be managed.
 A risk event is when a risk occurs, or might occur.
After that, we can summarize the features of risk management as follow:
- It gives an opportunity to create an environment for proactive decision making.

- It is a structure of the iterative process of planning, tracking, and reacting to risk
- It requires actively and repetitively evaluating risks
- It puts the risks in order in terms of their importance
- In the case that risks occur, it determines and creates plans and strategies for remarking
them
2.1 Role of Project Managers on Project Risk Management
According to Newton, (2015), project managers should be careful about Familiarity with the
operation (Has the work been done before?), Skills (Does the staff have the ability to do the
work?), Resources (Are there adequate materials to complete the work?), Time (Does adequate
time exist to complete the work?), Quality (Is the team confident about the quality of work
required?), Cost (Is funding sufficient to complete the work?), History (Has the risk event
occurred before?)
Likewise, Weiss, Wysocki (1992) use a similar logic to explain roles of project managers, they
present a more detailed information and they collocate their responsibilities as follow even though
they have a simpler idea about the usage of project risk life-cycle:
 Simplification of the process for risk management

 Making the risk management as a process of the planning of project management
 Do not try to change the appetency of risk management throughout the project plan
 Identifying and analyzing risks
 Monitoring risk periodically
 Responding to risks with the appropriate solutions
14
 Reviewing and assessing risks whenever a new step of the project starts
 Being open to the reviews from the other team members
2.2 Classification of Project Risks
In project management, there is usually a tendency to classify the risks into two different parts:
external and internal risks. An understanding of the internal and external risks in project
management is necessary as part of the project plan. Generally speaking, internal risks are easier
to identify and manage while external risks are more elusive.
Also, there is a general feeling that risk management should be a part of the projects in the early
stages of the projects for both internal and external risks.
For instance, all Alquier, Cagno, Caron, Leopoulos, Ridao (2000) and Buttrick (2009) classify the
risks into two different parts as external and internal risks. When looking internally, risks to the
project may involve the financial solvency of the company, the ability for the company to have
required equipment and other resources on hand in time to support the project. Personnel issues
such as the sickness or unanticipated termination of a key team member also can be considered as
internal risks to the project (Alquier, Cagno, Caron, Leopoulos, Ridao, 2000).
Internal risks can also involve infrastructure problems such as the availability of servers, software,
and IT support as well as more elementary ingredients such as the supply of electricity to team
members. Obviously, the volatility of essential infrastructures will vary depending on the location
of the team, so it may or may not warrant consideration during the risk assessment process
(Buttrick, 2009).
External risks are outside the control of the project team and its host organization. Because of this,
external risks are generally more difficult to predict and control. Factors such as a key vendor
going bankrupt, economic upheaval, wars, crime, and other events may directly impact the
project's effectiveness (Alquier, Cagno, Caron, Leopoulos, Ridao, 2000).
Buttrick (2009) also adds that some risks may be difficult to foresee and gives some examples
related to that such as a mine in a foreign country providing essential elements for the project being
taken over by a revolutionary government. This kind of event directly threatens the project, but
often takes project managers by surprise because of a deficient analysis of external threats.
15
Also, Buttrick (2009) defines the project risk analysis and managements as a continuous process
that can be started at almost any stage in life-cycle of a project. Correlatively, Alquier, Cagno,
Caron, Leopoulos and Ridao (2000) emphasizes that the final performance of the project depends
primarily on risk analysis and management a “risk driven approach is necessary” specially during
the early phase of the project life cycle. They also state that there are two type risks on the brink
of external and internal; besides, they add that the integration between the external and internal
risks are important, as well.
2.3 External Risks of Today`s World
We are living in a global world that everything changes very fast: economies, social life and
political conditions of the countries are more volatile than ever it used to be. This volatility brings
more risks to the corporations. As a consequence of this interaction, the projects especially in the
multinational companies are affected by the risks, as well.
Then, it is also important to understand what is a multinational company at this point.
A multi-national corporation/ company (MNC) can be defined as a company which take actions
in different countries even though it is incorporated in one country (Voorhees, Seim, Coppett,
1992). In addition to that, Pitelis and Sugden (2000) states that if one of those actions to be taken
must be to own or control processes of production to be able to be a multi-national company and
explains some of the common features of these kind of companies as follow:
- Doing license buy/sell activities in the various markets of different foreign countries
- Doing export/ import activities
- Making investments in foreign countries
- Having manufacturing facilities in different foreign countries
Argote & Ingram (2000), on the other hand, emphasizes that one of the most important activities
that the multi-national companies have started to do as part and necessity of globalization is
knowledge transfer and projects that are created related to that. They define knowledge transfer as
"the process through which one unit is affected by the experience of another. They further point
out the transfer of organizational knowledge (i.e., routine or best practices) can be observed
through changes in the knowledge or performance of recipient units. It is also used to decrease the
cost by transferring knowledge and positions to the countries where the salaries relatively lower.
Then, a multi-national company is a company that take actions in foreign countries such as doing
export/import and license buy/sell activities and owns or controls production of goods and services
and take care of the knowledge transfer projects as part of the necessity of our global age.
16
As an expected consequence, taking various economic actions that mentioned in different foreign
countries brings higher volatility and higher risks for the multinational companies.
For instance, 2010 BP oil spill, which took 11 lives and caused severe environmental damage in
the Gulf of Mexico, presented all the common elements of a crisis. The spill wiped out half the
company’s public value, threatened BP’s existence, and cost the corporation billions of dollars in
claims. The severity of the accident, the loss of human lives and the slow response by corporate
executives ruined BP’s reputation11.
Then, White (2013) explains that corporate crises would take a number of forms: Some, such as
damages to Japan’s Fukushima nuclear plant following an earthquake in 201112, involve lapses in
technology. Others, such as high-profile protests from animal rights groups, entail confrontation.
The 2008 financial crisis may have been rooted in management failure. Terrorists generate crises
for malicious purposes. Organizational threats, such as sudden takeover bids, can also trigger
crises.
Related to White`s ideas about the different forms of corporate crisis, I will explain the external
effects which makes our world more volatile and more unstable.
2.3.1 High Economic Uncertainty in United States and Europe After 2008 Economic Crisis
Economic crises can be defined as economic shrinkages in countries, a decrease in the purchasing
power of public, economic indicators and harsh fluctuations that reveal themselves with increased
unemployment rate, especially in private sector and labor markets and affect negatively the
national economies in terms of macro scale and firms in terms of micro scale; so decreases the
efficient process of the market mechanism. However, it is obvious that the economic crisis that
revealed itself for the first time in the last quarter of 2007 in United States and spreads in all around
the world in 2008 has a difference from the other economic crisis in the history: it has showed us
the consequences of globalization in the financial markets clearly through how sensitive the all
economies in world are by the fluctuations in the other economies. Therefore, it would be more
reasonable to define it as “global financial crisis”.
In a world that everything has been globalizing, the risk factor has started to have a primary
importance as well. Because the most of people agree that even the best minds in Wall Street and
their best-management tools failed to see the crush coming.
11
https://www.theguardian.com/environment/2011/apr/20/deepwater-horizon-key-questions-answered
12
http://www.world-nuclear.org/information-library/safety-and-security/safety-of-plants/fukushima-accident.aspx
17
In parallel with the crush happening in the financial markets, the projects ongoing in some private
companies in the world during-after the crisis era were affected dramatically by the crisis. The
effect has caused them either to be in serious delay or has collapsed completely. The deficiencies
in the risk management-measurement methods have played an important role on these negative
events.
J.K. Galbraith (1990) tells after analyzing the speculative madness’s and following collapses in
the financial system: “Economic life is always in a transformation process.” It has to be the same
for the company policies and for risk management systems in our case. External effects on
companies and specially on the projects would create a “mad” effect and would cause them either
to be in delay or completely cancelled. When the consequences would be so harmful, the
companies should follow the natural flow of economic life which has been always in
transformation process.
There is evidence to suggest that what happened in 2008 is a pertinent example of the
transformation process of economic life. Things would be more changeable than it is predicted in
the economies and would cause unexpected effects in especially multinational companies which
are more opened to the risks in different countries and when a crisis which has global effects starts,
the risks are even more irrepressible.
After the 2008 Global Financial Crisis, risk management has been becoming more important.
Because the 2008 economic crisis can be defined as the most influential example of an external
effect which have affected the economies and projects in companies and companies themselves in
general in the world.
In this context, it is important for us to understand the causes and effects of the 2008 Global
Financial Crisis and how it has become “global”. Demir, Karabiyik, Ermisoglu, Kucuk (2008)
collects the reasons of the crisis under 6 topics:
- Deterioration of Structure of Mortgage Credits
- Incompatibility of Interest Structure
- Boom Increases in Housing Prices
- Contingency in the Funding of Securities
- Issues in the Credit Rating Process
- Expansion of Credit Derivatives Markets
Expansion of the credit derivative markets was the main reason and how the crisis has spread from
US to Europe and become global because they create non-linear systems (Hommes, Brock,
Wagener, 2009) and caused the risk factor to be risen. As later became evident, the risks inherent
18
in these new products were not fully understood by banks themselves or by the regulators and
supervisors (K Kashia, Lessons from the Financial Crisis for Risk Management, 2010).
On the other hand, the effects of the crisis would be listed as the following in the following
year:
- According to IMF statistics (2009), in the developed countries, GDP has approximately
fallen by 7% and the number was around 5% worldwide just in 13 months
- House prices have declined in US sharply which were rising dramatically since 2009 until
the crisis starts (FHFA, 2016), (Please see Appendix A).
- A significant increase was observed in global unemployment rate (World Bank, 2015,
(Please see Appendix B).
When we look at this day, the US economy is in a really good condition. In 1980, 25% of the share
in the world economy was in the United States, and now it has dropped by 17%. However,
American companies do business with overseas countries and carry America to historical summit.
For the first time in American history, the 13 most valuable companies in the world are all
American companies. Only the total market value of the top 3 companies (Apple, Google,
Microsoft) is more than the German stock market (DAX). 58 of the 100 most valuable companies
in the world are American13.
This means that although America has less economic weight than the world as a country, it is
active in half of the world economy through its companies. At least for now.
On the other hand, things do not go well in Europe, which is the other side of the scale. England
is leaving the EU, Italy has uncertainty of management and banks are sinking. Greece and Spain,
whose believer still cannot get it right, have immigration problems that Europe still cannot solve.
This would definitely would cause some problems in the subsidiaries of Morphin CO. in Europe.
Besides, It is possible for America to enter a new economic crisis in a few years. The CDOs
(mortgage funds) that led to the 2008 economic crisis were removed after the crisis. The business
of bundling riskier U.S. mortgages into bonds without government backing is gearing up for a
comeback. Just don’t call it subprime14. Leverage limits of investment firms are still not followed
and Lehman Brothers, who broke the crisis-cross, is one of them. A loss of between 3% and 5%
had a risk of causing all assets to go away15 (Billion-dollar company can be called as the sinking
of CDO and leverage in summary). These data would indicate that US is likely to repeat the 2008
13
Source: www.statista.com
14
Source: www.bloomberg.com
15
Source: http://www.telegraph.co.uk
19
crisis. However, in my view, it would take at least 5 years for it to happen and the US economy
will grow until this crisis.
2.3.2. Terrorism
Countries around the world have felt the impacts of terrorism, and its effects reverberate
throughout both national and global economies recently. Investment, consumption and tourism fall
off in the affected areas, according to several studies. Pessimistic expectations also play a large
part in all these negative economic outcomes: When investments appear risky and travel seems
unsafe, these perceptions eventually become a self-fulfilling prophecy. Researchers Dorine
Boumans and Johanna Garnitz and Professor Günther Schulze conducted a survey that explores
the question of how such perceptions evolve and that provides noteworthy insights into the
economic implications of terrorism (Boumans, Garnitz, Schulze, 2016).
Terrorists spread fear and uncertainty, thereby creating the conditions that can undermine
financial, commercial and social constructs. These findings point to a number of policy
implications: Expectations about the impact of terrorism, rather than its reality, seem to drive the
dips in foreign direct investment, consumption and economic activity. Gloomy viewpoints about
the negative domestic impacts of terrorism were widespread in countries with higher levels of
extremist violence, while greater optimism on this issue prevailed in wealthier democratic nations.
Muslim-majority countries experienced the greatest levels of pessimism in this area. Yet
respondents from nations with substantial terrorism expressed relatively more optimism about its
impact on the global economy than those from countries with less terroristic activity (Boumans,
Garnitz, Schulze, 2016).
Such economic instability is one factor that would affect the projects specially in multi-national
companies which have high number of projects ongoing between different countries.
2.3.3. Political Unexpected Events
In 2016, Brexit16 which have concluded with UK (United Kingdom) leaving EU (European Union)
and US (United States) elections which were ended up with a completely unexpected result
contrary to election polls17 have showed us that the political instability in the world is in a changing
process and companies should be more prepared for the sudden economic fluctuations.
16
Brexit: It is a word that has become used as a shorthand way of saying the UK leaving the EU - merging the words
Britain and exit to get Brexit, in a same way as a possible Greek exit from the euro was dubbed Grexit in the past
(Source: http://www.bbc.com)
17
Before election day, polling companies were showing a sustained but narrowing lead for Hillary Clinton instead
of Donald Trump (http://www.telegraph.co.uk).
20
2.4 Life Cycle of Project Risk
Once we know what the risk is, how to classify them and what risk management is, then next step
should be thinking about combining these concepts and learn how to manage them in a project.
Since project risk management is an iterative process, it must be going through the process as a
whole routinely for ensuring about the identification and addressing every single new risks. For
instance, PMBOK (1996) defines the process of project risk management which includes
conducting risk management planning, identification, analysis, responses, and monitoring and
control on a project; most of these processes are updated throughout the project. In the same vein,
Newton (2015) states that managing project risk deals with the activities involved in identifying
potential risks, assessing and analyzing them, finally monitoring them throughout the life of a
project.
Similarly, Weiss, Wysocki (1992) also state that fundamental risk management steps during a life
cycle starts with identifying the risks and continues with analyzing, planning, tracking and reacting
to risk (Please see Figure 5).
Figure 5: Fundamental Risk Management Steps During a Project
Track
Plan React
Analyze Identify
Source: Adapted from the work of Weiss, Wysocki (1992)
Figure 5 represents the steps to be followed for risk management during the project life-cycle.
However, their idea about the is slightly different than Newton about applying the process of life-
21
cycle: When a risk is solved, then the next step should be to focus on a new risk and repeat a risk
management project life cycle for every sort of risk.
IPMA Competence Baseline (2006), on the other hand, defines the phases of project risk life-cycle
as follow:
1. Identify and assess risks and opportunities.
2. Develop a risk and opportunity response plan and have it approved and communicated.
3. Update the different project plans affected by the approved risks and opportunities response
plan.
4. Assess the probability of attaining time and cost objectives, and keep doing it during the project.
5. Continuously identify new risks, reassess risks, plan responses and modify the project plan.
6. Control the risk and opportunity response plan.
7. Document lessons learnt and apply to future projects; update risk identification tools
Besides, according to IPMA Competence Baseline (2006), risk management is an ongoing process
taking place during all phases of the project life cycle, from initial idea to project close-out. At
project close-out the lessons learnt in risk management throughout the project are an important
contribution to the success of future projects.
Even though Newton, (2015) has the idea to use similar project life cycle as Weiss and Wysocki
(1992) use, he states that different projects have different sort of risks since every project has its
unique features related to the nature of the work that will be done and therefore, it is often up to
the project manager to outline these risks ahead of time and include them as part of the overall
plan of project. In order to do that, a project manager should be ready to identify the risks as a
whole first and may be dealing with all of them at the same time.
Then, we can collect the project risk management steps under five different titles:
Phase 1: Risk Identification
Phase 2: Risk Analysis
Phase 3: Planning
22
Phase 4: Monitoring (Tracking and Controlling) Risk
Phase 5. Reaction to Risk
Then, next step will be to explain these different phases one by one.
2.4.1 Identifying Risks (Phase 1)
First, risks should be searched and identified as the part of risk management process. Risk factors
are the issues, topics, or concerns that may ultimately drive the behavior of the top-level schedule
and cost performance measures for a given activity. They cause a situational factor that has been
identified as leading to a risk (van Well-Stam, Lindenaar, van Kinderen, 2004). Risks that could
be a potential loss or lead to negative consequences for the project must be determined. Also, risks
that represent opportunities that might be exploited must be detected. Identifying assumptions and
risks associated with each objective is a step toward acknowledging the project manager`s
understanding of the assumptions and risks involved with the planning and completion of the
project. There are some questions which would guide a project manager through analyzing each
objective listed as follow (Weiss, Wysocki, 1992):
1) What resources are required to realistically complete this objective? What risks are
associated with obtaining any of these resources in a timely manner?
2) What problems and delays are likely to occur in completing this objective?
3) What effect(s) will delays have on the budget and overall project schedule and plan?
4) What are the probable time, money, and personnel cost overruns to complete this project?
5) What assumptions can be made to realistically correct for delays in completing this
objective within given resources and constraints?
Different kind of inputs might be used to detect and define the risk factors and incident of events.
One of the examples which can clarify it is that the time when the WBS18 is used, every kind of
product of work must be included to identify the incident of risks and factors. It is possible to add
new inputs related to the type of project. Therefore, different institutions present different ideas
for it. I am going to state it as the combination of them. Then, the general instances of inputs are
18
A work breakdown structure is a key project deliverable that organizes the team’s work into manageable sections.
The Project Management Body of Knowledge (PMBOK) defines the work breakdown structure as a “deliverable
oriented hierarchical decomposition of the work to be executed by the project team.” The work breakdown structure
visually defines the scope into manageable chunks that a project team can understand, as each level of the
work.breakdown structure provides further definition and detail 18 (Source: Work Breakdown Structure web-site
(www.workbreakdownstructure.com/ ).
23
(ISO 31000, 2009; Committee for Oversight and Assessment of U.S. Department of Energy
Project Management, 2005):
 Contractual requirements
 Supplier contracts or customer agreements
 Project justification
 Field and marketing information
 Offerings portfolio
 Lessons learned files from previous projects
 Company objectives and plans
 Other project-related plans
 Project schedule
 Review reports
 Project plan dependencies
 Resource sourcing
 Sponsor or other stakeholder feedback, sponsor mission
Weiss and Wysocki (1992) states that as the project manager progresses through the project, some
other areas to look at are:
 Change requests
 Issue documents
 Event register/log
 Project status reports
They also point out some different techniques and tools to identify risks through using inputs from
other people. For instance, expert interviews; idea-generation techniques such as brainstorming,
affinity diagram, and nominal group technique or lessons learned from other project managers and
the “lessons learned” files from other projects are three of them.
2.4.2 Risk Analysis (Phase 2)
After the risk identification, probability and impact of each risk to determine the exposure must be
defined. Then, it could be easier to prioritize the risks to determine how the project team is going
to address each one. Norris, Perry, Simon (1992) defines Project Risk Analysis as a process which
enables the analysis and management of the risks associated with a project.
24
At many firms, risk analysis has evolved from a minor function to a major concern. Traditionally,
businesses developed techniques for analyzing their external risks. Then, during the 1990s,
practices changed and it became more common for firms to use specified internal procedures –
and audits of these procedures – to control risk (Power, 2007).
Risk analysis techniques help businesses understand and quantify risks by gathering data and you
can then use this data to decide which risk events to mitigate and it is a continual process conducted
throughout the life of the project. As the project progresses, the analysis for a risk event might
change due to changes in the environment (Power, 2007). Norris, Perry, Simon (1992) similarly,
states that the process is designed to remove or reduce the risks which threaten the achievement of
project objectives and bring to a project wider benefits as long as it is made throughout the project
Norris, Perry, Simon (1992) defines what risk analysis includes as follow:
 Evaluating: The probability of the risk incident that would occur and possible impacts
should be measured in this phase and next, the possible volume of the risk should be
determined by using the previous data.
 Prioritizing. After risk exposal determined, it should be prepared an order regarding the
possible effects of identified risks.
To be able to make a more comprehensive evaluation about a risk event, probability of the risk
occurring and the possible effect should be examined in the case that it occurs (McIsaac, 2008).
Similarly, (Norris, Perry, Simon, 1992) emphasizes the importance of risk event of probability
but also splits this stage into two ‘sub-stages’; a qualitative analysis ‘sub-stage’ that focuses
on identification and subjective assessment of risks and a quantitative analysis’ sub-stage’ that
focuses on an objective assessment of the risks.
Basically, the way of estimating probability is to try to understand that what the probability is that
this event will occur. It is possible to make the estimation through qualitative or quantitative
analysis method.
a) Qualitative Analysis Method

