Professional Documents
Culture Documents
Risk
2017/3/23
ThanhLVT
1. What is Risk
2. Identify Risk
3. Perform Qualitative Risk Analysis
4. Perform Quantitative Risk Analysis
5. Plan Risk Responses
6. Control Risks
2
© Copyright 2017 Rikkeisoft
What is Risk
1. Risk
Risk is an uncertain event or condition that, if it occurs, has an eff
ect on at least one of the project objective
Uncertainty and associated risks are always on FUTURE.
There is 25% chance that a person may develop cancer. It is an u
ncertain event and a risk.
2. Issue
When a risk happens, then it may be called an event or issue.
If a person develops cancer, it is no longer a risk, but a health iss
ue. Now the uncertainty became certain.
3
© Copyright 2017 Rikkeisoft
Known Risk vs Un-known Risk
1. Known Risks
Project management team is aware of this risks and can b
e analyzed. Also called known unknowns risks.
2. Un-Known Risks
Project management team is unaware of this risks and ca
nnot be analyzed. Also called unknown unknowns risks.
4
© Copyright 2017 Rikkeisoft
Risk attributes
1. Probability
The probability of it occurring can range anywhere from just above 0
% to just below 100 %.
- Note: It can't be exactly 100 percent, because then it would be a ce
rtainty, not a risk. And it can't be exactly 0 percent, or it wouldn't be
a risk.)
2. Impact
The size of the impact varies in terms of cost and impact on health, h
uman life, or some other critical factor.
3. Threat or Opportunity
- Negative Risks or Threats: If occurs will negatively affect objectives
- Positive Risks or Opportunities: If occurs will positively affect objecti
ves
5
© Copyright 2017 Rikkeisoft
Risk attitude
• Risk appetite: the amount and type of risk an organization is willing to accept
in pursuit of its business objectives.
• Risk tolerance: the specific maximum risk that an organization is willing to
take regarding each relevant risk.
• Risk threshold: specific point at which risk become unacceptable
6
© Copyright 2017 Rikkeisoft
How to manage Project Risk?
7
© Copyright 2017 Rikkeisoft
PM Philosophy
• The project manager is in control and proactively managing events, av
oiding as many problems as possible.
• The project manager must understand how to anticipate and identify a
reas of risk, how to qualify and quantify them, and how to plan for the
m.
• Project manager normally identify stakeholder risk tolerance levels duri
ng stakeholder analysis and try to ensure all risk handlings are done a
ccording to this.
8
© Copyright 2017 Rikkeisoft
Project Risk Management Processes
9
© Copyright 2017 Rikkeisoft
2. Identify Risk
• What it is?
– Determining which risks are likely to affect a project and document
ing the characteristics of each
• When?
– Risk identification is an iterative process, since new risks can evolv
e during project progress.
• How to ?
– Gather information
– Analyze and identify risks
– Find the risk triggers
10
© Copyright 2017 Rikkeisoft
2. Identify Risk
11
© Copyright 2017 Rikkeisoft
2. Identify Risk – Output
Risk Register
• Risk Register at this stage may contain
– List of identified risks
– Characteristics of identified risks (at high level)
– List of potential responses (In normal case responses are prepared
– Later however an experienced person can identify possible responses now only)
• Risk Register is not completed now and only the skeleton is formed.
• Risk Register will get detailed and updated through other processes in
Risk.
12
© Copyright 2017 Rikkeisoft
3. Qualitative Risk Analysis
What it is?
– The process is to determine which risks are the highest priority on the project.
Why?
– It may not be feasible or necessary for organizations to put same efforts for all risks
identified. We need to prioritize now where to concentrate at a given time.
13
© Copyright 2017 Rikkeisoft
3. Qualitative Risk Analysis
Risk probability and impact assessment
Probability
– Probability is the likelihood that an event will occur. The classic example is flipping a
coin.
– There is a 0.5 probability of getting heads and a 0.5 probability of getting tails on th
e flip.
Impact
– Impact is the amount of pain (or the amount of gain for positive risks) the risk event
poses to the project.
– The risk impact scale can be a relative scale that assigns values such as high-mediu
m-low (or some combination of these) or a numeric scale known as a cardinal scal
e.
