MB0049 : Describe the various steps in risk management listed below:
a. Risk Identification
b. Risk Analysis
c. Risk Management Planning
d. Risk Review
Answer : Risk Identification
Risk identification occurs at each stage of the project life cycle. To identify risks, we must first define risk. As defined earlier, risks are potential problems, ones that are not guaranteed to occur. When people begin performing risk identification they often start by listing known problems. Known problems are not risks. During risk identification, you might notice some known problems. If so, just move them to a problem list and concentrate on future potential problems.
As projects evolve through project development so too does the risk profile. Project knowledge and understanding keep growing, hence previously identified risks may change and new risks identified throughout the life of the project. Here we will discuss various tools and techniques available for risk identification. The best and most common methodology for risk identification is done using a brainstorming session. The brainstorm typically takes 15-30 minutes. You have to be sure to invite anyone who can help the team think of risks. Invite the project team, customer, people who have been on similar projects, and experts in the subject area of the project. Involving all stakeholders is very important.
Limit the group size to nine people. In the brainstorming session, participants discuss out potential problems that they think could harm the project. New ideas are generated based on the items on the brainstorm list. A project manager can also use the process to refer to a database of risk obtained from past. Here, prior experience and learning from past project plays a very important role. The information obtained from such databases can help the project manager to evaluate and assess the nature of the risk and its impact on the project. Also to a great extent the judgment of the project manager based upon his past experience comes very handy in dealing with risks.
The first step in risk analysis is to make each risk item more specific. Risks such as, “Lack of management buy-in,” and “people might leave,” are a little ambiguous. In these cases the group might decide to split the risk into smaller specific risks, such as, “manager decides that the project is not beneficial,” “Database expert might leave,” and “Webmaster might get pulled off the project.”
The next step is to set priorities and determine where to focus risk mitigation efforts. Some of the identified risks are unlikely to occur, and others might not be serious enough to worry about. Pareto’s law studied earlier applies here.
During the analysis, discuss with the team members each risk item to understand how devastating it would be if it did occur, and how likely it is to occur. This way you can gauge the probability of occurrence and the impact created.
To determine the priority of each risk item, calculate the product of the two values, likelihood and impact. This priority scheme helps push the big risks to the top of the list, and the small risks to the bottom. It is a usual practice to analyse risk either by sensitivity analysis or by probabilistic analysis.
- Sensitivity Analysis: In sensitivity analysis, a study is done to analyse the changes in the variable values because of a change in one or more of the decision criteria.
- Probabilistic Analysis: In the probability analysis, the frequency of a particular event occurring is determined, based on which its average weighted average value is calculated. Each outcome of an event resulting in a risk situation in a risk analysis process is expressed as a probability.
Risk analysis can be performed by calculating the expected value of each alternative and selecting the best alternative. Now that the group has assigned a priority to each risk, it is ready to select the items to manage. Some projects select a subset to take action upon, while others choose to work on all of the items.
Risk Management Planning
After analysing and prioritising, the focus comes on management of the identified risks. In order to maximise the benefits of project risk management, you must incorporate the project risk management activities into our project management plan and work activities.
There are two things you can do to manage risk. The first is to take action to reduce (or partially reduce) the likelihood of the risk occurring. For example, some project that work on process improvement make their deadlines earlier and increases their efforts to minimise the likelihood of team members being pulled off the project due to changing organisational priorities. In a software product, a critical feature might be developed first and tested early.
Second, you can take action to reduce the impact if the risk does occur. Sometimes this is an action taken prior to the crisis, such as the creation of a simulator to use for testing if the hardware is late. At other times, it is a simple backup plan, such as running a night shift to share hardware.
For the potential loss of a key person, for example, you might do two things. You may plan to reduce the impact by making sure other people become familiar with that person’s work, or reduce the likelihood of attrition by giving the person a raise, or by providing extra benefits.
After you have implemented response actions, you must track and record their effectiveness and any changes to the project risk profile. You need to review the risks periodically so that you can check how well mitigation is progressing. You can also see if the risk priorities need to change, or if new risks have been discovered. In such case, you might decide to rerun the complete risk process if significant changes have occurred on the project.
Significant changes might include the addition of new features, the changing of the target platform, or a change in project team members. Many people incorporate risk review into other regularly scheduled project reviews. In summary, risk management is the planning to potential problems, and the management of actions taken related to those problems.
Tags: Business, Hazard identification, Project management, Project management plan, Project Risk Management (Project Management), Risk, Risk Analysis, Risk management
А как насчет вскрытия шифров. Какова твоя роль во всем. Сьюзан объяснила, что перехватываемые сообщения обычно исходят от правительств потенциально враждебных стран, политических фракций, террористических групп, многие из которых действуют на территории США.