A qualitative analysis allows the main risk sources or factors to be identified. This technique
requires to assign different level of the possibilities to the event which would occur (Norris, Perry,
Simon, 1992). These levels are:
Low. Not likely, but not impossible. May cause delays or additional work that could be
contained within existing contingencies.
Medium. May or may not occur. Likely to cause delays or additional work resulting in
additional time, resources and workarounds.
25
High. The chance of event to occur is likely. Almost certainly will cause significant disruption
to the project or the business resulting in the need for specific controls and contingencies.
Although the easy to understand look of the terms, Norris, Perry, Simon (1992) adds to this idea
that, since the terms low, medium, and high have relative meanings, a project manager should be
ensured that the team which is involved in the process of probability is using the terms in a same
or at least similar way.
For instance, a parachute malfunction is a risk with a low probability for a person who likes to
make skydiving.
Impact is needed to be identified after the process of defining the probability for each risk event.
Norris, Perry, Simon (1992) asserts that to be able to make it so, a project manager should ask
himself the question of what the impact to the project will be in the case that it occurs. Same as
estimating probability, impact can be categorized as low, medium, or high, as follows:
 Low. The event has little potential to disrupt the schedule, increase the cost, or degrade
performance.
 Medium. The event has some potential to disrupt the schedule, increase the cost, or
degrade performance.
 High. The event is likely to seriously disrupt the schedule, increase the cost, or degrade
performance.
If go back to the example of skydiving, if the parachute does not open, the impact then in this case
will be high.
Graph 1: Probability – Impact Connection
Source: Adapted from the works of Norris, Perry and Simon, (1992) and McIsaac, (2008)
26
Graph 1 shows the probability-impact connection. The vertical axis represents impact, and the
horizontal axis represents probability. `Star` symbols illustrates a specific risk. Through changing
the place of `star` in the diagram, it is possible to observe the impact, probability and after all the
qualitative value.
b) Quantitative Analysis Method to Estimate Probability
Another approach to estimating probability and impact is a quantitative analysis. It is a beneficial

method by making the project easier to understand and especially useful in terms of serving to
highlight possibilities for risk closure Norris, Perry and Simon, (1992). Quantitative risk
assessment provides a numerical value measuring the effect expected from risks and
opportunities (IPMA Competence Baseline, 2006).
Also PMBOK (1996) defines Perform Quantitative Risk Analysis as “—the process of numerically
analyzing the effect of identified risks on overall project objectives. On the base of the results of
the Qualitative Risk Analysis, the Quantitative Risk Analysis is performed on risks that have been
prioritized and analyzes the effects of those risks events and assigns a numerical rating to those
risks.
To do this particular process, inputs are necessary. The inputs include the risk management plan,
risk register (which will be explained in risk monitoring part with details), enterprise
environmental factors, cost management plan, and organizational assets are used to produce the
project document updates (PMBOK, 1996).
The fundamental difference between Qualitative Risk Analysis and Quantitative Risk Analysis is
that the first addresses individual risks of a project, whereas the second considers the overall
project risk. The overall risk to the project is due to the combined effect of all risks and their
possible interdependencies and correlations. Overall risk applies to the project as whole, rather
than individual activities or cost items in the project19.
Another difference is that Qualitative Risk Analysis is a subjective evaluation, whereas

Quantitative Risk Analysis is more objective in terms of value or cost terms. In Qualitative Risk
Analysis, for example, the risk rating could be “S” or “M” after evaluation the individual risks.
For Quantitative Risk Analysis you establish the overall cost or time impact on the project, such
as: “$25,000.”20
19 21
Source: http://www.mpug.com
27
Moreover, it also uses modeling and simulation which is an important technique in quantitative
risk analysis. A good simulation technique used by project managers is the Monte Carlo analysis
which is calculated using the computer and analyzing different scenarios for the project schedule
to identify possible risk events (PMBOK, 1996).
c) Risk Prioritizing and Risk Exposure Determining

Williams (2004) explains that once the risks are organized, then the project manager and the team`s
next action to take should be ranking them. Prioritizing risks, on the other hand, involves deciding
whether risk events are worthy of attention. But it cannot be unnecessary to spend to time on every
single identified risk since some of them have either very low impact or probability of occurring.
Related to that, following approach is an appropriate way to prioritize risks (Williams, 2004):
 Making a ranking from highest to lowest for the identified risks before
 Separately rank risks with similar ratings.
 Communicate with the team to prioritize risks and take decisions together
Both Williams (2004) and McIsaac, (2008) states his idea about the relationship between
probability and impact by using a visual expression.
Graph 2: Risk Prioritizing
Source: Adopted form the work of Wiliams (2004) and McIsaac (2008)
28
Related to the expression, Graph 2 represents the relationship between impact and probability. The
vertical axis represents impact, and the horizontal axis represents probability. The left hand side
of the chart represents the level of impact and the bottom represents the likelihood that the risk
will occur. For instance, if the impact and probability of a risk is high, then that represents a
maximum risk and should receive top priority (McIsaac, 2008). In this matrix, the risk decreases
as you move from right to left, or top to bottom. To illustrate, in the parachute example, low
probability and high impact results in a medium risk exposure.
Then, listing risks with an order of priority would be beneficial for project manager as following:
- It would make the project manager to achieve understand the beyond risk analysis.
- It highlights the time when a project manager is using too fine a level of detail in risk
analysis.
- The process of prioritizing risks allows the project manager to develop a sense of project's
and organization's level of risk tolerance.
Risk exposure is a combination of the probability and the impact as part of risk prioritizing process
if the numerical values given. The project manager is responsible for determining the risk
exposure, using probability and impact estimates and the following matrix tool. Risk exposure has
more than one dimension, such as cost, schedule, quality, and customer satisfaction, that should
be considered and it calculated with the following formula (Boehm, 1989):
Risk Exposure(RE)= P (Probability of risk) x V (Impact of loss)
Then, for instance, if the probability of risk is 0.25 percent and the loss impact is 50.000 €, then
the RE= (0.25) (50.000 €) =12.500 €.
Even though it is so important to work as a team to prioritize risks, it is a challenging process to

proceed since it is normal that team members can usually have divergences about the impact or
probability of a risk because the risk might not have an amount of money associated with it. For
many risks, the impact and probability can be expressed only in relative terms (Williams,
2004). The solution in these kind of challenges would be to use Agile approaches instead of
traditional methods which would make the teams work more efficiently (which will be discussed
later under Agile topic).
After all of these, the next step should be to make a strategy for risk response planning.
29
2.4.3 Risk Response/ Contingency Planning (Phase 3)
Planning of risk response phase is the phase that project manager should make a decision what
might be done about the risks (Simon, Hillson, Newland, 1997). It can sometimes be defined as
risk contingency planning, as well. For instance, Ronald (2004) defines contingency plan as the
act of preparing a plan, or a series of activities, should an adverse occur. During the process of risk
response planning, some actions should be taken to keep, decrease or completely eliminate the
risks. Response contains the following Simon, Hillson, Newland, 1997):
 Name the risks owners for every risk listed

 Different risks addressing through making a choice among options
 Defining mitigation, contingency, and reserve plans
 Making comments on response planning so reviewing it
2.4.4 Monitoring (Tracking and Controlling) Risk (Phase 4)
Tracking the risks and being prepared and controlling them by the risk plan are as at least as
important as understanding and analyzing them (Murray, 1998). Gregory M. (2004) especially
emphasizes the importance of monitoring of risks by stating that in conclusion, the project manager
may have a result of adding, changing, or removing containment actions which would have straight
effects on the project. He arrays actions to be taken by the project manager and the team:
 Preparing and keep following the plan of risk management.

 Being in touch with the team and the stakeholders and presenting the plan in an
understandable way to them
 Variables that cause to have risk during project life cycle reevaluated. If there are new risks
that would occur in the future due to changes in the technology of sponsor, project,
organization, or resources, then the plan should be immediately updated with the new
information obtained.
 Project manager should determine if backup strategies should be used or if additional
actions are required to implement the strategies.
 As the project proceeds, some risks would turn into issues and become more significant.
On the other hand, some of the risks might be less significant over time. Project manager
then again should make the necessary updates.
 Maintaining current, accurate, and complete documentation, and disseminate it to the
appropriate stakeholders is really important. Documentation serves as a record of lessons
learned and actions taken, and as a means of communication. The documentation should
be made via Risk and Issue Log (Register Log).
30
A project manager documents the way to analyze and mitigate risks for the project in the plan for
risk management. It is the initial work performed to identify the risk management approach to be
used on the program and the program-specific assessment criteria and has a straight connection
with document of risk registration (Gregory M., 2004). The heart of this risk management process
is the risk register, or database, which contains information about all the identified program risks
and the actions taken to control them. People from all organizational units are actively involved in
identifying, assessing, controlling, containing and/or closing risks. Project manager should take
care of risk register document periodically to track the risks through making decision if any new
risks should be added or old risks removed. He/she also should make decision about requirements
of change about the risk response planning it is a must-have document that a project reviewer
checks for content and for evidence of updated activity (Murray, 1998).
The risk register consists of following components (Gregory M., 2004):
 Risk Priority: Project manager assigns priority rankings in the column which is created
for this component. The risk that has the potential to harm the project most has the ranking
number of 1.
 Definition of Risk: Project manager should give an identification number for every single
risk defined to be able to track them easier. Even though the priority ranking of the risks
will be changing during the project life-cycle, identification numbers are going to remain
the same.
 Description of Risk: It contains a brief but short description of the risk.
 Analysis of Risk: This is the section where the probability and possible impact of the risk
are documented.
 Plan Summary: Short description of the risk mitigation plan.
 Risk Reassessment History. This part of the documentation differs as the project proceeds
and new risks are identified or the previous rankings change.
There are different kind of information that can be used in risk register and different companies
would have different kind of templates to be used (Please see Appendix C and Appendix D).
Related to that, it is important to explain what the risk trigger is. Risk triggers are very critical for
project risk management. Risk trigger is a clue that points out the time that an action should be
taken by the project manager. In the case that risk trigger occurs, action plan should be taken.
Preventative responses tackle the causes of the risk, seeking to reduce the chance of the risk
occurring (Hillson, 1999). A start trigger is an event that would activate the contingency plan,
while a stop trigger is the criteria to resume normal operations. Both should be identified in the
Risk Register and can be embedded, example; the stop trigger can be included in the contingency
plan field (Ronald, 2004). Hillson (1999) states that if trigger conditions for a risk can be identified,
31
these can be targeted in order to make the risk less likely and gives some examples from daily life
for triggers and according to them from, action plans as follow:
 A generate should be started to use in a factory if the electricity system was not working
for more than 15 minutes
 In the case that shipment product delivery is late for a week, then it should be
communicated with the other product providers
2.4.5 Risk Response (Phase 5)
This step includes to implement the appropriate risk mitigation options and get rid of with the risk
in a necessary way according to Weiss, Wysocki (1992) and they emphasize two important points:
 When a risk comes at a point when it is about to occur and or occurs directly, then necessary
steps should be followed and it defines the reaction to risk.
 The next step then should be to close risk which is defined as reaching a final resolution
concerning a risk and make it no longer considered a significant threat to the project.
Having defined the characteristics of a good risk response, consideration can be given to the
specifics of developing such responses. It is proposed that a two-stage approach should be
followed, first defining the appropriate strategy for dealing with a particular risk, then designing
tactics to implement the chosen strategy. These are the strategies that a project manager can use to
respond to risks (Hillson, 1999):
 Risk Accepting: In this case, the project managers accepts the consequences of the risk.
 Risk Transferring: The risk is transferred to a third party partially or as a whole.
 Insurance using: If the project manager has the insurance coverage, then it can be used to
cover the cost of the risk.
 Reserve using: Use funds previously set aside for this purpose.
 Risk Mitigation: An action should be taken specifically to decrease the impact of the risk
or eliminate it.
 Contingency Planning: Project manager should create a list of actions plan to respond to
the risk in the case that it occurs.
2.4.6 Closure of Risk
The last assignment to be completed after being done with the risk management plan as follow
(Buttrick, 2009):
 Project manager should have the last comments from the project management team and be
sure to be supported by them.
32
 Project manager should be that sure all documents to be updated and if there are some
documents which are not completed yet, update them.
 Project manager should be sure that the whole planning process of risk management is clear
and understandable in the initial project review and for whole project life-cycle to the all
stakeholders that were participated in the process.
33
3. AGILE
Projects and businesses have chosen a path which have relatively rigid rules and plans that has an
unchanged flowchart between point A to B since the 1970s. After a while, managers who work on
the projects have started to notice negative aspects to follow this restrictive flowchart. The
flowchart mentioned was called “Waterfall” methodology. It is a good and fun example of the bad
consequences of this restriction with a warning in a popular culture movie quote from the same
years which the methodology has started to be used:
"The more you tighten your grip, Tarkin, the more star systems will slip
through your fingers.21”
In order to solve the issues caused by the restrictions of Waterfall practices such as not being able
to proceed in different sectors of the project, a fresh and new process to for the projects was
needed22.
There are of course some ideas that Waterfall practices are not completely useless. For instance,
Melonfire (2006) states about this by explaining that the strict rules of Waterfall methods provide
a good tracking of separated tasks in the project and follow the schedule. Besides, Highsmith
(2001) affirms that everything that a vendor plans out with a client will end up as promised, leaving
no room for surprises. On the downside, while the clients believe everything that is planned will
be transferred into the final product, the possibility of aspects getting lost in translation exists. In
addition to that, there are some moments that clients may not be sure what they expect first and
may need more time to see how the project unfolds. Therefore, it is important to understand what
the clients` needs are during the first stages of the projects.
Advantages of Waterfall methodology are as follow (Ailes, Sieverts, 2011):
- It is an established process by PMBOK