14
© Copyright 2017 Rikkeisoft
3. Qualitative Risk Analysis
Probability and Impact Matrix
Risks are now arranged in a matrix for fu
rther analysis as per the probability and i
mpact assessment.
Organizations normally have defined para
meters for risk probability and impact rati
ng and thresholds however team normall
y tailor it for specific project during creati
on of Risk Management Plan.
Organizations can give weightage for any
specific parameter/s (Normally Scope, Co
st, Quality and Time) in definition of scor
e.
15
© Copyright 2017 Rikkeisoft
4. Quantitative Risk Analysis
What it is?
Numerically estimating the effects of the identified risks on overall project objectives
Quantitative risk analysis is usually very lengthy and difficult and hence done for onl
y high priority risks.
When?
The Quantitative Risk Analysis process can follow either the Risk Identification proce
ss or the Qualitative Risk Analysis process.
16
© Copyright 2017 Rikkeisoft
4. Quantitative Risk Analysis
Expected Monetary Value (EMV) Analysis
Expected monetary value (EMV) analysis is a statistical technique that calculates the
average, anticipated impact of the decision.
EMV = (Probability x Impact)
17
© Copyright 2017 Rikkeisoft
4. Quantitative Risk Analysis
Data Gathering and Representation Techniques
Interviewing
Project team members, stakeholders, and subject matter experts are prime candidat
es for risk interviews.
Normally experts are asked to provide their optimistic, most likely and pessimistic es
timates.
18
© Copyright 2017 Rikkeisoft
4. Quantitative Risk Analysis
Decision Tree Analysis
– Decision trees are diagrams that show the sequence of interrelated decisions and th
e expected results of choosing one alternative over the other.
A Decision Tree will have
– Decision to make – For which answer is required
– A Decision Node – Different options
– A Chance Node – Where the estimated chance of outcome is placed.
– Each chance mode branch will have its own EMV
– Net path Value – Payoff minus cost along the entire path.
19
© Copyright 2017 Rikkeisoft
4. Quantitative Risk Analysis
Decision Tree Analysis
20
© Copyright 2017 Rikkeisoft
4. Quantitative Risk Analysis
Decision Tree Analysis
21
© Copyright 2017 Rikkeisoft
5. Plan Risk Responses
What it is?
• It focuses on how to decrease the possibility of negative risks from adversely affecting
the project’s objectives, and on how to increase the likelihood of positive risks that can a
id the project.
How?
• Determine risk response strategies
• Define response activities and allocates Budget, Recourse and adequately required for
handling risk response plan.
• A personal is appointed now responsible to handle adequately budgeted risks respons
e plan and is called Risk response owner
22
© Copyright 2017 Rikkeisoft
5. Plan Risk Responses
Strategies for Negative Risks or Threats
23
© Copyright 2017 Rikkeisoft
5. Plan Risk Responses
Strategies for Negative Risks or Threats
24
© Copyright 2017 Rikkeisoft
5. Plan Risk Responses
Strategies for Positive Risks or Opportunities
25
© Copyright 2017 Rikkeisoft
5. Plan Risk Responses
Strategies for Positive Risks or Opportunities
Accepting the Risks
• Risk acceptance is the process of
simply accepting the risks because no
other action is feasible; or the risks
are deemed to be of small
probability, impact, or both and that
a formal response is not warranted.
• Passive acceptance requires no
action; the project team deals with
the risks as they happen.
• Active acceptance entails developing
a contingency plan should the risk
occur. Acceptance may be used for
both positive and negative risks.
26
© Copyright 2017 Rikkeisoft
5. Plan Risk Responses
Contingent response Strategies
• Contingent response plan will be executed under certain predefined conditions: Sympto
ms, warning signs or trigger.
• Events that trigger the contingency response, such as missing intermediate milestones o
r gaining higher priority with a supplier, should be defined and tracked.
27
© Copyright 2017 Rikkeisoft
6. Control Risks
• What it is?
• Risk monitoring and control is the process of
– Tracking identified risks for signs that they may be occurring
– Monitoring residual risks
– Reviewing that project assumptions are still valid
– Looking for new risks that may develop during project phase
– Auditing risk response strategies
• When?
– Through out project
28
© Copyright 2017 Rikkeisoft
Discussion
29
© Copyright 2017 Rikkeisoft
RIKKEISOFT
Thank you