« Project Manager Responsibilities
Corporate Transformation: Shooting at the Moon, Again! »

Managing Risks - Response and Control

September 19, 2008 | Author: PM Hut | Filed under: Risk Management, Risk Response & Control

Managing Risks - Response and Control (#4 in the series Managing Risks)
By John Filicetti

Once you’ve identified and qualified the risks, you need to plan to manage them. Because risk planning can take a lot of time and energy, you may want to plan for only the high-priority risks (priority 1) or the medium to high-priority risks (priorities 1 to 3). Planning entails:

  • Identifying triggers for each risk
  • Identifying the plan for each risk if it does occur

Identify Triggers

Triggers are indicators that a risk has occurred or is about to occur. The best triggers tell you well in advance that a problem will occur.

To identify triggers, talk with the people who are most likely to cause the risk to occur and those who are most likely to feel its impact. Ask them how they would know that the problem is occurring. Start with how they would know that the problem has already occurred, and then work backward to determine how they would know before the problem actually occurred. As the project manager, consider how the risk would be reflected in the project schedule. Would the project schedule show overtime for a specific resource on earlier tasks? Would the project schedule show delays in specific tasks?

For each risk you’re addressing, create a list that shows the possible triggers, when they are likely to occur, and who should watch for the trigger.

Identify Plans

Once you’ve identified triggers and created your list, you need to create action plans to manage your risks. You can choose to manage risks in one of four basic ways:

  • Avoidance – You can change the project plan and project schedule to eliminate the risk or to protect the project objectives from its impact. More in-depth planning or requirements gathering may be one way to avoid a risk later in a project. Reducing scope to avoid high-risk activities, adding resources, or adding time may be other ways to avoid risk. For example, if you’re dependent on a single resource with specific expertise, consider training another resource in that expertise.

  • Transference – Risk transference is seeking to shift the consequence of a risk to a third party together with the ownership of the response. It does not eliminate the risk. You can buy insurance to cover the cost of a risk item occurring. Another transference technique is to enter into a fixed price contract, which transfers the risk to the performing party.

  • Mitigation – Mitigation seeks to reduce the probably and/or consequences of an adverse risk event to an acceptable threshold by taking actions ahead of time, thereby decreasing the likelihood of the problem occurring. Many times, it is much more effective to reduce the probability of a risk even occurring than trying to repair the consequences after it has occurred. For example, if you’re dependent on an outside vendor making its delivery dates, your contract with the vendor might include penalties for late delivery, in order to offset your potential losses. Risks that seem large enough to threaten the project should lead to an “early prototype or pilot” effort being before full implementation.

  • Acceptance – The final technique of dealing with risk is to respond to the risk item with a contingency plan should the problem occur. For example, if a task is at risk of being delayed, your plan may be to add additional resources to the task. Your contingency plan should include any work that must be done ahead of time to make the contingency successful. For example, you’ll want to make sure that the additional resources are available in case you need them.

Keep in mind that risk management plans can have unexpected ramifications. The prudent project manager might want to model each plan in their project-scheduling tool to see the plan’s impact on the project. Look for new risks that occur as a result of the project schedule and address them.

John F. Filicetti, PMP, MBA
John Filicetti is a Sr. Sales Engineer/PM-PMO-PPM Consultant with a great depth of experience and expertise in enterprise project management, project management methodologies, Project Portfolio Management (PPM), Project Management Offices (PMOs), Governance, process consulting, and business management. John has directed and managed project management teams, created and implemented methodologies and practices, provided project management consulting, created and directed PMOs, and created consulting and professional services in such areas as project portfolio management, Governance, business process re-engineering, network systems integration, application development, infrastructure, and complex environments. John has enjoyed many years as PMO Director for large corporations in the Seattle area and leads the PMO Roundtable discussion group and forum.

Share this article:
  • Digg
  • del.icio.us
  • Facebook
  • Google
  • blogmarks
  • LinkedIn
  • Reddit
  • StumbleUpon
  • TwitThis
  • Yahoo! Buzz

Related Articles

This entry was posted on Friday, September 19th, 2008 and is filed under Risk Management, Risk Response & Control. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

No comments yet.

feel free to leave a comment

Comment Guidelines: Basic XHTML is allowed (a href, strong, em, code). All line breaks and paragraphs are automatically generated. Off-topic or inappropriate comments will be edited or deleted. Email addresses will never be published. Keep it PG-13 people!

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

All fields marked with " * " are required.

Project Management Categories