- It contents management controls
- It is good to use it for the projects which have low uncertainty
- It is easy to manage due to the rigidity of the model – each phase has specific deliverables
and a review process.
- In this model phases are processed and completed one at a time. Phases do not overlap.
- Waterfall model works well for smaller projects where requirements are very well
understood.
21
Princess Leia to Grand Moff Tarkin; Star Wars: Episode IV – A New Hope (1977), (Source: www.imdb.com)
22 16
http://www.techrepublic.com/article/understanding-the-pros-and-cons-of-the-waterfall-model-of-software-
development/
34
On the other hand, they explain the disadvantages of Waterfall methodology as follow:
- Sometimes it is more about the Process than the Product

- Keeps the customer at bay – by the time they see the end results it may be too late
- Project teams often are resistant to change
- It usually has long product development time
- Once a project is in the executing stage, it is very difficult to go back and change something
that was not well-thought out in the concept stage.
- High amounts of risk and uncertainty.
- Not a good model for complex and object-oriented projects.
- Poor model for long and ongoing projects.
- Not suitable for the projects where requirements are at a moderate to high risk of changing.
Then, they state that it should be used when the requirements are very well known, clear and fixed,
product definition is stable, there are no ambiguous requirements, ample resources with required
expertise are available freely and the project is short.
This brings the idea that even though there are negative sides of Waterfall methods, this does not
mean that the businesses should disregard the Waterfall practices as a whole. However, the idea is
that even though Waterfall methods can successfully be used in the companies today, what is
important is the fact that also those companies can be more successful than already they are.
A new methodology was started to be built on 1990s which may be an alternative to Waterfall:
Agile23. Agile as a set of behaviors and practices which is used to anticipate and deal with
obstacles that may appear at any stage of a project. Any sudden change can be made in the case
that risks of the project turn into an issue for the during the project life- via the Agile method and
do not significantly hinder the process of development24.
According to PRINCE225, Agile equips practitioners with the ability to:
 Be on time and hit deadlines

 Protect the level of quality
 Embrace and adapt to change
 Keep project teams stable
23
Source: http://www.techrepublic.com
24
Source: http://prince2agile.wiki
25
Source: https://www.axelos.com
35
 Manage stakeholder expectation so that they accept that they don’t need everything.
In writing about the Agile Manifesto’s origins, Highsmith (2001) says the group was driven by
“the need for an alternative to documentation driven, heavyweight soft-ware development
processes” —which is how the waterfall methodology was (and is) frequently characterized The
Agile Manifesto is a short philosophical summary of the group’s values regarding software
development (Beck, 2001):
- Individuals and interactions are valued more than processes and tools
- Working software is valued more than comprehensive documentation
- Customer collaboration is valued more than contract negotiation
- Responding to change when the risks turn into issues is valued more than following a plan.
-
Meyer (2015) in that point explains the relationship between the effects of increasing risks of today
and the agility through making a reference to the way of traditional methods used in the projects
and businesses as follow: Traditional organizations – those that plan for expected events, rely on
formal performance reviews, and require authorizations and sign-offs before making decisions –
face increasing risk. Those risks usually caused by external effects. Today’s business universe is
complex, ambiguous and volatile. Survival requires fast, effective responses. The agility that
business consultant and instructor Pamela Meyer26 advocates can help companies respond to
sudden change and challenges with speed and confidence. Agility turns threats into opportunities.
Meyer (2015) describes how leading organizations thrive in an unpredictable world by developing
agile individuals, agile teams and a flexible culture to be able to be more well prepared for the
external risks. She uses the example to explain the significance of making a quick decision on
unexpected events as following: Captain Chesley Sullenberger was at the helm of a jet that
suddenly lost altitude over New York City On January 15, 2009. Geese flew into both engines,
rendering them useless. During his military career, Sullenberger’s study of accidents that killed
many of his friends showed him that delayed decisions cost lives. He quickly decided that landing
on the Hudson River offered the best chance of survival for the 155 people aboard his plane.
Sullenberger demonstrated exemplary agility in the face of a sudden, unexpected event. Related to
that example, Meyer (2015) recommends that on a personal level, people should be prepared for
volatility and surprises. Otherwise, when the face the stress of performing under pressure, their
fight-or-flight response might take over. The reptilian part of their brain – the amygdala – wants
to control their reactions to stressful situations. If it succeeds, they shift into survival mode and
that impedes their thinking. Instead, they must train themselves to pause, confront the challenge
26
Pamela Meyer is an American author, certified fraud examiner, and entrepreneur. Described by Reader`s Digest
as "the nation's best known expert on lying," Meyer is the author of the 2010 book Liespotting: Proven Techniques
to Detect Deception (Source: en.wikipedia.org)
36
and use their creativity to solve it. Captain Sullenberger prepared for more than 40 years by
developing the skills, capacities and confidence he needed to respond effectively to an emergency.
She continuous his words as explaining that although the world of business and work doesn’t
require people to land planes on the Hudson, it is increasingly volatile and uncertain. Then, today,
planning and analysis aren’t enough in a crisis. People must develop the ability to respond
effectively to the unexpected. People in general and the organizations must be agile and use
incremental steps.
In conjunction with Meyer has pointed out, using incremental steps is one of the most important
parts of the agility. Woods (2010) shares the same idea with him about it and indicates that the one
advantage of Agile is that when the organizations tend to be using incremental steps of two to four
weeks leads to feedback that allows for requirements to be tested and adjusted.
The softer benefits of agility include productive, engaged workers who stay with your firm longer
and enjoy their work. Agility is not planning. Plans survive only until reality intrudes. Accepting
that people can’t predict the future or control everything related to the eternal risks through analysis
paves the way for building agility. The agility shift is the intentional development of the
competence, capacity and confidence to learn, adapt and innovate in changing contexts for
sustainable success and they lead to an increase in the quality of the works in the project teams
and so in the projects themselves (Meyer, 2015).
Regarding the idea of Meyer about the planning and quality of the projects, Woods (2010), in
addition to that emphasizes the way the quality increases in the projects when they use Agile
practices through detecting the risks and possible issues sooner since project managers will use
iterations. He makes at that point a comparison with the Waterfall methodology and how the
project managers usually can detect the risks and possible issues only in the end of each stage no
matter how they tend to do it actually in the early phases of the project.
Meyer (2015) also affirms that agility should be built and grow organizational by pursuing the
right kind of continuous learning through trainings during a project and analyzing lessons learned
after the project, which expands company knowledge and networks. Learning must drive
performance, including improved employee and customer engagement and higher profits and
offers ancillary benefits, such as building deeper internal ties and trust with co-workers. In addition
to that, he states that formal learning should blend with work to keep on-the-job and classroom
lessons relevant. “Stretch experiences” should be used and cross-functional knowledge must be
offered cross-functional knowledge. Training programs should be designed as throughout the
project. Feedback must be solicited during the meetings. Trainings should be as experimental as
37
possible and motivate learners’ bodies and minds. People should get out of their seats, take risks
and reflect on what they’re learning.
For example, retail giant Zara’s success as the world’s largest clothier owes much to its ability to
pull data from its global operations and networks. This information allows Zara to stay ahead of
trends by putting new clothing designs in its stores in as little as two weeks. Zara de-emphasizes
planning because the markets it competes in change constantly. Its agility allows it to experiment
rapidly and figure out (plan) what it needs to do on the fly, instead of a year or more in advance
(Meyer, 2015).
Ailes, Sieverts (2011) summarizes the advantages of Agile methodology are as follow:
- It has shorter development cycles

- People and interactions are emphasized rather than process and tools.
- Customer more participates in the process with its direct feedback
- Process encourages and easily adapts to change
- Improved quality because the analysis is continuous
They also explain the disadvantages of the methodology as the following:

- There is lack of established process
- It requires culture change
- There is lack of emphasis on necessary designing and documentation.
- The project can easily get taken off track if the customer representative is not clear what
final outcome that they want.
Finally, they explain in when to use it under two circumstances:

- When new changes are needed to be implemented. The freedom agile gives to change is
very important. New changes can be implemented at very little cost because of the
frequency of new increments that are produced.
- Unlike the waterfall model, in agile model very limited planning is required to get started
with the project. Agile assumes that the end users’ needs are ever changing in a dynamic
business. Changes can be discussed and features can be newly effected or removed based
on feedback. This effectively gives the customer the finished product they want or need.
All in all, we can summarize the main differences between the Waterfall and Agile methodologies
as following:
38
1) Waterfall Project Methodology uses a sequential and strict life-cycle for the projects. Life-
cycle of a project follows a horizontal progression from beginning until end the project and
the scope is defined from the beginning. On the other hand, Agile methodology based on
the idea that planning cycles have to be shorter with iterations. It does not define the scope
from the early phase of the project. In addition to that. It has an approach to separate the
project into smaller parts and keep analyzing them by iterations (Please see Figure 6).
Figure 6: Sequential and Iterative Life-Cycle of Waterfall and Agile Methodologies
According to Figure 6, life cycle of Waterfall project methodology has a sequential system. For
example, once the first phase of the project is over, there is no possibility to come back to the phase
from 2nd or any further ones. On the other hand, Agile Project Methodology provides more
flexibility throughout the project life cycle because it uses an iterative approach between the
different phases of the life-cycle.
2) The Waterfall approach relies on project documentation, such as technical specifications

to define the scope of work clearly before it is started. Waterfall is a great methodology for
ensuring that all deliverables meet expectations. The concept of Agile methodology is that
it is ongoing and is based on principles of interaction and collaboration among team
members, where tasks are executed quickly and in an adaptive manner. In other words,
there is much less advance planning, and steps are completed as the project requires. The
team focuses their efforts on small tasks that require immediate attention without pre-
planning the entire project.
39
3) The Waterfall approach is recommended for projects that must be completed within a fixed
timeframe and do not have the budget for multiple revisions or iterations. Agile method
also supports quick changes to the scope and direction of the project based on market
requirements and in the case of sudden issues, it makes the team more well prepared
Agile is a way of working based on values and principles. The first principle to begin with clarity
of outcomes and let it guide every step along the way and you must deliver value to the customer.
One of the purposes of it is to create a culture in the company. Meyer (2015) characterize five
important features that Agile organizations must have to create that culture:
1. “Relevant” – All great organizations know their mission. They assess each decision and
opportunity according to its relevance to their purpose and values. Employees whose
actions align with your firm’s purpose and values should have greater autonomy.
2. “Responsive” – Project manager and project team`s ability to answer to a situation quickly
and with high-quality ideas separates you from the competition. Agile organizations
empower staff members to act and encourage them to seize opportunities. Layers of
bureaucracy and approvals kill agility.
3. “Resilient” – Resilience means bouncing back from setbacks and adapting to new realities.
Resilient employees don’t give up in the face of adversity. They assess situations
realistically and draw on their relational webs for solutions. For example, when a fire
damaged a phone chip provider in New Mexico in 2000, two of its clients, Ericsson Mobile
and Nokia, responded quite differently. Ericsson accepted the plant’s appraisal of the
situation – that the plant would be operational within seven days. Nokia tapped into its
networks for more information, deployed experts, assessed the situation and found
alternative suppliers. Within a year, the impact on the two companies’ market share totaled
6% in favor of Nokia.
4. “Resourceful” – Resourceful people and organizations make the most of what they have.
Limits and crises spur creativity. People tap relational webs and band together. For
instance, a 2004 holiday-season strike in Canada meant UPS customers wouldn’t get their
packages on time. UPS managers from across North America flew to Toronto on short
notice. They spent two days sorting packages in a parking lot, loaded them onto trucks and
delivered them on schedule – and still made it home for Thanksgiving. Such crises build
resiliency and lead to new capacities. In late 2013, UPS responded to a different crisis by
upgrading its infrastructure and response capacities. As a direct result, it achieved a nearly
perfect on-time delivery record in 2014.
40
5. “Reflective” – Project manager should reflect on his/her actions and behaviors
continuously and take time to assess completed work, projects and tasks. The one should
ask: When the team and project manager were most agile? Why? The whole team must
learn the lessons and think about how they can learn from every encounter and action.
Therefore, the project manager must approach challenges not critically or defensively, but
opportunistically.
3.1 Agile Teams
Teams that have agility organize themselves like improvisational groups (they are self-organized
teams), building the ability to take what life throws at them, accept it no matter what and work
with the resources at hand. They see new facts and requirements as engaging challenges, no matter
how unexpected. They innovate their way to solutions – on the fly – as a project evolves. Agile
teams respect individual abilities. Team members bring and deliver their own perspectives and
accept each other’s ideas. Flexible teams dive in, assess the information they know – “the givens”
– and create solutions (Meyer, 2015).
Open minds, open communications and wide knowledge of the given facts and available resources
allow nimble teams to respond to the unexpected. Agile teams never assume they know what their
end product will be. For example, they don’t expect or want an up-front, immutable list of needs
from a client. Instead, they chunk projects into sprints, during which they develop the working
components of the end product. They invite clients into the discussion throughout and ask them to
test ongoing functionality. Agile teams experiment with and expect small failures. They welcome
change requests from clients.
3.2 Risks and Sprint Concept in Agile
A major concept behind Agile is the reduction of risk due to breaking down requirements into
fixed iterations, and then having extensive stakeholder reviews of the deliverables from those
iterations to ensure that requirements are correctly understood and implemented. Scrum27 and
Agile approaches in general are focused on early reduction of risk. The iterative approach
inherently addresses early reduction of risk in a beneficial way that most project managers will
27
Scrum is an Agile framework for completing complex projects. Scrum originally was formalized for software
development projects, but it works well for any complex, innovative scope of work (Source:
www.scrumalliance.org).
41
find effective. In order to do that, there are some practices which mainly focus on the
communication within the team.
For instance, Krishnamurthy (2014) states that everything which is done in Scrum—as well as any
other agile methods—will help the project team to identify risk at an early stage. The only tool that
the team need is their ability to listen well.
Related to that, there are some practices that would help to reduce risk in the projects through the
developed communication within the team.
The sprint is a concept under Scrum method of Agile which includes various practices under itself.
It refers to the iterations which are the regular and repeatable work cycles.
Scrum sprints used to be 30 days long Meyer (2015), but Krishnamurthy (2014) recommends to
use two-week sprints. On the other hand, Sumit, 2015) advises that if a team has trouble doing a
two-week sprint, then it can be a better idea trying a one-week sprint to see where the snags are.
At this point, it is important to mention about Task Board. Agile practices like to use the visuals
and Task Board is one of the most common forms used of these visuals. Krishnamurthy (2014)
emphasizes the importance of Task Board as it as a great place for team members to identify and
share project risks. Perry (2007) defines the way to create a task board and how to use it as follow:
A task board can be drawn on a whiteboard or even a section of wall. Using electrical tape or a dry
erase pen, the board is divided into three columns labeled "To Do", "In Progress" and "Done".
Sticky notes or index cards, one for each task the team is working on, are placed in the columns
reflecting the current status of the tasks (Please see Appendix E).
Sprints start with the meeting of sprint planning. During the meeting, the project manager and the
team discuss which stories will be moved from main tasks of the project into the Sprint Backlog28.
Project manager is responsible to determine what work the team will do, while the team retains
the autonomy to decide how the work gets done. The project manager can cancel a Sprint, which
shouldn’t happen often, and would usually occur due to a sudden change in business needs
(Krishnamurthy, 2014).
28
Sprint Backlog: The sprint backlog is one type of task board that shows list of tasks identified by the Scrum team
to be completed during the Scrum sprint. Most teams also estimate how many hours each task will take someone on
the team to complete. During the Scrum sprint, team members are expected to update the Sprint Backlog as new
information is available, but minimally once per day (Source: www.mountaingoatsoftware.com); (Please see
Appendix F).
42
Next, it is important to emphasize that meeting of stand-up is a very important concept for Agile
risk management practices since it is also main structure of sprint execution. The daily stand-up
(scrum) meeting is a meeting that the whole team meets every day at a fixed time for a quick status
update; everybody stands so that the meeting is kept short. The task board is updated frequently,
most commonly during the daily stand-up meetings, based on the team's progress since the last
update. The board is commonly "reset" at the beginning of each iteration to reflect the iteration
plan.
The daily stand-up has several goals (Sumit, 2015):

