What do you think would happen if someone tried to carry out a complex commercial development project without using blueprints? The project would probably not run very smoothly. If you have a good blueprint, you will increase the chances of success for your project.
To ensure that all the people involved in your project meet their objectives, some type of blueprint for development is essential. A planning meeting is where a good blueprint will be developed to handle any risks that might occur during your project.
During the planning meeting, specific decisions have to be made to ensure you develop an optimum risk management plan for your project. It is the role of the PM to facilitate the meeting to ensure that an effective plan is developed.
The risk management plan that you develop at your meeting will describe how risk identification, qualitative and quantitative analyses, response planning, and monitoring and control will be structured and performed during your project's life cycle.
Methodology defines the approaches, tools, and data sources that might be used to perform risk management on your project.
Roles and responsibilities define the lead, support, and risk management team membership for each type of action in the risk management plan.
Budgeting establishes a budget for risk management for the project.
Timing defines how often the risk management process will be performed throughout the project life cycle.
Scoring and interpretation outlines the scoring systems you are going to use to rate risks. It includes thresholds that refer to the criteria for risks that will be acted upon.
Reporting formats describe the content and the presentation style of the risk response plan. Tracking documents how all facets of risk activities will be recorded for the benefit of the current project, future needs, and lessons learned.
Once you have assembled your risk management planning team, you will have to distribute the appropriate project inputs to each team member. It is your responsibility to guide the team toward making the necessary decisions to create an effective risk management plan. It is your job to ask them the questions that will help them make these decisions. Some questions you should ask are:
- What methods will be used to assess risks?
- What are the risk management roles and responsibilities?
- How much will managing this risk cost?
- How often will risk management processes be performed?
- What thresholds will be set to determine further risk analysis and response?
- What reporting methods and tools will be used to report and document risk status and processes?
You not only need to ask questions, you also need to understand what type of answers you are looking for to create a risk management plan. Identifying the methodology to use to perform risk management depends on the project stage, the amount of information available, and the flexibility of the risk management plan. The method you choose should suit your company's usual approach to risk management.
Risks can be analyzed qualitatively or quantitatively. Qualitative methods classify risks into categories such as high, medium, or low. Quantitative methods assign numeric values based on the probability and consequence of risks. You should use the same method to analyze each risk because you have to be able to compare the results and prioritize the risks.
Based on the structure of your project and how your organization usually handles risk, your team members will assign risk management roles and responsibilities to qualified team members.
The team will decide who is needed to lead and support the risk management processes. For example, someone will be assigned to track changes as a result of risk.
The risk management team will determine the duties for each role. For example, the risk tracker will have to document how risk processes will be audited.
The team must also look at budget information when creating a risk management plan. Based on the decisions that you make, you will have to assess how much the management of the risk will cost for the project. If the cost is too high, you may have to revisit your decisions and reduce expenditures in certain risk management areas. For example, you may opt to reduce the frequency of audits in order to lower costs.
The team will decide how often to perform risk management processes. Timing will be based on the stakeholder risk tolerances and the critical elements in the project's WBS that require more stringent risk management. Stakeholder risk tolerances should be adhered to provided stakeholders understand the cost involved in risk management. If stakeholders want more frequent audits, the team should comply with their requests. Similarly, projects with more critical elements will require more frequent risk analyses.
A schedule describing how often risk management will be performed should be developed early enough to affect decisions and should be revisited throughout the project. For example, during a critical phase, it is likely that there will be more risk analyses.
The fifth question your team needs to answer when creating a risk management plan is what thresholds will be set to determine further risk analysis and response? Thresholds are defined limits for cost, schedule, and scope variance. To determine thresholds, the team should decide the degree of change that the project can sustain in order to address risks and then set limits based on that degree. If the team is unable to do this, this risk will require a response.
The final question involved in creating your risk management plan deals with the reports and tools used to report risk status and track risk management processes for the project. The reporting format outlines how the results of risk management will be documented, analyzed, and communicated. The tracking method documents how the risk processes will be audited. You must determine these methods before you can act on your risk management plan. This documentation serves as a record of the project's risk activities.
It is important to make the right decisions when developing your risk management plan. This will ensure that your plan is effective and will serve as a good blueprint for your project's risk management.