The following article is a sample from the full BVOP™ Ultimate Guide and is part of the preparation for the BVOP™'s modern Agile Project Management Certification Program.
Project risk management requires awareness and involvement of key roles from management offices, development teams, implementations, support departments and all parties interested in the project.
Project risk management is a major activity with high importance in the context of the BVOP.
The Business Value-Oriented Project Management (BVOPM) office needs to stand by the following ideas:
- A risk may be obvious or hidden.
- An unrealized and unmanaged risk may cost a lot of time and resources.
- An unmanaged risk may be a reason for the failure of a project.
The obvious risk relates to topics, which are expected, known, and previously experienced by individuals involved in a project.
The hidden risk is related to topics and events for which project participants and stakeholders have no awareness or knowledge.
Project risk management may include the following activities:
- Collecting risk items
- Evaluating the risk
- Risk prioritization
- Observing the risk
- Discussing the risk
- Avoiding the risk
- Updating the risk items
- Sharing the risk
- Willingness to share and participate
Collecting risk items
Risk items are risk topics that can be defined and described separately. They are usually collected in a common list that contains an indefinite and unlimited amount of risk items.
The collecting of risk topics includes the naming and description of all possible events and factors that may negatively affect the project in any way.
Extensive knowledge about risk items is required in the process of their collection. Pointing out the possible realistic situations of their occurrence is also needed. All offices, departments, and key roles involved in the project contribute to the risk collection through their knowledge and experience.
Evaluating the risk
Each risk item needs evaluation and detailing for easier general risk management.
Risks items attributes
The risks items may have multiple attributes like:
- Loss size
- Action plan
The categorization of the risk items helps with their organization into general groups. Categorization may include areas like:
Risk items in this category usually include issues that may arise from the organization's senior and middle management. Issues may be related to the low engagement of senior management, lack of communication, unrealistic budgets, and more.
This category may include risks that are closely related to product users. That may include negative opinions, lack of commitment, low user satisfaction, and more.
These risks may be related to:
Constantly changing requirements
Changing requirements at late stages
Misunderstanding the requirements
Technological risk can lead to significant time-to-market if teams use unfamiliar technologies. This risk usually affects time, costs, and pre-planned events.
Technical debt is another risky topic that needs focus. Massive technical debt can lead to eventual product re-work and negative development direction.
A technical risk may cause a negative impact on external teams, which can lead to difficulties with using parts of the product. Support and integration may be difficult.
A team risk is associated with people who develop or maintain the product. Possible risks are inadequate experiences, not enough personnel, team conflicts, low motivation, and other aspects of human behavior and interactions.
An organizational risk may be related to the organization's inability to manage the entire product, staff, supplies, support, events, resources, policies, and legal aspects, etc.
The culture and maturity of the organization, unstable environment, resources, and restructuring can also be major risk issues.
Supply may include providing materials, resources, external and internal needs, content, data, tools, environments. Not supplying any of these may be considered as a project risk.
Description of the actual expected risk item. Items are described briefly in a comprehensible language.
The impact is the potential damage caused by each risk item. It describes shortly what eventually may happen if the risk occurs.
The likelihood of the risk occurring. It may be a numerable value from 1 to 10, other quantitative units, or a term item like “Unlikely”, “Likely to occur”, “Certain to occur,” etc.
Any potential risk may have a documented symptom of occurrence. Depending on previous experience and skills of the teams and parties involved in the project, the symptoms can be predicted and described clearly.
Symptoms should be clear to all involved in and developing the project.
Loss size is a relative unit that represents possible material losses such as hours, days, or money.
If a risk item has a Loss size of 10, this may mean a 10-day delay in the project. If the result is multiplied by the total money consumption per day, this may indicate the number of total losses caused by this risk.
The entire project risk collection has a Total Loss Size number, which is the sum of all loss size values of all risk items.