 Support improvement, not just present status.
 Reinforce the focus on the right things.
 Reinforce the sense of teamwork.
 Communicate what's going on, define the risks and possible issues.
Then, Perry (2007) summarizes the features of Task Board in three important points:
 the task board is an "information radiator" - it ensures efficient diffusion of information
relevant to the whole team
 the task board serves as a focal point for the daily meeting, keeping it focused on progress
and obstacles
 the simplicity and flexibility of the task board and its elementary materials (sticky notes,
sticky dots etc.) allow the team to represent any relevant information: colors can be used
to distinguish features from bug fixes, sticky orientation can be used to convey special
cases such as blocked tasks, sticky dots can be used to record the number of days a task
spends "In Progress"...
Once a sprint is over, Sprint Review Meeting is conducted. All the stakeholders and people who
are interested in can join that meeting. During this meeting the Project (Scrum) Team shows which
main task items they completed. It is important to notice that main tasks items that are not
completed shall not be demonstrated. Otherwise this might suggest that these items are finished,
as well. Instead incomplete items/remaining activities shall be taken back into the main tasks list,
re-estimated and completed in one of the following sprints (Sumit, 2015).
In addition to that, both (Sumit, 2015) and Krishnamurthy (2014) adds that sprint retrospective is
one of the most important meeting ways of sprint. The sprint retrospective is a meeting facilitated
43
by the Scrum Master29 at which the team discusses the just-concluded sprint and determines what
could be changed that might make the next sprint more productive. The sprint review looks at what
the team is building, whereas the retrospective looks at how they are building it.
Devendra (2014), on the other hand, summarizes what the retrospective discussions should under
three main question:
 What did go well during the sprint cycle?
 What did go wrong during the sprint cycle?
 What could we do differently to improve?
Krishnamurthy (2014) similarly recommends to use the same questions during the discussions and
also adds that it is important to keenly listen to the responses to the three questions during the event
since they can reveal hidden project issues. For instance, if the project manager consistently sees
a recurring pattern about team unhappiness or friction within the team, it is quite possible that this
could lead to attrition. Attrition is one of the major risks in the projects.
Then, we can conclude that a sprint consists of four main following and repetitive phases which
are Sprint planning Meeting, Daily Scrum, (which iterates on its own even though has connection
with the other phases) Sprint Review Meeting and Sprint Retrospective Meeting. The same process
repeats throughout the project (Please see Appendix G).
Finally, it is possible to arrive the conclusion that risk identification is everyone’s responsibility in
Agile projects including project team and also stakeholders. If the team members observe a risk at
the organizational level, they should be encouraged to speak up rather than waiting. During the
daily Scrum meeting, risks and other inhibitors may be identified. These risks are owned by the
Scrum Master and should be mitigated and managed to closure within the Scrum. Risks may also
be identified out of the concept/solution design phase that the Scrum may inherit; these risks are
also owned by the Scrum Master.
3.3 Agile Trainings
Agile training is an ideal way to level-set organization or project team on the basic concepts of
Agile and associated implementation methodologies. While a lot of people talk about using Agile,
29
 The Scrum Master is a developer and project manager who shares project management
responsibility with other project managers or program managers (Source: Devendra,
2014).
44
there are many misconceptions and misunderstandings about the distinctions between them.
Training can help expose the underlying Agile concepts and clarify the differences between the
various implementation methods (Cheng, 2014).
Meyer (2015) in that point explains the relationship between the effects of increasing risks of today
and the agility trainings through making a reference to the way of traditional methods used in the
projects and businesses as follow: Traditional organizations – those that plan for expected events,
rely on formal performance reviews, and require authorizations and sign-offs before making
decisions – face increasing risk. Those risks usually caused by external effects. Today’s business
universe is complex, ambiguous and volatile. Survival requires fast, effective responses. The
agility that business consultant and instructor Pamela Meyer advocates can help companies
respond to sudden change and challenges with speed and confidence. Agility turns threats into
opportunities. Meyer (2015) describes how leading organizations thrive in an unpredictable world
by developing agile individuals, agile teams and a flexible culture to be able to be more well
prepared for the external risks. In order to be able to that, the teams should have Agile training
exercises which are a really important part of Agility and use them to be able to more prepared for
the possible risks and issues during a project life cycle.
Cheng (2014) has a view about the trainings in terms of their benefits for the leaders. He states
that a company should always have a crisis plan for the unexpected events and it is possible to that
through Agile method trainings. It can uncover flaws in current operations and prepare team
leaders mentally for calamities.
On the other hand, Meyer (2015) again emphasizes benefits of the trainings in terms of their help
on the preparation for the external risks. She proposes the case studies which would simulate a
sudden issues and a crisis. Training exercises might include simulating a crisis – that is, using
actors and time constraints to test management decision making under pressure – and practicing
addressing the media. Lines of communications should be defined to employ during a crisis. Crisis
plan must be updated and tracked frequently. During a catastrophe, the crisis plan of the team
might not be a perfect fit, and the tam may need to improvise. Predetermined lines of
communication that allow for rapid and optimal decision making should be worked through. In
the aftermath of a crisis, the damage that led to the crisis has to be repaired and the be prepared to
pay victim compensation and work on re-establishing a positive image.
In that case, the Agile trainings can be beneficial for both the team leaders and the project team.
Simulating a crisis and working on it as a case study can be a good way of during the trainings.
45
4. METHODS TO BE USED
After theoretical part of my work is done, then the next part is going to be about representing the
practical information obtained. However, before starting to do that, I will state the methods that I
will use to illustrate my survey results and make analysis according to the findings.
Method that I will be using to answer my research questions is based on face to face interviews
with the target samples and analyzing the data.
In order to do that, face to face interviews will be used by scheduling meetings with 25 project
managers because total number of the project managers which work in the transition projects
department is 25 (5 of them are lead project managers and 20 of them are the project managers
who work under them). I will contribute to answer questions with my own experience as one of
the project managers who is currently working in the Brno subsidiary of the company.
To be able to schedule the meetings, I will use the internal meeting scheduling software in the
company. Every meeting is going to be scheduled with an hour duration. The software also allows
to attach the documents (such as Microsoft Office documents) to the invitation e-mail that will be
sent. Therefore, the questions will be sent to every project manager 2 days before the scheduled
meeting in an attached Word file.
I will take the advantage of knowing project managers there also personally and even though they
will have the questions in advance, the meetings are going to be made as face to face interviews
and will give me an opportunity ask more questions than they are on the Word file (in case it is
needed).
I find it beneficial to repeat my research questions in order to explain the questions that I am going
to ask to the project managers:
methods oriented?
46
Brno?
I will find answers to first three research questions by asking questions to the project managers.
Questions to be asked to the project managers to answer my first research question are as
follow:
1. What is the life-cycle of the project risks in Moprhin CO. Brno?
2. What are the practices applied for every different phase of project risk life-cycle?
3. Is there a flexible or strict schedule during the project life-cycle of a project?
3.1. What are the consequences of project delay?
4. Have you ever heard about the concept of iteration in a project?
4.1. If yes, how are they used in the company?
5. What is the frequency of project team meetings?
6. What is the general schedule (to do list) of project team meetings?
6.1. What are the practices that used and how they are used during a meeting?
6.2. Are there any special practices to detect the project risks and possible issues?
6.3 Do you have a special meeting in the end of a project to detect lessons learned
during the project?
7. Are there any special training programs for the project team members?
7.1 If yes, what are the practices that are applied for education of risk
management methods on the project?
Because my second research question is looking for the external risks that have affected the
projects in the company recently, I decided to use PEST Analysis as a background to the question
to be asked to the project managers there.
PEST is a strategic planning tool used to evaluate the impact political, economic, social, and
technological factors might have on a project. This helps understanding the "big picture" forces of
change that the project exposed to, and, from this, take advantage of the opportunities that they
present. It involves an organization considering the external environment before starting a
project30.
The PEST is used as an abbreviation of four words which are (Haughey, 2016):
 Political factors include areas such as tax policy, employment laws, environmental
regulation, trade restrictions and tariffs and political stability.
 Economic factors are economic growth, interest rates, exchange rates and inflation rate.
30
https://www.mindtools.com/pages/article/newTMC_09.htm
47
 Social factors often look at the cultural aspects and include health consciousness,
population growth rate, age distribution, career attitudes and emphasis on safety.
 Technological factors look at elements such as R&D activity, automation, technology
incentives and the rate of technological change.
In order to see the advantages and disadvantages of PEST Analysis, please see Appendix H.
According to that, question to be asked to the project managers to answer my second

research question is as follow:
1. Projects of Morphin CO. Brno are run with the foreign countries and it is a known
fact that these kind of projects have more external risks. Can you please explain
the external risks/issues (categorized by Political, Economic, Social,
Technological risks/issues) that has affected your projects that you have worked/
have been working on?
After that, questions to be asked to the project managers to answer my third research
question are as follow:
1. You have explained to me the methods you have been using during the life-cycle
of project risk management and also the external risk that you have face with for the
last time. Was the project that was exposed to the mentioned external risk
successfully completed?
1.1. If no (in case delay of fail), what was/were the reason(s) of it?
Next, I will summarize the problems on project risk management system in Morphin CO. Brno.
Finally, I will answer my fourth research question through my survey results and analysis
made for the previous three research and one sub-research questions and demonstrate these
ideas under the “Recommendations” part of my work.
48
5. INTRODUCTION OF MORPHIN CO. AND PROJECTS IN
THE COMPANY
Morphin CO. is a multinational technology company with operations in over 170 countries. The
origin of the company goes back to the early 20th century. Brno subsidiary of the company is going
to be used as the sample of my research.
In this practical part of my work, I would like to understand and analyze experience and knowledge
of project managers in Morphin CO. through linking it with the knowledge that was obtained
during the theoretical part of this work.
Morphin CO. Brno is working on the projects which provide support to the customers and other
subsidiaries in all around Europe, Middle East and India. Knowledge (or in other words in the
company, transition) transfer projects are the most important ones among them. These projects are
sometimes parts of the bigger projects which were usually started in different countries but not in
Czech Republic. However, the parts that project teams are working are on the knowledge transfers
that were explained.
I am working as the project manager between the sending side and the receiving side to provide
communication between stakeholders (Project Executive, Delivery, Service Integration Leader,
Sending First Line Manager, Receiving First Line Manager, Lead Project Manager, other project
team members), prepare the documentation (including preparing the documentation which is
related to planning, define the risks); (Please see Diagram 1).
Diagram 1: The Roles in the Knowledge Transfer Projects
According to Diagram 1, sending side (IMT-CUSTOMER) is represented by the Project

Executive, Delivery Project Executive, Service Integration Leader, and First Line Manager. On
the other hand, receiving side (DC) represented by the First Line (Receiving) Manager and Team
49
Leader of the first line manager. Project managers in Morphin CO. Brno are responsible to provide
communication between the sides, prepare the documentation and manage and track the projects
with the help of their team members and the lead project manager.
Diagram 2: Transfer Project Workflow
According to the Diagram 2, the project life cycle of the project starts with Planning and continues
with Execution and Controlling and finally ends with Closing (The definitions of some of the terms
on Diagram were skipped as they are not going to be used in my research).
It would be necessary to define some document names (what they stand for) and the purpose and
the way to use them at this point (See Diagram 2):
- PDR (Project Definition Report): Provides information about the scope and plan of the
project
- CBC (Cross Border Checklist): The internal web-page that defines the information about
the project such as the features of the role, the candidate, risks, financial data and most
importantly, it contents scan of the documents that are signed by the customer – which is
also called customer consent.
- Cutover Checklist: The last document that reviews the actions that were made during the
knowledge transfer projects (needs approval from the first line managers)
- DPEs are the people who are responsible for the budget of the projects and can be
participated to contribute the process of preparation the appropriate ways of risk mitigation
plan. Even though DPEs more likely focus on the budget and financial reports, they also
work directly as the representatives of Morphin CO. with the clients. However, they are
50
responsible for the budgeting of transition projects. In the case that the transition projects
are part of other big projects, there are also some people who are responsible from the
financing of the different parts of the projects.
- SIL is the person who is the right hand of DPE and helps him to proceed with the projects
Every project team consists of four project managers and one lead project manager who manages those
four managers. Also, there is a first line manager who are responsible from project team(s) (Please see
Figure 7). First line manager may be responsible for more than one project team. However, a first line
manager is not involved into the project project-life cycle directly. They are responsible for collecting
data about the completed projects, analyze them, preparing statistics and reporting them. They are also
responsible for the escalated project managers since the if there is a problem with one of the project
managers on DPE, portfolio manager or client sides, then they escalate that person to the first line
manager.
Figure 7: Hierarchy of the Team Members in Morphin CO.
FIRST LINE MANAGER
LEAD PROJECT MANAGER(S)
PROJECT MANAGERS
Finally, it is important to mention that there is a performance evaluation made every year in the
company for every employee. A year is separated into four different quarters and also I the end of
every quarter, sub-controls are made by the lead project managers to check the performance in the
team. Annual target is to have at least 40 hours of online and practical education but also finish at
least three projects in every quarter. If the project manager reaches the minimum annual target and
also make some extra work on that, he/she is awarded with White Points which can either be used
to have some free presents on an online market of the company or can be added to the salary of
the employee in the end of year. If the employee cannot fulfill the minimum requirements, then it
is impossible to have White points.
51
6. SURVEY RESULTS AND ANALYSIS
I will represent my findings according to the answers that I have obtained through the information
that I collected during the interviews with 25 project managers from five different teams.
First of all, it is important to state that the five different teams are: Nordic, DACH, UK, Italy and
Turkey project teams.
Another important point is that Italy and Turkey have two different first line managers. On the
other hand, Nordic, DACH and UK teams work under the same first line manager.
Besides, I am currently working as a project manager in Nordic Team. Therefore, I am going to

