Risk Management | By Kenneth Darter | Read time minutes
As a project progresses from an idea sketched on a white board to a preliminary plan and into a full-fledged project management plan with a schedule and all the bells and whistles, it will gather risks around it like moths gather around a light. Risks will pop up during every phase of the project.
Even the most well-prepared project manager on the most well-planned project will end up dealing with risks. How it affects the project, though, is determined by how well the team deals with those risks.
The best way to deal with risks is to remove them from the project in one way or another. Removing risks can help the project proceed without the distraction and the extra work entailed in dealing with risks left to their own devices. Dealing with any risk involves four key phases.
The first step to risk management is identifying the risks. Everyone involved with the project should be able to identify potential risks. During this initial phase, an objective assessor must determine whether the risk is valid enough to be dealt with by the project management team.
There will always be risks. However, from the very beginning, some of them will be negligible or so remote that very little time should actually be spent dealing with them. Managing risks on a project shouldn't involve worrying over every little possibility.
Instead, risk management should focus on creating mitigation plans that will truly aid and enhance the overall project management plan. Identification is the first step in winnowing down the risks involved in any project.
If a risk makes it past the identification stage and remains on the project manager's risk radar, then it must be analysed, researched and evaluated. This stage of risk management involves many different resources from the project - project managers, subject-matter experts, stakeholders, decision-makers.
Any risk being analysed has been determined to be valid for the project. As the analysis is completed, more information is discovered about the risk. A decision should be made by the appropriate people (project manager, stakeholder, etc.) as to whether this risk is worthy of the project team's time and resources or should be left as is and accepted by the project.
Once the team has identified and analysed the risk, it's time to make a final determination if the project manager has not already decided to remove or accept the risk. If the risk seems significant enough, then the determination should be to mitigate or update the project management plans to account for the risk.
This should not be a subjective decision. There must be a certain threshold defined by the risk management plan - an objective determination concerning the risk. If the risk falls below the threshold established by the risk management plan, then it can be accepted or even removed from consideration for the project.
The final step for any risk is removal from the project. This can occur whether the risk was accepted due to the processes in the risk management plan or was successfully mitigated. Removing the risk indicates that the project team no longer needs to spend time or effort on that particular risk.
Of course, there will always be more risks to consider - but each risk removed takes you one step closer to finishing the project successfully.
What about you, our readers? What process do you use to eliminate risks?