If the project risk collection contains 100 risks items with an average loss size value of 10 for each item, then the Total Loss size for the entire project will be 1000. If the Loss size unit represents days, and if the entire risk described in the collection occurs, the entire project will be delayed by 1000 days. If one business day costs $ 1000 for the organization, including fees, wages, and any expenses, the total loss for the organization will be $ 1, 000, 000.
The BVOP focuses on project risk management and Loss size for each risk item as an important topic that is associated with serious damage to organizations.
The visualization of possible losses may help raise the level of responsibility and commitment of all key roles in the project.
Defining and collecting risk items is not enough to adequately manage risks. An action plan is needed. If a risk factor or event arises, the management offices, development teams, and all key project roles and stakeholders must be prepared and aware of possible response actions.
The BVOP suggests that all offices inside an organization and all teams and individuals should do their best to avoid all potential risks.
The owner is an individual, team, or an entire office responsible for risk avoidance. The owner is always known, defined, and needs to be competent in the risk category. The owner is proactive and acts independently to prevent the risk. Proper guidance and support from other offices, teams, or individuals are recommended if this would increase the chances of risk avoidance.
Proximity is an estimate of the most likely time for a risk to occur. Owners can concentrate their efforts and observations within a reasonable time before the risk emerges if the proximity is realistic.
Proximity types may be upcoming, within a stage, within the project, beyond the project.
The risk items may also have other attributes like ID, Name, Date, Status, or any other that provides convenience for general risk management.
Prioritization of all the risk items is a helpful practice that ensures focus on highly important possible issues and optimizes the effort needed for risk management. A popular practice in the classical project management is the risk items to be prioritized by their risk probability or by values of several multiplied attributes.
The BVOP suggests that prioritizing by one attribute or result of attributes is not enough, and the project risk needs more attention and focus. The risk may be hidden and unexpected. Project risk management requires the collaboration of all offices, departments, and individuals. The project risk is dynamic at different stages of the project, therefore the prioritization should also be dynamic.
Each office or department can filter the risk items to their needs by using the available categories, owners, and attributes of the items. Filtering can provide focus and easier monitoring and risk management.
For example, the design department can track the risk items from the Design category and prioritize and focus on the risks associated with the entire design department. Management offices can filter the risk collection according to Management category or Loss Size to focus on potential management issues or to calculate total potential losses.
Observing the risk
Observing the risk has a crucial role in risk management. All risk owners need constant awareness of the risk items assigned to them and proactively track symptoms and statuses, observe situations, behaviors, and occurrences that may cause a certain negative event to implode.
Offices, departments, or teams need to discuss the project risk at the early stages of the risk definition, as well as at the regularly held discussion sessions throughout the entire project.
During the sessions, each department can define new risks and provide other departments with information (status, updates, issues, needs) about the risks already identified.
Conclusions and information from the sessions held are shared with all the offices and departments interested in the project.
Discussion sessions are quick and focused on essential topics and productivity.
Avoiding the risk
Avoiding the risk is the main subject and activity of all parties involved in the project. It requires collaboration and proactivity.
Avoiding the risk may include actual work to be done at the early stages or during the project. It may be scheduled as regular tasks for internal or external teams as a part of the entire product or project development or delivery.
Updating the risk items
Updating risk items takes place over the entire project cycle and may be a method of revealing hidden risks.
Risk items updates are based on the newly provided information, discussions, resolutions, or new issues.
Sharing the risk
Risk-sharing involves providing the entire risk collection to all offices, teams, key roles, and stakeholders. It is a way to prevent potential risks and to improve their collection.
Willingness to share and participate
The BVOP suggests the participation of as many key roles as possible in risk management. Some departments and individuals may avoid participating in this process intentionally. The unwillingness to participate in risk management and avoidance may have different roots. Still, key role participation in the entire project risk management process is a worthwhile activity that can prevent many risky events and factors.
The BVOPM office spreads a culture of cooperation and points out and highlights the benefits of involving key roles in risk management.
- Previous article Project Release Planning, Project Support Planning and Product Support Planning
- Next article Time estimation