The following article is a sample from the full BVOP™ Ultimate Guide and is part of the preparation for the BVOP™'s modern Agile Project Management Certification Program.
Project risk management requires awareness and involvement of key roles from management offices, development teams, implementations, and support departments and all parties interested in the project.
Project risk management is a major activity with high importance in the context of the BVOP.
The Business Value-Oriented Project Management (BVOPM) office needs to stand by the following ideas:
- A risk may be obvious or hidden.
- An unrealized and unmanaged risk may cost a lot of time and resources.
- An unmanaged risk may be a reason for the failure of the project.
The obvious risk relates to obvious topics, expected, known, and already previously experienced by individuals involved in a project.
The hidden risk is related to topics and events for which project participants and stakeholders have no awareness or knowledge.
Project risk management may include the following activities:
- Collecting risk items
- Evaluating the risk
- Risk prioritization
- Observing the risk
- Discussing risk
- Avoiding the risk
- Updating the risk items
- Sharing the risk
- Willingness to share and involve
Collecting risk items
Risk items are risk topics that can be defined and described separately. They are usually collected in a common list that contains an indefinite and unlimited amount of risk items.
The collecting of risk topics includes the naming and description of all possible events and factors that may negatively affect the project in any way.
The collecting of the risk items requires extensive knowledge of the BVOPM office and pointing possible realistic situations that are considered as risk items. The collection of risk items requires knowledge of the BVOPM office in the collected items. All offices, departments, and key roles involved in the project contribute to the risk collection through their knowledge and experience.
Evaluating the risk
Each risk item needs evaluation and detailing for easier general risk management.
Risks items attributes
The risks items may have multiple attributes like:
- Loss size
- Action plan
The categorization of the risk items helps with organizing all the risks into general groups. Categorization may include areas like:
Risk items in this category usually include issues that may arise from the organization's senior and middle management. Issues may be related to the low engagement of senior management, lack of communication, unrealistic budgets, and more.
This category may include risks that are closely related to product users. They may include negative attitudes, lack of commitment, low user satisfaction, and more.
These risks may be related to constantly changing requirements, changes of the requirements at late stages, unclear requirements, misunderstanding of the requirements, and more.
Technological risk can lead to significant time-to-market if teams use unfamiliar technologies. This risk usually affects time, costs, and pre-planned events.
Technical debt is another risky topic that needs focus. Massive technical debt can lead to eventual product re-work and negative development direction.
A technical risk may be the cause of negatives to external teams that may have difficulty in using parts of the product. Support and integration may be difficult.
A risk associated with people who develop or maintain the product. Possible risks are inadequate experience, not enough personnel, team conflicts, low motivation, and other aspects of human behavior and interactions.
An organizational risk may be related to the organization's inability to manage the entire product, staff, supplies, support, events, resources, policies, and legal aspects, etc.
The culture and maturity of the organization, unstable environment, resources, and restructuring can also be major risk issues.
Supply may include providing materials, resources, external and internal needs, content, data, tools, environments. Not supplying any of these may be considered as a project risk.
Description of the actual expected risk item. Items are described briefly in a comprehensible language.
The impact is the actual potential damage caused by each risk item. It describes shortly what eventually may happen if the risk occurs.
The likelihood of the risk occurring. It may be a numerable value from 1 to 10, other quantitative units, or a term item like “Unlikely”, “Likely to occur”, “Certain to occur,” etc.
Any potential risk may have a documented symptom of occurrence. Depending on previous experience and skills of the teams and parties involved in the project, the symptoms can be predicted and described clearly.
Symptoms should be clear to all involved in and developing the project.
Loss size is a relative unit that represents possible material losses such as hours, days, or money.
If a risk item has a Loss size of 10, this may mean a 10-day delay in the project. If the result is multiplied by the total money consumption per day, this may indicate the number of total losses caused by this risk.
The entire project risk collection has a Total Loss Size number, which is the sum of all loss size values of all risk items.
