2022

Credentials Contact Number

PMP, PSM, CDCP +966 50 772 7773
 Risk Defined

“Anything that could prevent

or marginalize project suc-
cess- if it comes to fruition.

Related, an Issue is when a

Risk materializes.
Objectives of Risk Management

Risk management is not a stand-alone

discipline but requires integration with
existing business processes such as
business planning and Internal Audit

The Effect of Risk that you want to

avoid, or the opportunity that you
want to exceed

Goals
At which you will apply the pro-
Identifying individual project risk, & cess, monitor the progress and
and documenting their charac- Objectives modify the plan
teristics

Identify Project
Risk Dashboard
Key Objectives Risk Management Procedure

1. Early identification of risk protect the companies from

expected losses

2. More efficient resource planning by making previously

unforeseen costs visible

3. Helps in tracking accurate cost of the project, that will further

help more accurate estimates of return on investment

4. Identification of legal risk might help the company to save

its image

5. Increased awareness of legal requirements

6. Flexibility, rather than panic, when changes or challenges do

arise
 Traditional Risk Management
Pros and Cons

PROS CONS
Risks identified before major Usually done at the start but not
investment throughout a project
Early analysis can help with May be performed on projects
a go/ no decision where there is no value add
Contingency planning that avoids Often done without examination of
waste specific requirements

Risks exposed to the team at Often done by a small group – not

large the entire team

No correlation to project specific

Lessens chance of mid-project processes to identify and minimize
surprises risk
How is Agile different?

Traditional planning does

risk management upfront.
Whereas Agile looks for risk
throughout the lifecycle
How Does Agile Address Risk?

Individual and Interactions over process and tools:

Software development is a complex task that takes expertise
and judgement. Members of a team must work closely togeth-
er to solve the problem in front of them.
There is greater collaboration in agile teams over traditional
teams, this in itself reduces risk. If your teams are working well
together, there should be plenty of talking and workshops,
which means that it is likely that most ( if not all) risks will be
identified.
Using collaboration to reduce risk can be illustrated by what
happens during a good iteration planning meeting.

Working Software over Comprehensive Documentation

Producing working software on a continuous basis at the end
of each iteration already reduces product and project risk by
allowing the business to give feedback regularly.

Customer Collaboration over Contract Negotiation

In agile, we recognize that things will changes as we learn

more about what we are building, and we adapt to new
knowledge and information we discover. In order to be effec-
tive, contracts in agile delivery need to be written to support
this adaptation. This means we must all work together to con-
tinually manage risk and reduce it as soon as it get identified.
The continuous involvement of actual customers not just
customer proxies, like the PO builds a better product that
is fit for its purpose. As they are available, involving custom-
ers in all ceremonies ( including daily standups) can reduce
more risk.

Responding to Change over Following a Plan

In agile we are planning and replanning on a very regular
basis as we enter sprints, refine our blacklog, and talk daily at
standups.
This means that risk is being identified, analyzed, and mitigated
(or at least planned to be mitigated) on a daily basis.
Agile Principles Address Risk

Transparency Collaborative Customer

planning involvement

Harness the Mitigate cus-

Expose every-
knowledge of tomer risk by
thing we are
the entire involving them
doing so we
team and throughout the
can see risks
see more risks lifecycle
early
Project Envisioning Practices
Envisioning the product with the customer
•The team and customer are synchronized on the
need
• Less risk of delivering the wrong product

Quantifying the value with the customer

• Less risk of the team not supporting the project

Project Planning Practices

Estimation based on history
• Risk of estimate inaccuracy reduced since con-
stants are involved in estimation

Work reviewed at the feature level for more detailed

risk evaluation:
• Less chance of missing a risk since features are
examined separately for technical risk
 Project Tracking Risk Practice
Don’t Manage Based on % of Plan Complete

• Percentages are misleading

• There is a risk that 1% takes as long as 99
Can I use Traditional Risk Management on
My Agile Project?

YES PLEASE DO!

The Truth Most projects Mix

Traditional and Agile Methods
Agile
Traditional Where most projects live
Project
Project Methods
Methods

Work Breakdown Structure Team Customer Interview

Formal requirements Agile estimating

Detailed task estimates Burn down charts

Customer Signature Daily standup meeting

One delivery Iterative delivery

Microsoft Project Plan Daily customer Interaction

Formal risk Management Iteration retrospective

 But – Make the Call on Each Project

Do Traditional Risk Management Probably Skip, or do lightly,

when Project: when Project:

Has technology never used by the Is a simple release on existing

team platform

Is expensive Only runs a few days

Has many touch points Schedule is tight and extended risk

planning could jeopardize delivery

Longer than a few weeks We have a lot of experience with this

type of project

Is required to be compliant We can leverage an existing risk

 Types Of Risks
Strategic Operational
Demand Shortfall Cost Overrun
Customer retention Operational Controls
Integration problems Poor Capacity man-
Pricing pressure agement
Regulation Supply Chain Issues
Research & Develop- Employee Issues incl.-
ment fraud
Industry or sector Bribery and Corrup-
downturn tion
JV or partner losses Regulation
Commodity prices

Hazard Financial
Macroeconomic Debt and interest rates
Political Issues Poor Financial management
Legal Issues Asset losses
Terrorism Goodwill and amortization
Natural disasters Accounting problems
 Risk Management Lifecycle
Develop Risk Identifying individual project
Management Plan risk, and documenting their
characteristics
Establishing a frequent
rhythm or cadence of
review and feedback ses-
sions is helpful for negative
project risk.
Daily standup meetings
can be used in any project

Risk Management
Lifecycle Prioritizing individual project
risks, by assessing their
probability of occurrence &
Risk Management impact
Close-out Qualitative & Quantitative
Analysis