find an opportunity to include myself as one of the samples in the research.
6.1 Agility on Project Risk Management Methods
My first research question is that “Are the risk management methods in Morphin Company Brno
Agile project management methods oriented?”. I will represent my findings related to the answers
that obtained from the project managers in the company.
6.1.1 Life Cycle of the Project Risks in the Company
During the interviews all 25 participants have given the same answer about the order of project
risk life cycle (Please see Figure 8) because there is a general rule about that in the company that
all the project managers follow.
Figure 8: Project Risk Management Life-Cycle in Morphin CO. Brno
Risk Risk
Risk Analysis Risk Closure
Identification Responding
According to Figure 9, the process of project risk management starts with risk identification and
continue with risk analysis, risk mitigation planning, risk responding and risk closure respectively.
Also, another finding is that the idea in the company is to solve one risk first and after that, repeat
the process for an another possible risk.
52
Before a risk management process starts, the lead project manager divides the work between the
project managers in the team and send this information via e-mail.
My general observation is that most of the practices in the company are optional and autonomous.
Even though being autonomy is a feature of Agility, why is happening in Morphin CO. Brno this
is more likely about being too independent than other team members and do not focus on the risks
with the enough level of consideration on them.
Related to that, during the project risk life-cycle, the practices that are the project managers are
applying do not reflect enough consideration on the risks. I will go through all of them one by one.
The first step as it was mentioned before is risk identification
The risk identification is usually made separately between the project managers and once they
gather every week, they demonstrate their findings during the meetings and listen the
recommendations from the lead project manager during the meeting.
Risks are determined during a meeting call “kick-off meeting” with the receiving and sending
managers from sending and receiving sides.
The general questions that the project managers use to identify the risks are:
1) What do I need to complete this task?
2) What kind of risks/issues are probably I would face with in completing this task in a timely
manner?
3) What are the probable time to complete this project?
The problem here is that when a project is first assigned to a team, the team leader separates the
work between the team members and later on leave them independent to make this call and do no
track it except the time when the team gathers during weekly meetings. As a conclusion of that
independence, the project team members have been getting into the habit of inviting into this
meeting only the receiving and sending managers but do not invite DPEs because it is usually
really difficult reach them – but not impossible. Since DPE has control over the budget of the
projects and are in touch with the client (IMT side) straight, the questions that project managers
ask themselves to identify risks are useless specially to identify external risks. There is always a
need to have a closer communication with the DPE for tracking the budget use and events
happening in the country that client is running into the business in the volatile and fluctuating
environment in Europe (which will be analyzed with details in the section of external risks
analysis).
53
Also, all of the project managers told me that they do not use any special visuals during the
meetings such as Task Board which is a board used as part of daily stand-up meetings to see tasks
to do, the ones that in progress, the ones that are done and identify and share the project risks.
Then the next part is risk analysis. My finding is that the analysis part again would be made with
the help of lead project manager. Even though it is a really important part of the project risk
management life-cycle, unfortunately, it is optional the decide way to analyze it for the project
manager. Although being optional, the general attitude of the project managers is to present them
in the weekly meetings to the lead project manager and ask for recommendations. This is a really
weak way to evaluate the risks. There is a need of more effective system.
Managers in the company are using a qualitative analysis method. In the Risk & Issue Log file
(which will be explained later with more details), they prioritize risks in terms of probability and
impact by using L, M, and H symbols which stand for Low, Medium and High. It is a good way
to analyze risks but because there is a problem with the evaluation of the risks as it was explained,
also this would cause a risk about prioritizing them.
The next phase of the cycle is risk responding. My finding is that this phase differs depending
on the nature of the risk and this nature depends on one basic question: Who is the owner of the
risk? Related to this question, this phase also covers the risk mitigation planning because all the
25 project managers have mentioned about their contingency plans as part of this phase. The risk
responding is made through scheduling a meeting with the person who owns the risk and other
stakeholders of the project. Besides, this is the phase in which the project managers feel the
confused the most since all 25 project managers complained about the number of the stakeholders
on projects in Morphin CO. The number of the stakeholders which are included in the all projects
are:
1) The project manager himself/herself
2) The lead project manager
3) The receiving manager
4) The sending manager
5) DPE (Delivery Project Executive)
6) SIL (Service Integration Leader)
7) Compliance Team (which check the correctness of the documentation)
8) DOU Creation Team (which is responsible for the creation of Document of Understanding
which contents the all the legal documents in an internal virtual system and the system is
owned by DPE)
54
If a risk owner among these people can be detected, then the project managers get in touch with
the responsible person, decide what are needs of the solution such as the lack of documentation,
customer consent need in CBC tool or a procedural approval from one of the stakeholders.
However, there is again an issue with the communication with the stakeholders and the project
managers complain about the high number of the them. In such a case, it is difficult to detect “Who
is the owner of the risk?”. To illustrate, what if the risk is caused from an external effect? There
can be a problem of the agreement with the client. In this case, the client and DPE must be the
owner of the risk but because project managers choose to work independently and it is optional for
them to respond to the risk with the team as a whole (including the lead project manager), it is very
unlikely that to detect the person who owns the risk, get in touch with him/ her find the true
response for the risk. Then, since it is difficult to decide about the owner of the risk during this
phase, there are negative consequences would occur such as delay in the projects or even
cancellation of them.
Another finding of mine is that it is easier to reach to SIL who is directly in touch with DPE. Only
4 project managers have mentioned that they invite him/her to the meetings to detect project risks
and have more information about the project itself. I believe that this optionality is again cause by
the too much flexibility during the project risk life cycle and could not be detected by the lead
project managers to be used by the team.
My another interpretation at this point is that since the problems exist in the previous phases of
project risk management life-cycle, DPEs tend to less and less communicate with the project
managers.
Risk Closure is the final part of the project risk life-cycle. Although it has some positive
aspects, risk closure phase also contents some problems. Let`s start with the positive sides of the
phase: First, all the project managers go through the documentation of the projects and check if all
the necessary updates are made. Next, they send an e-mail about the consequences of risks defined
and affected the project before and thank them for all the support. It is a behavior that would leave
positive impression on the stakeholders.
However, this phase skips the most important point: lessons learned about the project.
Unfortunately, this is the point in the company which is taken into consideration the least. Lessons
learned part of this phase is completely optional and there is no specific rule. When a project is
closed, it is optional for lead project manager to have a “lessons learned” session with the whole
team. Except the French team (only 5 people), there is no other team that focus on the lessons
learned sessions after a project is closed. The whole other four team members have told that they
do not have lessons learned sessions. Instead, a web-based internal tool provide the project
55
managers to share experiences during a project but it is optional and other project team members
(including lead project manager) cannot read it. In this case, at least, if it was possible for
everybody to read those experiences (for example French Team`s experiences since they take the
lessons learned sessions into consideration), it would have made contribution to the other project
managers to manage the project risks – e.g. when they work on the risk response phase.
Also, if there is no proper system of lessons learned in the team, then it cannot be possible for
project managers to answer the questions during the previous phases of the project life-cycle.
6.1.2 Flexibility of Project Life-Cycle
When it comes to the flexibility and strictness of project life cycle, a significant amount of the
project managers in the company complained about the strictness of the project life cycle (Please
see Chart 1 on p. 57). They also mentioned that there are Portfolio Managers in Poland who is
responsible to track the closure of the projects in time and this time is 90 days (it is possible to ask
for extension in case the team asks for it within the first 10 days of the project). There are four
quarters in the company throughout year (four different three month periods) and because at the
end of every quarter there is a performance evaluation of project manager and also the portfolio
managers who are responsible to monitor the progression of the projects, they specially make
portfolio managers to push project managers to finish all the project in 90 days. In the case that
the project is in delay, the project manager (and the team) is immediately escalated without
questioning to the related first line manager. Therefore, they usually define one of the project risks
as the possible delay in the project because 90 days are usually not enough.
On the other hand, I also learnt that every project manager in the company is working on
approximately on 10 projects and it repeats after every three months (4 quarters in year x 10
projects per 3 months = 40 projects per year).
According to the Chart 1, only 16% of the project managers reported that they find the project life-
cycle flexible enough. On the other side, 8% of the project managers stated that it is neither strict
nor flexible, 12% said that it should be less strict and after all, 64% of them affirmed that they find
it strict.
The sequential flow of the life-cycle must be strictly followed by the project managers and the
project manager can be easily exposed to the escalation process. Even though this is made to
increase the quality of the service for the client through increasing the efficiency of work, this kind
of strictness can easily make the project managers to be stressed out with a level that would make
their productivity to decrease which is the exact revers consequence of the purpose of this process.
56
Chart 1: Flexibility and Strictness of Project Life-Cycle
Flexible
16%
Normal
(Neither strict nor Strict
flexible)
8%
It should be less strict It should be less strict
12% Strict
64% Normal
(Neither strict nor flexible)
Flexible
My personal experience in the company is that because of the high stress level, people who work
in project management department decide to change the department that they work for in the
company and this causes two important issues:
1) The high fluctuation in the teams and the team performance because of the change of the
team members
2) Because it takes at least two months for a new project team member to adapt into the job
and the environment, the previous work left from the former employee cannot be finished
on time and this causes projects to be eroded
6.1.3 Iteration Use on the Projects
The next step was to ask about the project managers` familiarity about the concept of iterations in
the projects. The finding shows that the proportion of the people who are familiar and not familiar
with the concept in the project management are closed to each other (Please see Chart 2).
57
Chart 2: Iteration Concept Familiarity and Usage of Project Mangers
I know
I have never and I use it in my projects
I know
heard about the
and I use it in my
concept
projects
16%
24%
I have only general
I do not have knowledge and I try to use
enough information as it in my projects
I can use it in my I have only general
projects knowledge and I try to
32% use it in my projects
I do not have
28% enough information as I
can use it in my projects
I have never
heard about the concept
Chart 2 indicates that 24% of the interviewees stated that they know the iteration concept and
currently use it in their projects and 28% if them explained that they have only general knowledge
about the concept and they try to use it in their projects.
On the other hand, 32% of the interviewees expressed that they do not have enough information
about the iteration concept as they can use it in their projects and finally 16% of them said that
they have never heard about iteration.
Then, the next step was to ask about the way of iterations use in the projects (if they use them) to
the project managers. Only 6 of them (the ones who answered the question as they know the
concept and use it their projects) could have answered this question and said that there is no
specific usage because it is not officially used in the company.
58
6.1.4 Frequency of Team Meetings
During the interviews with the project managers, 21 of them have answered me that they have
meetings with the team every week and 4 of them have answered me that there is no special pattern
to have team meetings.
6.1.5 General Team Meetings Schedule
I have found out that the general schedule that is followed during the team meetings is about talking
the issues and possible solutions between the project team and project team leader(s).
First of all, the lead project manager (team leader) asks the general overview of the previous week
and if the cases from the previous week are solved or not. However, some of them do not ask about
the previous cases. For instance, 17 of the project managers said that the team leader does not
record the issues during the meetings and does not find it necessary to repeat them again in the
next week unless the person who is the owner of issue repeats about the issue and the progress
about it.
Then, the lead project manager asks if there are some new issues related to the projects and in case
there are, then he/she asks what they are. 8 project managers said that the issues are saved on a
paper and later on, filled on an excel file. However, as it was mentioned before, this saving process
is not mandatory (there is no control mechanism if they apply it or not) and depends on the decision
of the lead project manager so rest of the 15 (12 project managers and 3 lead project manager) do
not save the records.
The following step is that the lead project manager makes suggestions about how to solve the
issues and if he/she had a similar case in the past, then he/she talks about that case and the way it
was solved and its effect on the project.
Finally, if the project managers are assigned to the new projects or the whole team is assigned to
a new project, the lead project managers asks the project managers predicts any possible risks
related those project(s) and remind them to save mentioned risks (and the issues mentioned during
the meeting) in the file called ‘’Risk & Issue Log’’ In case a risk turns into an issue, then it must
be registered in Issue Log in the same file with Risk Log. In case a serious change on one of the
parts of the project is needed, then ‘’Change Log’’ in the same file is used (Please see Appendix
I).
59
However, during the interviews, all the five lead project managers told that they are open for the
new ideas and discussions which can improve the quality of the meetings.
According to these findings, there are various actions tried to be make in one meeting every week
in Morphin CO. Brno which makes the team drifts away from the efficiency but basically the
meetings are based on talking about the issues and possible solutions between the project team and
project team leader which is actually just a small amount of work in comparison with all the actions
that are needed to be taken according to Agile methodology.
The main problem about the meetings the lead project managers usually focus on the new issues
and solutions of them. The rest of them avoid the previous cases (in case the team members are
not still trying to solve them and utter about them again). When new issues occur, new solutions
and alternatives are discussed but since every new week brings new issues to the project manager,
they are overloaded as time passes.
Besides, the positive side of Risk – Issue & Change log tracker is that it includes all the necessary
sections a project manager can ever need to track the risk & issues. It can provide really detailed
analysis and tracking of the risks & issues and this file can even be used for the future events as
part of “lessons learned” process. However, due to the problems that occur before this file is started
to be used about project risk management process, it is very difficult to use it effectively and
efficiently.
Finally, this and previous results about team meetings indicate that there is only one type of
meeting which do not have a general schedule with a wide scope and are general made every week.
On the other hand, it is a positive fact that lead project managers are open for new ideas to improve
the process.
6.1.6 Training Programs
All of the respondents said that training programs in the company for the project managers and
some of them are even mandatory. The training programs in the company is the one which is the
most similar to the idea of Agility. There is one international tool that contents all the educations
which are available for all the employees in the world. Morphin CO. really wants to make its
employees to extend their knowledge especially through the intensive practical courses.
During the interviews, I have observed that the project managers are generally pleased with the
educations that company has provided. They can even have some online educations which are
60
completely out of their scope. Some of the educations are paid and some of them are non-paid but
all of them have international validity.
There are various online educations based on the interest of the employees. Internal online
educations on project management in the company are named with different terms such as PM -
Red100 or PM - Green10 and so on.
PM – Red100 is the first mandatory course that all project managers have to take and covers the
fundamentals of project management through giving general knowledge about everything. It takes
18 hours to complete the course.
Related to that, PM – Green10 is a three-day course which test the theoretical knowledge that the
project managers have received during PM – Red100 with practical group works. During the
course, the lecturer gives different case studies to the project managers who should form a group
in the beginning of the course and also gives usually 30 to 60 minutes them to solve it. The case
studies cover all the topics of a project during the project life-cycle.
The lecturers sometimes come from United Kingdom and United States for the practical education
and they give these lectures in all around the world in different branches of Morphin CO.
The logic in the other parts of the education is the same when it comes to the risk management in
the projects. However, there is a difference: It is asked to the participants to detect project risks as
much as they can in the early phases of the project and track them throughout the project life-cycle.
Therefore, for example, it is possible to finish the planning phase of the project once and the
participants do not need to go back to check it again but the risks and issues have to be monitored
and controlled until the project is closed as part of the case study. The way that they carry out to
fill the Risk & Issue Log is especially important for the lecturer and periodically controlled.
However, as it was explained before, because of the inadequate applications made in the company
during the real projects, the greatness of these educations unfortunately lose its meaning. In other
words, there is a gap between the high quality of the trainings/educations and the way the project
teams work on the real projects.
Also, there are some other online courses, as well as it was mentioned before and I found out that
there are four online Agile courses among them. But these educations are not mandatory.
Therefore, there is not a training program which contents practical information for Agile, either.
61
Besides, another activity that is run as part of trainings in Morphin CO. is the Work-shops which
are made every 2-3 months. Even though the allocated time for these meetings is around 3-4 hours,
it usually ends approximately in 2 hours. Positive side of these meetings is that all first line
managers, lead project managers under them and the project managers join them. It would be a
great opportunity for people from different teams to share different ideas and experiences that they
have been passing through on the projects. Regrettably, it does not work in that way and that great
opportunity is missed. Instead, the first line managers lead the teams and the project managers to
learn about the new processes and if there is a process that is just commonly used in the teams but
would be beneficial for them to know about, they focus on that topic. For instance, one of them
was escalation process of the stakeholders in case it is needed in one of the work-shops that I have
participated by myself.
All the participants have explained the same case to me during interviews, as well. Therefore, it is
possible to say that the work-shops more likely focus on the detailed information that first line
managers think the team does not information enough knowledge about or the changed procedures
in the company which would affect the future events.
All in all, the answer of my first research question is that the agility of the project risk
management methods in Morphin CO. Brno is low and they are more similar to the
traditional Waterfall practices for following reasons:
1) The project risk management life cycle starts with risk identification and continue with risk
analysis, risk mitigation planning, risk responding and risk closure respectively and has a
sequential order as in Waterfall methodology.
2) Practices applied during the different phases of the life cycle have no agility. They are not based
on Waterfall practices based, either. The central problem is that there is a lack of communication
between the team members and both leader project manager and the project managers have too
much autonomy which has caused by the fact that most of the practices that can be really important
to apply are optional. This problem reflects to the communication between the team members and
the stakeholders, as well.
3) There is a really strict project life cycle and in case of any delay of project delay, the project
managers can easily be escalated which create a big pressure on them.
4) Only a really small portion of the project managers are familiar with the iteration concept and
try to use it at the same time. There is no official way to use the concept.
5) Team meetings are made on weekly basis in general. There is only one type of meeting.
6) The general schedule that is followed during the team meetings is about talking the issues and
possible solutions between the project team and project team leader. Also, all the actions to be
taken during the meeting depends on the lead project manager. However, the project team leaders
62
cannot take the advantage of optionality and risk/ issue detection and most importantly solution of
them cannot be made properly and this causes team meeting scope to be too narrow.
7) There are well quality training opportunities (mandatory and optional ones) exist and they are
available to all the employees of the company in the world but the knowledge obtained during the
trainings are not applied to the real projects.
All of these reasons proves that the current practices do not give adequately successful results for
project risk management in Morphin CO. Brno and some changes on these practices are needed.
6.2 External Risks
My second research question is that “What are the external risks Morphin Company Brno have
been facing with on the projects with recently?” and related to that my third research question is
that “Are the project risk management methods sufficient to prevent or minimize the effects of
As it was mentioned before, there is a high economic and political uncertainty in Europe after the
unexpected incidents have happened. Even the future of the strongest economies is in danger. In a
global world, every event happening on one part of the world is in interaction with the other one
happening on the other side. This interaction impacts the multi-national companies even more who
process projects with the interaction of different stakeholders from different countries. It obliges
those multi-national companies to be more strictly prepared for the future.
External events have affected the projects in Morphin CO. dramatically as a conclusion of this
mentioned interaction structure: During the interviews with the project managers, only 46% of the
issues were caused from the internal issues and 54% of the issues were caused from the external
events which is a really high rate.
Related to that, I found out that the external risks differ depending on the countries that the teams
are working with. For instance, on the one hand teams who work with Nordic Countries, UK, and
Turkey (15 people) have explained that they have been dealing with really serious external risks
and issues recently, but on the other hand the teams who have projects with France and DACH
countries have stated they have been dealing only with the internal risks during the project life-
cycle and they do not have serious effects on the projects such as project delay or project erosion.
63
Also, another finding is that the external events that have affected the projects recently (during last
three years) were Brexit, oil crisis in Norway31, and increasing terror attacks in Turkey32. These
events were unexpected and have influenced the countries economically, socially and politically.
Chart 3: The External Events that Have Affected the Projects the Most and Internal Risks &
Issues in Morphin CO. Brno (in Last Three Years)
Economic Crisis
18%
Internal Issues Economic Crisis
46% Brexit
18% Brexit
Terrorist Attacks
Terrorist Attacks
18% Internal Issues
Chart 3 illustrates that external events causes risks and issues on the projects slightly more than
the internal issues during last three years. The total proportion of the external events which have
affected the projects during last year is 54% in Morphin CO. Brno. In addition to that, Chart 3
represents that there are three main events which have affected the projects in last three years
which are economic crisis, Brexit and terrorist attacks. All three events have affected three
different teams (Nordic, UK, and Turkey) as it was mentioned before and have equal proportions
in terms of their effects.
31
Norway is western Europe’s biggest crude exporting nation and with oil dropping below $30 a barrel, was
considerably worse off in 2016 than they were in global economic crisis in 2008 (Source: www.bloomberg.com).
32
There were 33 terrorist attacks made during 2015-2016 in Turkey and 461 people have lost their lives. The
increasing safety problems and political instability in the country recently caused it also to have financial instability.
Consequently, the private investment has been going out of Turkey through multi-national companies` decisions of
leaving the country32. Morphin CO. has closed one of its subsidiaries there and as a conclusion of that so the projects
that were ongoing between there and all other subsidiaries were cancelled. (Source: http://www.diken.com.tr/).
64
According to the survey results, the external risks which have affected the projects in Morphin
CO. Brno were mainly originated from economic, political, and social problems in the related
countries. Brexit was one of the most important political events of 2016 and economic crisis in
Norway has affected the companies in the country at different levels. Besides, terrorism has mainly
political and social aspects even though it also has economic effects.
Next, I will explain the external effects with a more detailed analysis.
The first external effect was the oil crisis in Norway and its reflection on the budget of the project.
It has of course affected the Nordic project team. Economic slowdown arising out of oil crisis in
Norway which have started in 2014 have caused a budget problem on a big project between
Morphin CO. Brno and one of its clients (the main client is in Norway and its subsidiary is in
India) and this has caused project to be stopped over at first in August 2016, later on, because the
transfers with Skill for Value has a time limitation of three months to be completed (six months in
special cases and this was one of the special cases), it was eroded in December 1, 2016.
The central reason was that DPE of the project has already defined one the project risks as possible
budget problem but because he has not participated any of the meetings with the project team
except the one in the beginning of the project and also the project team has not chased him to be
participated in the projects, it has caused nobody else but DPE to know about the possible budget
problem. Yet, as it was mentioned before, the oil crisis and its effects on the client have been being
known since 2014 when the crisis first started but it was not taken into consideration when this big
project started (It would be important to emphasize that this was not the only reason of the
cancellation of the projects. There were some other reasons which were not caused by the activities
in Morphin CO. Brno but the reason explained above was one of the influential ones).
Because I have been working in Nordic project team for a year, I have actually witnessed three
times that DPE of the projects from Norway have complained about the problems with clients who
have cut the budget for the projects during 2016. The total budget needed for the project was
18.000 € ≈ 482465.61. There was a time that the whole team members also actually noticed that
the risk for the budget was always there: the time that the project was cancelled and eroded. In
other words, when it was too late.
The second external effect that has the project managers has clarified was Brexit and its effect on
the bureaucratic processes through the issues occurred on documentation. I think that the foremost
feature difference of Brexit than an economic crisis is that an economic crisis is an event that
affects the country as time passes by but a political happening like Brexit was a sudden
unpredictable event which showed its effects immediately. Before the voting, significant amount
65
of the polls has illustrated that the UK society has wanted to stay in EU but they have failed just
like what happened in US elections on November 8, 201633 34. In general, UK companies were
unprepared for this event, as well35.
My finding is that in order to be compliant, the documentation of the projects is one of the most
important phases of a project and all of the project managers who are working in Morphin CO.
Brno are responsible with the documentation phase of the projects. In conjunction with that, there
are special agreements such as signed customer consent and confidential documents kept uploaded
in a tool which is called CBC (Cross Border Checklist). When Brexit happened, it caused an
uncertainty about those confidential document`s validity and this caused projects to be stopped
over. The uncertainty took six months and during this time, 32 transition projects with UK were
eroded. These projects were part of a bigger project that was ongoing between Morphin CO. and
one of its clients in UK. The total cost of the main project was 135.000 £ ≈ 4265630 CZK.
There is actually an option in CBC which could have prevented this uncertainty at least for the
ongoing projects during that time: a signed document with the clients which would prevent new
bureaucratic processes to effect the cases in the past but any of the project managers did not take
it take into consideration to be used.
Thusly, despite the unpredictability of this event which have affected the projects and even caused
them to be failed, the risk that was risen through it could have been solved only by increasing
communication first, between the project team members and second, between all the stakeholders
(which will be explained with more details under the “Recommendations” topic).
The reasons of this failures can be explained with the same reasons which caused the issues during
the project risk management life cycle in Moprhin CO. Brno: Sequential progress during the
project risk life-cycle and no iterations use and then no going back to the previous risks & issues;
lack of communication between the team members and too much autonomy; lack of information
that would be obtained from the stakeholders which can help to identify the high level risks in the
early phase of the projects and problems about tracking the risks & issues due to the deficiency on
risk identification and later on risk analysis (Similar to the case in project with Norway before, it
is important to explain that this problem was not the only reason that the project was cancelled
completely but had an effect on the project to be cancelled).
33
https://www.bloomberg.com/politics/articles/2016-11-09/failed-polls-in-2016-call-into-question-a-profession-s-
precepts
34
http://www.bbc.com/news/election/us2016
35
https://www.ft.com/content/7b99abfe-fffe-11e5-ac98-3c15a1aa2e62
66
The third one is increasing number of terrorist attacks in Turkey. In my view, there cannot be any
way to be prepared for such events.
Then, answer of my second research question is that external risks which have affected the
projects in Morphin CO. Brno recently are Norway economic crisis, Brexit, and terrorist
attacks in Turkey.
Related to that, the answer of my third research question is that the project risk management
methods are not sufficient to prevent or minimize the effects of external risks on the projects
in Morphin Company Brno because the projects which were exposed to the effect of the external
risks were cancelled but there were possibilities to prevent the cancellation of the projects which
were run with Norway and UK.
6.3. Summary of the Advantages and Disadvantages of Morphin CO. Brno on

