They say life is what happens while you’re busy making other plans. In business, however, planning is everything. There’s no quality deliverable without a pre-planned project, just as there is no fruitful project without a solid risk management plan.
1. What Is It and Why It’s Important
Risk management should be a proactive, continual process. By definition, it implies identification and analysis of a detected problem, followed by a response plan that determines a solution. Rather than dealing with possible issues as they occur, risk management preaches prognostication.
Consequently, the main goal of this practice goes beyond problem-solving. More importantly, risk management should predict, quantify, and prioritize potential setbacks long before they happen, thus ensuring that they never happen. It’s all in the best interest of objectives: with all foreseeable threats removed, projects can be completed in time and within the budget.
In fact, poor risk management (or a complete lack thereof) is one of the major reasons projects collapse. Though we’ve seen some rises in success rates this year, the 2016 issue of PMI’s Pulse of the Profession reports
that “For every $1 billion invested in the United States, $122 million was wasted due to lacking project performance”.
2. Risk Management Process in 4 Simple Steps
Not only can risk management help you enhance project performance, but it actually saves money. Everyone involved wants to see a project run smoothly and finish on time, and the only way to ensure that is by implementing a systematic risk management process. Here’s what it should include.
Step 1: Identify Risks
Some managers encourage their team members to predict possible project risks on their own, while others insist upon group brainstorming sessions during which anticipated problems are uncovered, recognized and described.
Step 2: Analyse Risks
Detected risks are then quantified and analysed. This step is all about measuring the probable impact and consequences of those risks, but it also determines their likelihood. Think about how plausible the problems you’re expecting to happen really are, and how they could affect your performance, budget, and deliverables.
Step 3: Make a Contingency Plan
Otherwise called Risk Response Planning, this phase in the risk management process is multi-stepped. We’ll talk about it more in a separate section, but what it essentially comes down to are the prevention and treatment of certain project threats.
Step 4: Monitor and Control the Risks
As mentioned before, risk management is a continuous process. Probable problems should be addressed in advance, while the actual contingency plan should be revised every time you reach a new milestone and at each consecutive project phase.
3. Common Types of Project Risks
Researchers and managers both agree that cost, schedule and performance are the three biggest risks to successful project completion. Together with scope creep, poor budget and timeframe estimation can set a project for failure even before it has started, while inefficiency, miscommunication, and inconsistent workflow management frequently contribute to delivering substandard results.
Unfortunately, they’re not the only ones. Some project risks can creep up on you unnoticed, and the least thing we can do is tell you where to look. Pay attention to market dynamics, since underestimated completion can diminish your project’s success. Legal risks and threats associated with external hazards are also something to consider.
Still, the most immediate danger comes from inadequate governance, strategic and operational errors. A successful project manager should always keep a watchful eye on internal processes, thus assuring that every strategy makes sense and that everyone involved knows how, when, and at which cost to handle individual project tasks.
4. Risk Analysis: Likelihood and Impact Assessment
Risk management is not about overthinking what can go wrong, but about manoeuvring around realistic and predictable problems. You’ll find that some predictions are so far-fetched that addressing them would mean an unnecessary loss of valuable time. That’s why each identified risk should be analysed and treated accordingly.
At this step, a project manager should assess the likelihood of probable issues and determine whether or not they pose a threat at all. Those that do should be prioritized and categorized with two specific criterions in mind: the probability of occurrence and the level of impact. Since prevention is the ultimate goal here, try not to focus on the problem itself as much as on determining its root cause.
5. Risk Response: Prevention and Treatment
From there on, you should develop your contingency plan in two directions: prevention and treatment. The first one will address the aforementioned root cause and establish measures for eliminating it. It’s the ideal scenario, in which the threat is nipped in the bud and removed before occurring.
The treatment part of risk response deals with the eventuality of a problem happening despite the prevention. It’s where you should think about the actual solutions for managing identified risks, and develop a framework of actionable steps for their resolution. Here’s how risk response should look like on paper:
Step 1: Avoidance
Pinpoint the source to eliminate the risk altogether.
Step 2: Mitigation
Reduce the probability of the risk in order to reduce its impact and monetary consequences.
Step 3: Acceptance
Accept that avoidance and mitigation have failed and put the contingency plan into action.
6. Risk Monitoring: Revaluation and Control
A fully developed risk management plan gives you greater flexibility when it comes to both project execution and problem solving. But, bear in mind that a contingency draft isn’t drawer material: there’s no point in identifying threats and establishing solutions if you don’t monitor and control what’s happening throughout the process.
Instead of practicing it separately, include your risk management protocol into a project breakdown structure. That way, periodic, but regular monitoring can become part of the overall timeframe, and every milestone can be followed up by a reassessment of the risk management’s effectiveness. It’s also a good chance to take another look at what lays ahead and identify new risks that may not be obvious from the start.
In case you’re new to project management, we’ll be brutally honest: for one reason or another, around a third of all projects never reach completion. With so many people and requirements involved, something unpredicted is due to happen. Risk management can eradicate most uncertainties, thus assuring minimal setbacks and stellar results.