Identifies appropriate
ways to address overall
project risks and indi-
vidual project risks
Stakeholder Engagement

Stakeholders Risk Appetite

RISK
Risk appetite is a classification of
how much risk are specific stake-
holders, or the overall organization,
willing to accept while pursuing
project objectives

Risk Tolerance

Risk tolerance is the degree of risk

that an investor is willing to endure
given the volatility in the value of
an investment.
 Tools & Practices
Risk Impact Analysis
Documentation of existing individual project risks as well as
sources of overall project risk

Probability & Impact Assessment

Estimating the likelihood of a risk occurring. The impact assessment
estimates the effects of a risk event on a project objective

Risk Mitigation Strategies

Developing Options, selecting strategies and agreeing
on action to address overall project risk exposure

Qualitative Analysis
Prioritizing individual project risks, by assessing their probability of
occurrence & impact

Quantitative Analysis
Numerically analyzing the combined effect of identified individual
project risks
 Risk Response Plan
Responding to Risk
Avoid Exploit
Risk avoidance is when The exploit strategy may be
the project team acts selected for high-priority
eliminate the threat or opportunities where the
protect the project from organization wants to
its impact ensure that the opportunity
is realized

Mitigate Enhance
In risk mitigation, action
is taken to reduce the
probability of occur-
Negative Positive The enhance strategy
is used to increase the

Risk
probability and/or

Risk
rence and/or impact of impact of an opportu-
a threat nity

Transfer Share
Transfer involves shifting Sharing involves trans-
ownership of a threat to a ferring ownership of an
third party to manage the
risk. opportunity to a third
Risk transfer often involves party
payment of a risk premium

Accept Accept
A
Lorem ipsum dolor sit amet,
Risk acceptance acknowl-
consectetuer adipiscing elit, Accepting an opportunity
edges the existence
sed diam nonummy nibhof a
euismod tincidunt ut laoreet acknowledges its existence
threat, but no proactive
dolore magna aliquam erat but no proactive action is
action is taken
taken
The Real Business Examples!
Enterprise Project Risk Management Process Worldwide

o Project Planning With Authorized Budget

Collect Project Documents –

o
Reports, Schedules Etc.

01 o Identify Project Ambiguity

02

03
Managing
Risk into 04 o Formulate Initial Risk
Steps Management Plan
05

06 o Communicate Plan With

07
Top Management

o
Implement Risk Man-
agement Action Plan

o Risk Monitoring
 Risk Response plan
Avoid Exploit
Extending the schedule. Assigning an organization’s most talented
- Changing the project Strategy. resources to the project.
- Reducing Scope Using new technologies or Technology
upgrades.

Mitigate Enhance
- Adding more re-

Negative Risk
Adapting less complex process. sources to an activi-

Positive Risk
Conducting more tests. ty to finish early
Choosing a more stable seller

Transfer
Use of insurance. Share
Performance Bonds.
Warranties & Guarantees. - Sharing actions in-
clude forming risk
sharing partnership,
teams, special pur-
pose companies or
joint Ventures

Accept Accept
Establish a contingency reserve.
Establish a contingency reserve.
Including a mount of time, money
Including a mount of time, money
or resources.
or resources.
Mitigation Strategies For Financial Risks
Foreign currency fluctuation risk
Includes changes in investments
value
Interest rate risk/market risk
Exposure to changes in fair values
of certain liabilities
Intense competition in marketplace
adverse global economic conditions
reports of food-borne illness or food
tampering threat from natural disasters
RISK REWARD
Business uses foreign-exchange
debt and derivative instruments
to mitigate the effects of those
changes
Company  uses fixed pricing agree-
ment with suppliers
Although, the company follow key
steps to deal with such risks (i.e.
signing agreement with third par-
ties); however, these risks are de-
pendent on external forces and
cannot be monitor completely
 Risk Tolerance

The probability is the likelihood of an event occurring and the conse-

quences, to which extent the project is affected by an event, are the im-
pacts of risk. By combining the probability and impact, the Level of Risk
can be determined

Risk Likelihood
is the possibility of a potential risk occur-
ring, interpreted using qualitative values
such as low, medium, or high

Loss Of Key Managers

Business Continuity Problems X

Likelihood

Supplier Default
IT Problems Risk impact
is an estimate of the potential losses
Loss Of Key Partnerships associated with an identified risk

Product Or Service Quality

=
Poor Project Management
Risk Tolerance
Is The Probability Of An Unfortunate
Event Occurring, Multiplied By The Po-
Impact tential Impact Or Damage Incurred By
The Event
 Outcome Check

Awareness Of The Environment Considering Environmental Factors When

(Technical - Social - Political - Market - Economic) Evaluating Risks And Response

Proactive Respond To Uncertainty Risk Responses Aligned With Project

Budget, Schedule And Performance

Awareness Of All Project Variables Actions Addressing All Appropriate

Factors For The Project

Ability To Prosect Threats And Opportunities Systems For Identifying And Responding
To Risk Are Robust

Project Delivery With Low Negative Impact Set Delivery Date Are Met, Within Set
Budget

Improving Project Performance & Outcome Teams Use Established Mechanism To

Identify Opportunities

Cost & Time Aligning With Project Objectives Teams Take Proactive Steps To Prevent
Threats, So Limiting Cost & Time
 Key Insight
Traditional Risk Management and an Agile lifecycle
are complimentary

Traditional Risk Management is done up front and tries

to envision what could go wrong all the way to the
end of the project

Agile Risk Management is done more by practices

then envisioning. Many Agile practices look to identify
and mitigate risk throughout the project.

The level of traditional risk management performed

should correlate to complexity, duration, and experi-
ence with the type of project being pursued.
Credentials
PMP, PSM, CDCP

Contact Number
+966 50 772 7773