Project Management Practices
After completing my survey results and analysis, according to the information that I obtained, I
would like to illustrate the advantages and disadvantages of Morphin CO. Brno on project
management and related to that, project risk management.
Figure 9: Advantages and Disadvantages of Morphin CO. Brno on Project Management
Figure 9 represents the summary of the survey results and analysis by categorizing them as
advantages and disadvantages. Positive aspects are listed in the advantages section. On the other
hand, negative aspects are listed in the disadvantages section. The advantages of the company are
based on the high quality education offered to the employees all around the world, the openness
of the first line managers and leader of project managers to improve the processes on projects, and
possibility to find ways to suppress the difference between the high quality education trainings and
67
the execution of the projects. However, there are also eight disadvantages listed in the company
which were explained as the reasons of the low agility level and the fact that external risks can
affect the projects in Morphin CO. Brno because first of all, it is an international company and
usually international projects are ongoing there and the other reason is that current weaknesses
make the company less vulnerable against them.
68
8. RECOMMENDATIONS
My fourth research question is that how can project risk management be improved through Agile
methods in Morphin CO. Brno.
The origin of the issues that have been being occurred in Morphin CO. is the fact that the project
life cycle and related to that, project risk management methodology are either generally still based
on the traditional approaches or there is no specific approach used due to the high level of
autonomy given to the project team members including the lead project team members; in other
words, the low agility. These weaknesses make Morphin CO. Brno to be threaten by the external
risks more than it can be since it is an international company. Therefore, I will represent some
suggestions to improve the current practices used on project management with some Agile
practices mentioned before in Morphin CO.
In this context, I will separate the recommendations as recommendation for the first line managers
who are responsible from the project teams and recommendations to improve the current practices
in the company.
8.1 Recommendations for First Line Managers
The first line managers are on the top level of hierarchy at the project management department in
Morphin CO. Brno as it was explained before in the introduction part of the company in my work.
Even though they are not involved in the projects directly, they have high power of sanction on
project managers. They can use it to make project teams to apply new practices on their projects.
8.1.1 Mandatory Agile Educations
As it was explained before, there is a chance to close the gap between the high quality of the
trainings/educations and the way the project teams work on the projects. Also, the first line and
lead project managers are open to new ideas and practices to be applied in their teams. Relate to
these, even though there are four online educations of Agile, they are not mandatory. In this
context, my first recommendation is that the first line managers have to make those four Agile
educations mandatory.
As a person that have already taken those online educations, I would generally explain what the
them about: First education is about the introduction to Agile methodology; definitions of the
concepts and why/ how they are used in the projects. The second education is specifically focus
on planning project releases, iterations and specially on the way of use of Sprint concept. The third
education program is about leadership and behaviors on Agile project management methods.
69
Finally, the fourth program consists of 12 different videos from a big conference about Agile which
was made in Morphin CO. headquarters on January 2016.
8.1.2 Practical In-Class Education Problem on Agile
Next, a practical training just like PM Green 10 should be started to be provided as one of the
practical training programs in the company subsidiary. The way to do it in the company is that to
have a meeting with the first line managers as a project team and make a detailed presentation
about the new training program. If the first line manager excepts it, then he/she talks with the
committee which is responsible from the trainings and apply for new practical training program to
be accepted and applied. If it is accepted, then either the current instructor should first be trained
with the new knowledge required or a new instructor has to be assigned for the program. After
that, a trial period is needed for it to be applied. Because there are four quarters used for
performance evaluation in the company throughout year and quarters consist of three months, I
believe that a quarter would be enough for a trial period in terms of understanding the performance
of the instructor and feedbacks from the project managers.
8.1.3 Mandatory Implications
Meanwhile, the first line managers should oblige the lead project managers to try these practices
in their teams during the trial period and if it works, then if it brings benefits to the companies, it
can be made the official process for all the project teams. To be able to understand the way the
new process works or not can be understood via online feedback system of the company. Because
after every practical in-class activity, the employees have to write a detailed feedback about the
training program.
Also, workshops mentioned can be a good place for the all teams and first line managers to get
together and work on the practices. But what would be really important about these meetings is
that the teams can have questions and answers session to share their experiences, as well. First
line managers can be there as an observer. Even though it can create some pressure on lead project
managers to be observed, I believe that it can be a better interpretation to define it as a motivation.
8.1.4 Motivation of Employees
In addition to these, since the employees have to complete at last 40 hours of online and practical
education as the minimum requirement of annual performance evaluation which also make them
gain White Points which can either be used to have some free presents on an online market of the
company or can be added to the salary of the employee in the end of year (as it was explained in
70
the chapter of Introduction of Morphin CO.) , having extra four online mandatory education (it is
9.5 hours in total) would also give project managers additional motivation.
8.2 Recommendations to Improve the Current Project Management Practices
As it was mentioned before in Agile methodology topic of theoretical part, risk identification is
everyone’s responsibility in Agile projects. If the team members observe a risk at the
organizational level, they should be encouraged to speak up rather than waiting it to bring it to the
table. This requires a good communication between the project team members and stakeholder, a
good team meeting schedule and a good team management by the lead project manager.
Due to these, I believe that combining the current project risk management cycle with Sprint
concept (how to do it will be clarified with its details) which is a concept under Scrum method of
Agile would be a good starting point to do that.
The new process which is combined with Sprint methodology should be part of the new practical
in class training program which was explained before. Instructor of the course (who is also the
instructor of PM Green-10) should adapt the new process into the current system and teach it to
the project managers. In the second possible scenario, a new instructor which has already
knowledge about Agile practices can be assigned, as well but it would cost more (which will be
explained under Cost and Benefits topic later).
As it was explained before, sprints start with the meeting of sprint planning and continues with
stand-up meetings, sprint review meeting and sprint retrospective respectively.
The lead project managers in Morphin CO. divide the work between the project team in in spite of
the lack of the meeting all together and it is made via e-mail. The problem starts after this part
which is the most important for the detection and tracking of risks and issues.
Therefore, stand-up meetings, sprint review meeting and sprint retrospective have to be applied to
the risk management methodology in Morphin in order to increase of the chance of success on the
projects. The educated and trained lead project managers and project managers in every team
should try to follow this process which as follow:
8.2.1 Kick-Off Meetings
First of all, the first thing that has caused issue was that the risk identification is usually made
separately between the project managers and once they gather every week, they demonstrate their
findings during the meetings and listen the recommendations from the lead project manager during
71
the meeting. Risks are determined during a meeting call “kick-off meeting” with the receiving and
sending managers from IMT and DC sides. Similarly, during the risk analysis part, general
procedure is to make the analysis with the lead project manager but informing him/her about to
way of analysis is again optional.
In our case, that “Kick-off Meeting” can be taken as the equivalent of the “Sprint Planning”
meeting of Scrum. I believe that it is a “must” to include DPE in the kick-off meeting because he
is the person who has straight relationship with the client from the country that processes the
project with Morphin CO. Brno and he/she is also responsible from the budget. Although the
practices of this part was explained by Krishnamurthy (2014) as the part that the project manager
(in our case, lead project manager) divides the work between the project team members, I believe
in addition to that, in the case that DPE can be included into this meeting, the project should ask
questions about the client and about the budget with looking out of the confidentiality. Task Board
can make contribution of identifying the risks as well which will be explained more detailed in the
recommendations for risk analysis phase.
The way to increase the productivity of these meetings also about the lessons learned session of
the project managers during the risk closure phase which I will explain later with more details.
When we go back to Kick-off Meeting, for instance, the possible issue of the lack of budget in the
big project with Norway was actually guessed by DPE but there was no project manager around
to ask him about the budget, define that risk and support him about it.
Also, the documentation problem with UK could be detected through a meeting with the client and
DPE that includes this risk of Brexit in the early phase of the project by changing a section on the
tool of CBC and uploading the scan of a signed document. Albeit the simplicity of the possible
solution, skipping to have such a meeting since the lack of communication in the team has caused
the project to be cancelled.
8.2.2 Risk Analysis and Team Meeting Frequency Phase Improvements
Next, the risk analysis phase can be improved with the daily stand-up meetings. They also can
make partially contribution to improve identifying, and tracking the risks, as well. Especially,
visual expression of the tasks through starting to use Task Board would be useful to improve the
way work is done, support project management team to focus on the right things, improve the
communication between team members by the daily discussions and reinforce the sense of
teamwork and finally seeing the big picture by analyzing the small pieces of the project can
improve the detecting the possible risks and issues.
72
As it was explained before, the external issues which have affected the projects with UK and one
big project with Norway were caused through the lack of information in the project team. As part
of Agile methodology, dividing the work into small pieces and analyzing them clearly during the
stand-up meetings with the help of Task Board could have made the detection of these issues even
before they turned into issues from risk easier.
Then, the meeting frequency issue (which is weekly made as it was mentioned) can be solved by
starting to apply stand-up meetings, too.
8.2.3 Improvements on Flexibility of Project Life Cycle Through Early Detection of Project
Risks
One of the most important issues and the project managers complain the most was the flexibility
of the project life-cycle. The projects generally have to be finished in 90 days and being in delay
conclude with the escalation of the project managers but if they ask for the extension within 10
days after the project is assigned to the team, then they can have permission for a longer time.
Because the project delays are usually caused through the unexpected issues occurred throughout
the project life-cycle, then it is important to identify, share and analyze the risks in the early phases
of the cycle (on our case, in 10 days). Then, the solution that was offered for better identification
and analysis through sprints can also be the solution of this case.
8.2.4 Improvements on Risk Responding Phase and Risk Tracking/ Monitoring
During the risk responding phase, managers first try to find the owner of the risk so this part also
covers risk mitigation planning and high number of the stakeholders make project managers cannot
include all of them in the meeting at the same time and especially the most important person, the
DPE usually avoids these meetings
Besides, the project managers should focus on the solutions during the phase of responding instead
of complaining about them. These solutions can be stated as follow:
- The high communication level as a project team (including all four team members and the
lead project manager)
- Informing and warning (if it is necessary) the DPE (Delivery Project Executive) of the
project,
- Being in communication with the SIL (Service Integration Leader) who is easier to
communicate
73
In order to be able to bring these activities to pass, project risk responding should include sprint
review meetings. They are made after every sprint. During this meeting the project team illustrates
which main task items they completed. Because one of the problems of this phase is that the project
managers cannot decide “Who is the owner of the risk?”, the connection between the risk
identification, risk analysis, risk tracking and risk responding must be solid and then well defined,
analyzed and tracked risks would help project managers to decide who is the owner of the risk
during the sprint review meetings. It is important to remember that as Sumit (2015) stated, main
tasks items that are not completed shall not be demonstrated. Otherwise this might suggest that
these items are finished, as well. Instead incomplete items/remaining activities shall be taken back
into the main tasks list, re-estimated and completed in one of the following sprints.
DPEs should be invited to sprint review meetings. However, since it is easier to get in touch with
SIL and SIL has the same knowledge as DPE, it might be a better idea to invite and inform him/her
during these meetings. I believe that it would provide a better communication and collaboration
between the project team and stakeholders. Then, in this case, the project team should primarily
focus on the following stakeholders: The sending manager, the receiving manager and the SIL.
However, I believe that since the problems exist in the previous phases of project risk management
life-cycle, DPEs tend to less and less communicate as the project risks and providing such
communication and collaboration would make DPEs to be motivated to be part of these meetings.
I would like add that all of these activities then may increase the use of effectiveness of Risk &
Issue file which was prepared in a really great way with all the details that are needed to define,
analyze and track the risks as it was explained before. Because, the file is valuable as long as the
risks are well defined and analyzed. Thereby, the evaluation and prioritization of the risks can be
made in a healthier way and risk tracking/ monitoring can be improved.
8.2.5 Risk Closure Phase Improvements
Finally, lessons learned part of the risk closure phase is completely optional and there is no specific
rule in Morphin CO. Brno. When a project is closed, it is optional for lead project manager to have
a “lessons learned” session with the whole team and only French Team members have explained
to me that they have these sessions periodically. The whole other 4 team members have told that
they do not have lessons learned sessions. Instead, there is an internal tool that the project managers
have access to in Morphin CO. and they have free to share their experiences in the tool. However,
only the first line managers have access to see that page so the other project managers cannot see
those shared experiences.
74
Instead of that, Risk Closure phase would be the phase that Sprint Retrospective activities will
start to be used in Morphin CO. Brno. For instance, the lead project manager can facilitate this
meeting. The team should discuss the just-concluded sprint and determine what could be changed
that might make the next sprint more productive. They should focus on three topics during the
meeting as Devendra (2014) states: The things that went well during the sprint cycle; the things
that went wrong during the sprint cycle; the things could they do differently to improve.
After that, when the cycle starts again, the identification and following phases of the project life-
cycle can be made easier and faster.
Besides, it must be mandatory for the team to share these stories in the internal tool of the company
on one condition: these stories must be reachable to all the teams. Thus, the outcome and
experience which will be obtained through Sprint Retrospective can be moved to Kick-off Meeting
and as it was mentioned before can increase the productivity of it over time by the incremental
knowledge in the team(s) and in the company.
All in all, the general idea is to be recommended is that the risk management life cycle should
turn into an iterative process instead of the sequential flow. Let`s 1see again first the risk
management life cycle of Morphin CO. Brno (Figure 8):
Risk Risk
Risk Analysis Risk Closure
Identification Responding
Then, a more detailed project risk-management life cycle according to the recommendations is
illustrated as follow:
75
Figure 10: Recommended Project Risk-Life Cycle for Morphin CO. Brno
Risk Identification
(Phase with kick-off meeting and sprint
planning)
Risk Analysis
(Phase with the stand-up meetings and
Task Board)
Risk Responding
(Phase with sprint review meeting)
Risk Closure
(Phase with sprint retrospective Meeting)
Figure 10 illustrates the recommended project life cycle in Morphin CO. Brno. The project life
cycle should start with the risk identification and be followed by risk analysis, risk responding and
risk closure. However, because the sprint activities are applied to the life cycle, then there will be
iterative relationship between the different phases. Because daily stand-up meetings exist now,
then this is going to cause risk analysis part to be a daily iterative process. In addition to these,
tracking of the risks can be made throughout the whole project life cycle thanks to Task Board
after the time that it starts to be used. The cycle is going to repeat over and over again and the
experiences and information that will be obtained through risk closure activities will affect
positively first, the following risk identification activities and second, the following projects.
76
9. COSTS AND BENEFITS
Making changes in the processes of a company usually come with both cost and benefits. Costs
can be caused by the need of extra resources. However, in our case, the main problem was to
inefficient use or nonuse of the current resources such as the online educations and current
meetings schedule. Therefore, I believe that the process will not bring significant costs to the
company but the benefits would be really high in return.
9.1 Costs
The possible costs of applying my recommendations can be illustrated in money and time topics.
In this case, the instructor who currently give the in-class training PM Green 10 would make the
relevant changes in the current program activities and practices. The instructor gives the education
every three months and it takes three days. The company pays 24200 CZK for every session per
three months to the instructor.
The cost in this context would be first be calculated as the time that will be spent. The time that
the instructor is going spend to make the transition to the new processes or combining the current
ones with the new ones would be long since this process would probably require some knowledge
transfer from an another instructor in a different country (possibly from UK) to the one in Czech
Republic which would create an another project. This kind of project would cost inferentially 4000
£ ≈ 107157 CZK.
Also, the instructor in Czech Republic would ask a salary increase in this case. The general salary
increase that employees ask for varies between 10% - 15% in the company subsidiary in Brno.
Then, I assume that the same increase would be asked by the instructor which means that his/her
salary per session would change between 26620 CZK to 27830 CZK (I will choose the case with
salary increase to 27830 CZK in my example).
Then, the total additional cost of such implementation would be approximately 107157 CZK +
(27830 CZK – 24200) = 110.787 CZK.
After all of these, I would like explain my real experience from the company. I have explained the
idea of making four Agile courses mandatory and placing a practical education for Agile with a
presentation to my first line manager. The four mandatory educations were already accepted and
preparing an in-class activity is already in process.
77
I had a meeting with one of the lecturers who is responsible to give PM Green-10, as well. His
idea is to combine the practices taught in this training with some of the Agile practices. However,
he explained that it is going to require a period of at least four months.
The example is also a proof that even though there is a hierarchy in the project management of the
company, everybody is open minded and tend to carry out new ideas as long as they are realistic,
applicable, and well explained.
9.2 Benefits
If the recommendations are succeeded, there would be several benefits to be gained as follow:
9.2.1 Benefits on the Budget Use
First of all, the most important achievement would be to decrease the possibility of cancellation of
the projects which were caused by the external effects (It is good to mention again that the external
effects mentioned on the projects were not the only reasons of the cancellation of the projects since
there were some other reasons that Morphin CO. Brno project teams could not be interfere in and
they caused the cancellation process of the projects, as well). Decreasing the possibility of the
cancellation of the projects would prevent the waste of the money spent in the projects, too. Let`s
remember the total budget of the projects with Norway and UK:
Norway - 18.000 € ≈ 482465 CZK36
UK - 135.000 £ ≈ 4265630 CZK37
9.2.2 Increase in Client Satisfaction
Secondly, making better contacts with the stakeholders can increase the client satisfaction. For
instance, lack of communication is something that none of the stakeholders in the projects do not
like. When the lack of communication causes also the cancellation of the projects, this would
induce the clients to have less trust for the company and would create a negative point of view
about their relationships and about the possible future projects with the company. However, the if
the recommended ideas are applied, this would influence the reputation of Morphin CO. Brno
36 39
The numbers were taken from DPEs of the projects. Proportion of the total money spent before the projects
were cancelled are not clear since there are some other people work on financing of the projects other than DPEs
and the data is confidential on their sides.
78
positively which would cause the company to have more clients and more and bigger projects in
the future, as well.
9.2.3 Productivity Rise
Also, taking precautions in the early phases of a project and proceed with the projects in an
organized way would give projects managers opportunity to spare more time on their other
projects.
As it was mentioned before under the topic of Flexibility of Project Life Cycle, every project
manager in the company is working on approximately on 10 projects. Because the total working
hours are 40 hours per week, it means that they spend 4 hours per project every week. Also, it is
good to remember that there are three months to close every project.
However, when an external effect is occurred, first thing that happens for that project to be in delay
and make project managers to spend on time even after three months. This affects the project
managers in two ways:
First of all, because after three months, the escalation process of the project managers can start, it
put more pressure on their shoulders and this causes them to spend even more than 4 hours per
week on that project.
Secondly, the time spent after on the project in delay is overlapped with the time that can be spent
on the new projects assigned for the following three months and it directly decreases the
productivity level of the project managers.
Then, if the chance of closing the projects are increased and/or at least if the need of the
cancellation of the project can be detected at an earlier phase of a project through the
recommendations explained, the productivity of the project managers and related to that, project
teams will increase.
9.2.4 Shared Fund of Knowledge through Lessons Learned on Projects
Finally, lessons learned on every project with a better changed project management culture and
increased motivation in the teams would affect the future projects performance in a positive way.
Transition to Agile requires a culture change in the company. This would take some time which
depends on the characteristics of the company. But once it is completed, especially due to the fund
of knowledge sharing between the team members and also the different project teams, the chance
79
of the success for the future projects will increase through a better Lessons Learned system placed
in the company.
80
CONCLUSION
All in all, I found out three answers to my three main research questions to be able to achieve my
goal which is to show that using Agile methods as part of the project risk management in Morphin
CO. Brno would increase of the chance of success on the projects.
My three main research questions were as follow:
I find it beneficial to repeat my research questions in order to explain the questions that I am going
to ask to the project managers:
methods oriented?
Brno?
My findings to answer the first research question illustrated that current project risk management
methods in Morphin CO. Brno is not Agile methods oriented and most of the practices are similar
to Waterfall methodology. The findings that prove that are the sequential project risk life cycle,
the problems that are caused from lack of communication between the project team members and
also their communication with the stakeholders during the different phases of project risk life
cycle, the general strictness of the project life cycle, lack of iteration concept use in the projects,
the lack of different type of meetings in the project teams, the gap between the well quality
trainings and the execution of the projects.
Next, the answer to my second research question is that the external events that have affected
Morphin CO. Brno the most recently were the economic crisis in Norway, Brexit and terrorist
attacks. All the projects in UK team which are part of an another big project, the project related to
Nordic team, and the projects that were ongoing with the subsidiary of Morphin CO. in Turkey
were cancelled after they were exposed to the related external issues. Therefore, the answer of my
third research question is that the project risk management methods are not sufficient to prevent
or minimize the effects of external risks on the projects in Morphin Company Brno. My analysis
81
then was that the project issues in Nordic team and UK team were preventable. However, the ones
with Turkey were inevitable.
Finally, my recommendations as part of the answer of my fourth research question consisted of

