• What Is Risk Management? A Simple Guide for PM Newbies

    Yuliya Skorobogatova 26 June 2017
    906f923154a332069a2c1eb96b96d219.png
    They say life is what happens while you’re busy making other plans. In business, however, planning is everything. There’s no quality deliverable without a pre-planned project, just as there is no fruitful project without a solid risk management plan.


    1.     What Is It and Why It’s Important  
    Risk management should be a proactive, continual process. By definition, it implies identification and analysis of a detected problem, followed by a response plan that determines a solution. Rather than dealing with possible issues as they occur, risk management preaches prognostication.

    Consequently, the main goal of this practice goes beyond problem-solving. More importantly, risk management should predict, quantify, and prioritize potential setbacks long before they happen, thus ensuring that they never happen. It’s all in the best interest of objectives: with all foreseeable threats removed, projects can be completed in time and within the budget.

    In fact, poor risk management (or a complete lack thereof) is one of the major reasons projects collapse. Though we’ve seen some rises in success rates this year, the 2016 issue of PMI’s Pulse of the Profession reports that “For every $1 billion invested in the United States, $122 million was wasted due to lacking project performance”.

    2.   Risk Management Process in 4 Simple Steps
    322842bc02776e2be642e8a763481715.png
    Not only can risk management help you enhance project performance, but it actually saves money. Everyone involved wants to see a project run smoothly and finish on time, and the only way to ensure that is by implementing a systematic risk management process. Here’s what it should include.

    Step 1: Identify Risks
    Some managers encourage their team members to predict possible project risks on their own, while others insist upon group brainstorming sessions during which anticipated problems are uncovered, recognized and described.

    Step 2: Analyse Risks

    Detected risks are then quantified and analysed. This step is all about measuring the probable impact and consequences of those risks, but it also determines their likelihood. Think about how plausible the problems you’re expecting to happen really are, and how they could affect your performance, budget, and deliverables.

    Step 3: Make a Contingency Plan

    Otherwise called Risk Response Planning, this phase in the risk management process is multi-stepped. We’ll talk about it more in a separate section, but what it essentially comes down to are the prevention and treatment of certain project threats.

    Step 4: Monitor and Control the Risks

    As mentioned before, risk management is a continuous process. Probable problems should be addressed in advance, while the actual contingency plan should be revised every time you reach a new milestone and at each consecutive project phase.

    3.   Common Types of Project Risks
    1f079449e9b796752f829f8f854a64c4.png
    Researchers and managers both agree that cost, schedule and performance are the three biggest risks to successful project completion. Together with scope creep, poor budget and timeframe estimation can set a project for failure even before it has started, while inefficiency, miscommunication, and inconsistent workflow management frequently contribute to delivering substandard results.

    Unfortunately, they’re not the only ones. Some project risks can creep up on you unnoticed, and the least thing we can do is tell you where to look. Pay attention to market dynamics, since underestimated completion can diminish your project’s success. Legal risks and threats associated with external hazards are also something to consider.

    Still, the most immediate danger comes from inadequate governance, strategic and operational errors. A successful project manager should always keep a watchful eye on internal processes, thus assuring that every strategy makes sense and that everyone involved knows how, when, and at which cost to handle individual project tasks.  

    4.     Risk Analysis: Likelihood and Impact Assessment
    Risk management is not about overthinking what can go wrong, but about manoeuvring around realistic and predictable problems. You’ll find that some predictions are so far-fetched that addressing them would mean an unnecessary loss of valuable time. That’s why each identified risk should be analysed and treated accordingly.

    At this step, a project manager should assess the likelihood of probable issues and determine whether or not they pose a threat at all. Those that do should be prioritized and categorized with two specific criterions in mind: the probability of occurrence and the level of impact. Since prevention is the ultimate goal here, try not to focus on the problem itself as much as on determining its root cause.  

    5.     Risk Response: Prevention and Treatment
    e51c4b71ed9667a63514839585318cb8.png
    From there on, you should develop your contingency plan in two directions: prevention and treatment. The first one will address the aforementioned root cause and establish measures for eliminating it. It’s the ideal scenario, in which the threat is nipped in the bud and removed before occurring.

    The treatment part of risk response deals with the eventuality of a problem happening despite the prevention. It’s where you should think about the actual solutions for managing identified risks, and develop a framework of actionable steps for their resolution. Here’s how risk response should look like on paper:

    Step 1: Avoidance

    Pinpoint the source to eliminate the risk altogether.

    Step 2: Mitigation

    Reduce the probability of the risk in order to reduce its impact and monetary consequences.

    Step 3: Acceptance

    Accept that avoidance and mitigation have failed and put the contingency plan into action.

    6.     Risk Monitoring: Revaluation and Control
    A fully developed risk management plan gives you greater flexibility when it comes to both project execution and problem solving. But, bear in mind that a contingency draft isn’t drawer material: there’s no point in identifying threats and establishing solutions if you don’t monitor and control what’s happening throughout the process.

    Instead of practicing it separately, include your risk management protocol into a project breakdown structure. That way, periodic, but regular monitoring can become part of the overall timeframe, and every milestone can be followed up by a reassessment of the risk management’s effectiveness. It’s also a good chance to take another look at what lays ahead and identify new risks that may not be obvious from the start.

    In case you’re new to project management, we’ll be brutally honest: for one reason or another, around a third of all projects never reach completion. With so many people and requirements involved, something unpredicted is due to happen. Risk management can eradicate most uncertainties, thus assuring minimal setbacks and stellar results.

    Bitrix24 is a free online project management solution with unlimited projects, tasks and subtasks. It comes with time tracking, task automation workflows, Kanban, Gantt chart and document management. Use promocode TIP10 when registering your free Bitrix24 account to get extra 10GB.

    You may also like:
    5 Books Every Entrepreneur Should Read
    New in Project Management? 6 Tips to Act Like a Pro!
    5 Hacks for Successful User Onboarding
2,000,000+
organizations
are already using Bitrix24