If the project risk collection contains 100 risks items with an average loss size value of 10 for each item, then the Total Loss size for the entire project will be 1000. If the Loss size unit represents days, and if the entire risk described in the collection occurs, the entire project will be delayed by 1000 days. If one business day costs $1000 for the organization, including fees, wages, and any expenses, the total loss for the organization will be $1000.000.
The BVOP focuses on project risk management and Loss size for each risk item as an important topic that is associated with serious damage to organizations.
The visualization of possible losses may help raise the level of responsibility and commitment of all key roles in the project.
Defining and collecting risk items is not enough to adequately manage risk. An action plan is needed for any potential risk. If a risk factor or event arises, the management offices, development teams, and all key project roles and stakeholders must be prepared and aware of possible response actions.
The BVOP suggests that all offices inside an organization and all teams and individuals should do their best to avoid all potential risks.
The owner is an individual, team, or an entire office responsible for risk avoidance. The owner is always known, defined, and needs to be competent in the risk category. The owner is proactive and acts independently to prevent the risk. Proper guidance and support from other offices, teams, or individuals are recommended if this would increase the chances for risk avoidance.
Proximity is an estimate of when exactly the risk is most likely to occur. Owners can concentrate their efforts and observations within a reasonable time before the risk emerges if the proximity is realistic.
Proximity types may be upcoming, within a stage, within the project, beyond the project.
The risk items may also have other attributes like ID, Name, Date, Status, or any other that provides convenience for general risk management.
Prioritization of all the risk items is a helpful practice that ensures focus on high important possible issues and optimize the effort needed for risk management. A popular practice in the classical project management is the risk items to be ordered by their risk probability or by values of several multiplied attributes.
The BVOP suggests that ordering by one attribute or result of attributes is not enough, and the project risk needs more attention and focus. The risk may be hidden and unexpected. Project risk management requires the collaboration of all offices, departments, and individuals. The project risk is dynamic at different stages of the project, and the prioritization should also be dynamic.
Each office or department can filter the risk items to their needs by using the available categories, owners, and attributes of the items. Filtering can provide focus and easier monitoring and risk management.
For example, the design department can track the risk items from the Design category and prioritize and focus on the risks associated with the entire design department. Management offices can filter the risk collection according to Management category or Loss Size to focus on potential management issues or to calculate total potential losses.
Observing the risk
Observing the risk has a crucial role in risk management. All risk owners need constant awareness of the risk items assigned to them and proactively track symptoms and statuses, observe situations, behaviors, and occurrences that may cause a certain negative event to implode.
Offices, departments, or teams need to discuss the project risk at the early stages of the risk definition and on regular discussion sessions through the entire project.
During the sessions, each department can define new risks and provide other departments with information (status, updates, issues, needs) about the risks already identified.
Conclusions and information from the sessions held are shared with all the offices and departments interested in the project.
Discussion sessions are quick and focused on essential topics and productivity.
Avoiding the risk
Avoiding the risk is the main subject and activity of all parties involved in the project, and it requires collaboration and proactivity.
Avoiding the risk may include actual work to be done at the early stages or during the project. It may be scheduled as regular tasks for internal or external teams as a part of the entire product or project development or delivery.
Updating the risk items
Updating risk items takes place over the entire project cycle and may be a method of revealing hidden risks.
Updating of risk items is based on the newly provided information, discussions, resolved, or new issues.
Sharing the risk
Risk-sharing involves providing the entire risk collection to all offices, teams, key roles, and stakeholders. Risk sharing is a way to prevent potential risks and to improve the collection.
Willingness to share and involve
The BVOP suggests the participation of as many key roles as possible in risk management. Some departments and individuals may avoid participating in this process intentionally. The unwillingness to participate in risk management and avoidance may have different roots. Still, key role participation in the entire project risk management process is a worthwhile activity that can prevent many risky events and factors.
The BVOPM office spreads a culture of cooperation and points out and highlights the benefits of involving key roles in risk management.
- Previous article Project Release Planning, Project Support Planning and Product Support Planning
- Next article Time estimation