making the online Agile educations mandatory and adding also in-class practical training about
them combined with the current methods; increasing the communication level between the project
team members and the stakeholders through reorganizing the project risk life cycle and the meeting
schedules with the iterative approach of Agile Scrum methodology`s sprint concept and using more
visuals such as Task Board during the meetings which would make the identification and analysis
of risks in a healthier way. Besides, these approaches explained should be part of the in-class
education and trainings.
Then, all of these practices would increase the chance of success of the projects in Morphin CO.
Brno by making the project management department of it more prepared for the external events
in the age of volatility and so make the company better off in the future.
82
BIBLIOGRAPHY
Alan Moran, Managing Agile: Strategy, Implementation, Organization and People, Springer
Publication, 2015, ISBN 978-3-319-16262-1
A Guide to the Project Management of Knowledge, Third Edition, Library of Congress Catal
going-in-Publication Data, 2004, ISBN 1-930699-45-X
Alquier A.M. Cagno E. Caron F. Leopoulos V. Ridao M.A., Analysis of external and internal
risks in project early phase, 2000
Alan D. Orr, Advanced Project Management: A Complete Guide to the Key Models, Processes
and Techniques, Kogan Page, 2004, ISBN: 9780749440947, Pages: 242
Anil K. Kashyap, Lessons from the Financial Crisis for Risk Management, University of
Chicago, Booth School of Business and NBER, 2010
Arden Brummell and Greg MacGillivray, Scenario Planning - A Tool for Navigating Strategic
Risk, Scenarios to Strategy Inc., 2009
Armstrong, J. S. (2001). Role playing: a method to forecast decisions. Principles of forecasting: a

handbook for researchers and practitioners. J. S. Armstrong. Boston; London, Kluwer Academic:
15-30
Aswath Damodaran, Strategic Risk Taking: A Framework for Risk Management, Wharton
School Publishing, 2007, ISBN: 9780131990487, Pages: 408
Catriona Norris, John Perry, Peter Simon, Project Risk Analysis and Management, The
Association for Project Management, 85 Oxford Road, High Wycombe, Buckinghamshire,
(1992, republished January 2000), ISBN 0953159000
Christos N. Pitelis and Roger Sugden, The Nature of the Transnational Firm, First Published
1991 by Routledge 11 New Fetter Lane, London EC4P 4EE, 2000, ISBN 0-415-16787--6
David Hillson, Developing Effective Risk Responses, Conference Paper, 1999

Danielle van Well-Stam, Fianne Lindenaar, Suzanne van Kinderen and Bouke van den Bunt,
Project Risk Management: An Essential Tool for Managing and Controlling Projects, Kogan
Page, 2004, ISBN 10: 0749442751
Demir F., Kaarabiyik A., Ermisoglu E., Kucuk A., ABD Mortgage Krizi, BDDK (Bankacilik
Duzenleme ve Denetleme Kurulu), August 2008 – (Parts were translated from Turkish
language)
83
Dorine Boumans, Johanna Garnitz, Günther G. Schulze, CESifo Working Paper No. 6049
(August 2016), ISSN 2364-1428
Emily Bonnie, What is the Difference Between Project and Portfolio Management (October 1,
2015)
Douglas Hubbard, The Failure of Risk Management: Why It's Broken and How to Fix It. John
Wiley & Sons, 2009
Lisa Findlay, PMP vs. IPMA vs. PRINCE2, 2016, GreyCampus
Mark Goodman, Ian Major, Alan Greenwood and Sebastian Nokes, The Definitive Guide to
Project Management, FT Prentice Hall, 2008, First Edition: 2004
Nico Viergever, PRINCE2 vs. IPMA and IPMA. 2015
Risk Management Principles and Guidelines, ISO 31000: 2009
Roy D. Voorhees, Emerson L. Seim, and John I. Coppett, Global Logistics and Stateless
Corporations, Transportation Practitioners Journal 59, 2, 1992
Sergio l. Schmukler, Benefits and Risks of Financial Globalization: Challenges for Developing
Countries, June 2004
Sumit Sharma, The Scrum Meeting, 2015

(https://www.scrumalliance.org/community/articles/2015/july/scrum-meeting-it%E2%80%99s-
not-just-standing-up)
Galbraith, J.K., “A Short History of Financial Euphoria”, Whittle Books / Viking, New York.,
1990
Green, K., Conflict Forecasting, 2003
Gregory M. Becker, A Practical Risk Management Approach, Conference Paper, 2004
Hommes C.H., Brock W.A., Wagener F.O.O., More Hedging Instruments May Stabilize
Markets, Journal of Economic Dynamics and Control, Volume 33, Issue 11 November 2009
ICB IPMA Competence Baseline, Version 3.0, June 2006
Jon M. Wickwire, Construction Scheduling: Preparation, Liability, and Claim. 2002, 289 pages
Joseph W. Weiss, Robert K. Wysocki, 5-Phase Project Management, A Practical Planning &
Implementation Guide, Perseus Books Publishing, 1992, ISBN 0-201-56316-9
84
Kindler, S. Risk Taking: A Guide for Decision Makers, Publisher: Crisp Learning, 1990 ISBN
10: 0931961769 ISBN 13: 9780931961762
Kelvin Murray, Risk Management: Beyond the Textbooks, June 1998
Lisa Sieverts, Phil Ailes, Waterfall vs. Agile Project Management, 2011
Michael Power, Organized Uncertainty: Designing a World of Risk Management, Oxford UP,
2007, ISBN: 9780199253944, Pages: 275
IMF, meeting in London of the Group of Twenty Ministers and Central Bank Governors, March
13-14, 2009
Jon White, Crisis Management and Strategies for Dealing with Crisis, QFinance, 2013
Laurence Crain, Gene Gantz, Steve Isaacs, Doug Jose, Rod Sharp, Introduction to Risk
Management, Second Edition, Extension Risk Management Education and Risk Management
Agency, 2013
Lynch, David and Rodley, Chris (2005). Lynch on Lynch (revised edition). New York: Faber
and Faber. ISBN 978-0-571-22018-2
Pamela Meyer, The Agility Shift: Creating Agile and Effective Leaders, Teams,
and Organizations, Bibliomotion, 2015, ISBN: 9781629560700, 256 pages
Patrick Weaver, PMI Global Congress, Asia Pacific, 22-24 February 2010, Melbourne
Convention Centre, Melbourne, Australia
Paul Newton, Managing Project Risk, 2015, ISBN 978-1-62620-986-4
Phil Barnes, Government Enterprise Risk Management, Concepts and Guidance, 2014
PMI 1996. A Guide to the Project Management Body of Knowledge. Upper Darby, PA 19082,
USA: Project Management Institute. ISBN 1.880410.12.5
Robert Buttrick, The Project Workout: The Ultimate Handbook of Project and Programme
Management, Financial Times/ Prentice Hall; 4th edition (15 Dec. 2009), ISBN-10: 0273723898,
ISBN-13: 978-0273723899 (560 pages)
Robert S. Kaplan , Anette Mikes, Managing Risks: A New Framework, 2012
Rishi Devendra, Key Elements of the Sprint Retrospective, 2014

(https://www.scrumalliance.org/community/articles/2014/april/key-elements-of-sprint-
retrospective)
85
Simon, Peter W, Hillson, David A., Newland, Ken E. (eds.) 1997. Project Risk Analysis &
Management (PRAM) Guide. High Wycombe, Bucks HP11 2DX, UK: Association for Project
Management. ISBN 0.9531590.0.0
The Practical Adoption of Agile Methodologies, APM Volunteer Research Report, May 2015
Venkatesh Krishnamurthy, Managing Risk in An Agile Project, 2014
Wouter Baars, Project Management Handbook, DANS –Data Archiving and Networked
Services, ISBN 90 6984 496 6
Internet Sources
Agile Academy, A Taste of Agile Course (http://www.agileacademy.com.au/agile/,

https://www.scribd.com/document/309684594/A-Taste-of-Agile )
https://www.axelos.com/best-practice-solutions/prince2/prince2-agile (Axelos PRINCE2

Official Web-site)
Contributor Melonfire, Understanding Pros and Cons of the Waterfall Model of Software
Development, 2006, http://www.techrepublic.com/article/understanding-the-pros-and-cons-
of-the-waterfall-model-of-software-development/
Dan Woods, Why Lean and Agile Go Together, 2010,

https://www.forbes.com/2010/01/11/software-lean-manufacturing-technology-cio-network-
agile.html
Karen McIsaac, The ABEO Group, Project Represent Risky Business, October 6, 2008,
https://abeomusings.files.wordpress.com/2011/10/projects-represent-risky-business-karen-
mcisaac.pdf
Laurie Williams, Risk Management, 2004,

http://agile.csc.ncsu.edu/SEMaterials/RiskManagement.pdf
Ssempebwa Kibuuka Ronald, Atlanta International University, 2004

(https://www.academia.edu/11457498/PROJECT_RISK_MANAGEMENT )
Tom Perry, Task Boards: Telling a Compelling Agile Story, 2007,

https://agiletools.wordpress.com/2007/11/24/task-boards-telling-a-compelling-agile-story/
Jim Highsmith, History: The Agile Manifesto, 2001.

http://agilemanifesto.org/history.html
86
Beck, Kent, Beedle, Mike, van Bennekum, Arie, Cockburn, Alistair, Cunningham,
Ward, Fowler, Martin, Grenning, James Highsmith, Jim, Hunt, Andrew, Jeffries,
Ron, Kern, Jon, Marick, Brian, Martin, Robert C., Mellor, Steve, Schwaber, Ken,
Sutherland, Jeff, & Thomas, Dave. Manifesto for Agile Software Development,
2001. http://agilemanifesto.org/
http://www.bbc.com/news/uk-politics-32810887 (BBC NEWS Official Web-Site)
http://www.bbc.com/news/election/us2016 (BBC NEWS Official Web-Site)
https://www.bloomberg.com/news/articles/2015-01-28/get-ready-for-the-return-of-risky-
mortgage-bonds-credit-markets (Bloomberg finance, economy, and politics news news web-
site)
https://www.bloomberg.com/news/articles/2016-01-14/norway-government-rules-out-extra-
stimulus-as-oil-rout-persists (Bloomberg finance, economy, and politics news news web-
site)
https://www.bloomberg.com/politics/articles/2016-11-09/failed-polls-in-2016-call-into-
question-a-profession-s-precepts (Bloomberg finance, economy, and politics news news
web-site)
www.businessdictionary.com/definition/statement-of-work-SOW.html (Business Dictionary

Web-Site)
https://www.ft.com/content/7b99abfe-fffe-11e5-ac98-3c15a1aa2e62 (Financial Times

finance, economy, and politics news web-site)
http://www.diken.com.tr/bir-bucuk-yilda-33-bombali-saldirida-461-kisi-hayatini-kaybetti-
363u-sivil/ (Diken News Web-site)
http://www.fhfa.gov/DataTools/Tools/Pages/4th-Quarter-Line-Chart.aspx (Federal
Housing Finance Agency web-site)
http://data.worldbank.org/indicator/SL.UEM.TOTL.ZS?end=2014&start=2000 (World
Bank web-site)
https://www.mindtools.com/pages/article/newTMC_09.htm (Mind Tools Personal

Development and Career Web-site_
87
https://www.theguardian.com/environment/2011/apr/20/deepwater-horizon-key-questions-
answered (Guardian News Official Web-site)
http://www.theipma.org/about-the-ipma (IPMA Official Web-site)
https://www.wrike.com/project-management-guide/methodologies/ (Wrike Project

Management Information and News Web-site)
https://www.mindtools.com/pages/article/newTMC_09.htm (Mind Tools Business Articles

web-site)
http://www.mpug.com/articles/pmp-prep-qualitative-vs-quantitative-risk-analysis/
(Microsoft Project Management Web-site)
https://www.pmi.org/about/learn-about-pmi/what-is-project-management (Project
Management Institute web-site)
http://www.world-nuclear.org/information-library/safety-and-security/safety-of-
plants/fukushima-accident.aspx (World Nuclear Association Web-site)
https://www.pmi.org/learning/library/analysis-qualitative-risk-management-tool-8927
(Project Management Institute web-site)
https://www.iso.org/obp/ui/#iso:std:iso:10006:ed-2:v1:en (the International Organization

for Standardization web-site)
https://www.scrumalliance.org/why-scrum (Scrum Methodology web-site)

http://www.theipma.org/membership (The International Practice Management Association
web-site)
https://www.projectsmart.co.uk/earned-value-management-explained.php (Project Smart

Web Site)
https://www.prince2.com/eur/what-is-prince2 (Projects in Controlled Environments web-

site)
http://prince2agile.wiki/An_Overview_of_PRINCE2_Agile (PRINCE2 Official Wikipedia

Page)
http://www.telegraph.co.uk/finance/newsbysector/banksandfinance/6143297/Lehman-
Brothers-the-bank-that-bust-the-boom.html (Telegraph news web-site)
88
http://www.telegraph.co.uk/news/2016/11/09/how-wrong-were-the-polls-in-predicting-the-
us-election/ (Telegraph news web-site)
http://www.techrepublic.com/article/understanding-the-pros-and-cons-of-the-waterfall-
model-of-software-development/ (Web-site about technical news and information about
project management, software development and Cloud)
https://en.wikipedia.org/wiki/Pamela_Meyer#cite_note-4
http://www.imdb.com/name/nm0000186/bio?ref_=nm_ov_bio_sm (Internet Movie Data

Base Web-site)
http://www.imdb.com/title/tt0076759/quotes Internet Movie Data Base Web-site)
https://www.statista.com/statistics/263264/top-companies-in-the-world-by-market-value/
(Statistics web-site)
http://scrumreferencecard.com/scrum-reference-card/#Scrum-Artifacts (Scrum Reference

Card Web-site in reference to the graph of Sprint Backlog)
https://www.mountaingoatsoftware.com/agile/scrum/scrum-tools/sprint-backlog (The
Mountain Goat Software web-site)
http://agilebacon.com/wp-content/uploads/2013/08/Summer-of-Bob1-600x300.jpg
89
LIST OF FIGURES
Figure 1: An Overview of Portfolio, Program, Project and Subproject……………………………….5
Figure 2. Six Phases of Project Management with Their Central Themes………………………….10
Figure 3. Five Phases of Project Management Life-Cycle………………………………………………….11
Figure 4: Project Life Cycle Parts and Phases…………………………………………………………………...11
Figure 5: Fundamental Risk Management Steps During a Project………………………………….…21
Figure 6: Sequential and Iterative Life-Cycle of Waterfall and Agile Methodologies……. ….39
Figure 7: Hierarchy of the Team Members in Morphine CO…………………………………………………….51
Figure 8: Project Risk Management Life-Cycle in Morphin CO. Brno…………………………….…..52
Figure 9: Advantages and Disadvantages of Morphin CO. on Project Management….……..67
Figure 10: Recommended Project Risk-Life Cycle for Morphin CO. Brno……………………….…..76
LIST OF GRAPHS
Graph 1: Probability – Impact Connection……………………………………………………………………...26
Graph 2: Risk Prioritizing…………………………………………………………………………………………....…28
LIST OF DIAGRAMS
Diagram 1: The Roles in the Knowledge Transfer Projects………………………………………………………….49
Diagram 2: Transfer Project Workflow……………………………………………………………………………………….50
LIST OF CHARTS
Chart 1: Flexibility and Strictness of Project Life-Cycle…………………………………………………...57

Chart 2: Iteration Concept Familiarity of Project Mangers…………………………………………….58
Chart 3: The External Events that Have Affected the Projects the Most and Internal Risks &
Issues in Morphin CO. Brno (in Last Three Years) ……………………………………….64
90
ABBREVIATION LIST
CO. Company
DPE Delivery Project Executive
DOU Document of Understanding
FHFA Federal Housing Finance Agency
HPI House Price Index
ILO International Labor Organization
IMF International Monetary Fund
IPMA The International Practice Management Association
ISO International Organization for Standardization
PMBOK The Project Management Body of Knowledge
PMI Project Management Institute
PRINCE PRojects IN Controlled Environments
SIL Service Integration Leader
UK United Kingdom
US United States
91
APPENDICIES
Appendix A: HPI in US between 2000 to 2016 (Seasonally Adjusted)
Source: FHFA
92
Appendix B: Unemployment, Total (% of total labor force) (ILO Estimate)
Source: World Bank
93
Appendix C: Risk Register Example 1
Risk Analysis
(P: Probability, I:
Risk Risk Impact – S: Risk Management
Risk Description Actions to be Taken
Rank ID Small, M: Plan
Medium, H:
High)
 Trying to reach
to the sending
 Using different
manager via e-
communication
mail and
Communication  P: S channels to
telephone and
1 4 problem with the  I: M reach the
inform her about
sending manager sending
the possible
manager
consequences,
as well
 Informing the  PM to inform

Funding Problem  P: H project team project team
2 2 with the Project  I: H about the about the
Executive possible delay possible delay
 PM to reach
 Reach immediately to
immediately to the client to
the client to learn the
Lack of
learn the complete
information from  P: S complete information
the client which
3 3  I: S information
slows down the
 Fix the
preparing the  PM to fix the
documents
documentation documents that
that are in
are in delay to
delay to be
be sent
sent
 Reach the
Lack of customer relevant
people who  PM to reach the
consent for the
 P: H need to sign relevant people
data in PC
 I: M the documents who need to
4 1 system which
and upload sign the
would cause
them in the documents and
delay in project
system upload them in
life-cycle
the system
Source: Adapted from the work of Gregory M. (2004)
94
Appendix D: Risk Register Example 2
1. BASIC RISK INFORMATION

Date
Last Update
Risk Risk Description / Risk Event Reported
Responsible day-month-
Number Statement day-month-
year
year
Provide a A risk event statement states (i) Name or title of Enter the date Enter the
unique what might happen in the future team member the risk was date the risk
identifier and (ii) its possible impact on the responsible for first reported (not the
for risk project. "Weather" is not a risk risk entire log)
event statement. "Bad weather was updated
may delay the project" is a risk
event statement.
Example Concrete prices may increase, Materials 1-Dec-2005 12-Jan-2006

R1 causing the project to go over Acquisitions
budget Manager
Example Key supplier may lose a pending Project Manager 15-Dec-2006 12-Jan-2006
R2 lawsuit and go out of business,
creating the need to find a new
supplier, which will cause
schedule delays
R1
R2
R3
R4
R5
95
2. RISK ASSESSMENT INFORMATION
Status of
Impact Probability Timeline
Impact Description Response
H/M/L H/M/L N/M/F
N / P / PE / EE
Enter here List the specific impact the Enter here H Enter here N Enter here N
H (High); risk could have on the project (High) (Near-term); (No Plan); P
M schedule, budget, scope, M (Medium) or M (Medium- (Plan but not
(Medium); and quality. Other impacts L (Low) term); or F enacted); PE
or L (Low) can also be listed according to (Far-term) (Plan enacted
according probability according to but
to impact definitions timeline effectiveness
definitions definitions not yet
known); EE
(Plan enacted
and effective)
M The cost of the concrete H M PE

could be as much as 50%
more expensive than
budgeted for, resulting in an
overall cost overrun of 15%
on the project
H Finding a new supplier, N/A N/A N/A
negotiating contract, and
getting re-started is
estimated to cause a 6-
month delay
96
3. RISK RESPONSE INFORMATION
Risk Status
Completed Actions Planned Future Actions Open / Closed /
Moved to Issue
List, by date, all actions taken to List, by date, what will be done State if the risk is
respond to the risk. This does not in the future to respond to the open (still might
include assessing the risk risk happen and still has
to be managed);
closed (has passed
or has been
successfully
mitigated); moved to
issue (risk has
happened)
10-Jan-2006: Asked concrete 12-Jan-2006: Investigating cost Open

supplier to guarantee a price; of purchasing materials now and
request denied storing them until needed
12-Jan-2006: Met with supplier to N/A Moved to issue

discuss options
15-Jan-2006: Spoke with other
suppliers regarding availability
20-Jan-2006: Prepared contingency
plan and RFP in case supplier goes
bankrupt
25-March-2006: Moved risk to issue
process -- supplier lost lawsuit and
declared bankruptcy
Source: http://www.brighthubpm.com
97
Appendix E: Task Board
Appendix E illustrates Task Board as one of the Agile practices. As it was mentioned in the
theoretical part, Task Board generally consist of the three columns with the topics that represents
to Do, In Progress, and Done Tasks. Sticky and colorful notes can be useful to track the status of
the tasks and shows a better, bigger and more understandable picture for the project managers.
This approach can be applied even to the simplest daily life goals.
Source: http://agilebacon.com
98
Appendix F: Sprint Backlog
Source: scrumreferencecard.com
99
Appendix G: Phases of Sprint
SPRINT PLANNING
MEETING
DAILY SCRUM (STAND-

UP)
SPRINT REVIEW
MEETING
SPRINT
RETROSPECTIVE
MEETING
100
Appendix H: Advantages and Disadvantages of PEST Analysis
Haughey (2016) also explains the advantages and disadvantages of PEST analysis as follow:
Advantages of PEST
 Straightforward and only costs time to do.

 Provides an understanding of the wider business environment.
 Encourages the development of strategic thinking.
 May raise awareness of threats to a project.
 Can help an organization to anticipate future difficulties and take action to avoid or
minimize their effect.
 Can help an organization to identify and exploit opportunities.
Disadvantages of PEST
 Usually, a simple list and not critically presented.

 The rapid pace of change in society makes it increasingly difficult to anticipate
developments that may affect an organization in the future.
 Collecting large amounts of information may make it difficult to see the wood for the trees
and lead to 'paralysis by analysis'.
 Basing the analysis on assumptions that may prove to be unfounded.
 PEST analysis only covers the external environment and the results need considering
alongside other factors, such as the organization itself, competitors and the industry in
which it is working.
101
Appendix I: Risk & Issue Log in Morphin CO.
102
103

PROJECT MANAGEMENT-Dize Devrim Hacioglu - Diploma Thesis

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

PROJECT MANAGEMENT-Dize Devrim Hacioglu - Diploma Thesis

Uploaded by

Copyright:

Available Formats

Masaryk University

Faculty of Economics and Administration

Thesis Supervisor Author

MASTER’S THESIS DESCRIPTION

Student: Dize Devrim Hacioglu

Field of Study: Business Management (Eng.)

Title of the thesis/dissertation: Project Management

Title of the thesis in English: Project Management

Extent of graphics-related work: According to thesis supervisor’s instructions

Extent of thesis without supplements: 60 – 80 pages

Literature: SANDØY, M., T. AVEN and D. FORD. On Integrating Risk Perspectives in

PICH, M.T., C.H. LOCH, A DE MEYER and Arnoud de MEYER. On

MAYLOR, Harvey. Project management. 4th ed. New York: Financial

MARCELINO-SÁDABA, S., A. PÉREZ-EZCURDIA, A.M.E. LAZCANO

YOUNG, Trevor L. The handbook of project management : a practical guide

Thesis supervisor: Ing. Bc. Sylva Žáková Talpová, Ph.D.

Thesis supervisor’s department: Department of Corporate Economy

In Brno, date: 2017/05/12

Dize Devrim Hacioglu

My research questions and sub-research questions to be used in my work are as follow:

1.1 Project and Project Management

- Complex and numerous activities

Figure 1: An Overview of Portfolio, Program, Project and Subproject

The International Practice Management Association (IPMA) is a membership-based

PRINCE2 (an acronym for PRojects IN Controlled Environments) is a de facto process-based

 Focus on business justification

For individuals, PRINCE2 certification is an invaluable asset to their career as it increases

1.3 Fundamental Project Management Approaches

Agile management, or agile process management, or simply agile refers to an iterative,

Figure 2. Six Phases of Project Management with Their Central Themes

Source: Baars (2012)

Source: Weiss and Wysocki (1992)

Figure 4: Project Life Cycle Parts and Phases

Source: IPMA Competence Baseline (2006)

Then, we can summarize the common components of risk as following:

 A risk is something that can negatively affect the project.

After that, we can summarize the features of risk management as follow:

- It gives an opportunity to create an environment for proactive decision making.

2.1 Role of Project Managers on Project Risk Management

 Simplification of the process for risk management

2.2 Classification of Project Risks

2.3 External Risks of Today`s World

2.3.3. Political Unexpected Events

Figure 5: Fundamental Risk Management Steps During a Project

Source: Adapted from the work of Weiss, Wysocki (1992)

1. Identify and assess risks and opportunities.

6. Control the risk and opportunity response plan.

Phase 1: Risk Identification

Phase 2: Risk Analysis

Phase 5. Reaction to Risk

2.4.1 Identifying Risks (Phase 1)

2.4.2 Risk Analysis (Phase 2)

a) Qualitative Analysis Method

Graph 1: Probability – Impact Connection

b) Quantitative Analysis Method to Estimate Probability

Another approach to estimating probability and impact is a quantitative analysis. It is a beneficial

Another difference is that Qualitative Risk Analysis is a subjective evaluation, whereas

c) Risk Prioritizing and Risk Exposure Determining

Graph 2: Risk Prioritizing

Risk Exposure(RE)= P (Probability of risk) x V (Impact of loss)

Even though it is so important to work as a team to prioritize risks, it is a challenging process to

 Name the risks owners for every risk listed

2.4.4 Monitoring (Tracking and Controlling) Risk (Phase 4)