Archive

Archive for the ‘Risk Management’ Category

Risk Management Kanban & FMEA Toolkit

March 1, 2015 Leave a comment

Kanban is a very effective visual tool that does more than just help teams manage work. It actually stimulates continuous thinking and team participation in the risk management process: a risk management Kanban is an interactive tool for the project team whereas a traditional risk management plan document is a distinct tool for the project manager. Project teams interact with the Kanban board, reducing or eliminating risks over the course of the project life cycle so risks do not become issues.

Risk Management Kanban & FMEA Toolkit image jpeg

FMEA is one of the best tools for risk management because it helps teams focus on business process vulnerabilities and failures, the leading causes of project failure. Most failures result from process inputs or activities that are not in control or those that are new and not previously tested. FMEA can help you identify and address these critical processes and lower the probability of risk occurrence.

This is a different approach to risk management using a combination of Kanban and Failure Modes and Effect Analysis (FMEA) techniques. Create a Kanban based on FMEA to define, evaluate and manage process risks and mitigation tasks before risks become issues.  Get this toolkit here.

Don’t Risk It

April 26, 2010 Leave a comment

by Frank P. Saladis, PMP

I think it is fair to say that risk management is a subject that does not receive the attention it deserves. In today’s extremely uncertain world economy, the need for a solid risk management strategy should be at the top of the list of business priorities.  The key stakeholders in any organization should be the main advocates of risk management and should be insisting that every department and every employee practice at least some very basic activities that will help to reduce exposure to risk situations.  Recently, during a discussion about risk management, the concern raised was that managing risk added cost to the project and was therefore unacceptable to the executive decision makers.  My response was very straightforward. I asked if the individual remembered the statement often mentioned by service providers when discussing maintenance plans which is something like “You can pay me now or you can pay me later”.  This simple statement provides the very foundation for developing a risk management strategy.  It will cost you less to prepare for risk and prevent or mitigate occurrences than it will to correct a situation once it has occurred.  Managing risk involves preventive action, proactive thinking, a positive mindset, and clearly visible managerial support.

Today’s very challenging business environment requires every organization to examine their risk strategies.  Those organizations that do practice some form of risk management focus their attention on quantifying and managing a variety of risks including financial (the recent banking issues), hazards (chemical spills as an example), and operational problems (computer failures, security threats, etc.).  Another area that is screaming for attention, according to Adrian J. Slywotzky and John Drzik in the Harvard Business Review on Managing External Risk is Strategic Risk which they believe is the greatest threat of all. Strategic risks go beyond the familiar challenges such as late product launch or a last minute change in the requirements for a major system deployment.  Strategic risk, according to Slywotzky and Drzik includes the possibility of a major technology overtaking your product or significant shifts in the market that may reduce the need for your product or a shift in customer priorities.  Strategic risk management is, in fact, a “strategic necessity.”

In order to address risk effectively it is important for the management of an organization to communicate the need for an ongoing risk management process and to create, or enhance, within the organization’s structure and operations a culture of risk management.

Risk management should not be viewed as something that is done in addition to the “normal” work that is performed.  It should be embedded in the work in the same way that quality should be embedded in every task performed.

Risk management is actually practiced by most people everyday.  Extra time is added to travel estimates when weather becomes a factor, people have their automobiles inspected for safety, money is placed in a special account as a back up in case of an emergency, and many organizations have established a management reserve that can be used to address unplanned catastrophic events.  The key here is to make sure that a common sense approach is utilized.  Certain risk situations are accepted as a natural part of any given day.  People who travel frequently by air understand that there are inherent risks to consider.  Stepping into your automobile, walking across a busy street, and hiring a new person all include some type of risk.  These potential risks are not generally analyzed in extreme detail.  They are, in most cases assessed subconsciously.  The point is that risk management is being practiced.

Common sense tells us that we should consider risks before we undertake any assignment or make any decision.  Some assignments require just a few minutes of assessment and response development.  Complex tasks and decisions require much more effort and the use of the appropriate tools and techniques.  One very important point that is often overlooked is that risk is often perceived as negative aspect of project management when, in fact, managing risk effectively may present many opportunities.  Risk should always be viewed from both sides: threats and opportunity.

When developing a risk management process it is important to obtain buy in from the stakeholders who will be affected.  Establishing a framework or basis to work from will facilitate the actual development process.  Consider the following table:

Risk Category Sources of Risk
Technical – evolving design, reliability, operability, maintainability  Physical properties, changing requirements, material properties, unstable technology, testing, untested technology, modeling, system complexity, integration, design, safety
Program / Organizational – processes for obtaining resources, enterprise environmental factors, organizational process assets  Material availability,  contractor stability, personnel availability, regulatory changes, personal skills, organizational process, security processes, communications processes, strategic planning issues – industry, technology, brand, competitors, customer/client, projects, portfolios, programs
 Operational – supportability, maintaining systems, operating procedures  Product reliability, training, system safety, documentation, technical data, interoperability, transportability
Financial –limited budgets, estimating processes, constraints  Administrative rates, overhead costs, estimating errors, cost of quality, reliability of estimating resources
 Project Management – schedule, estimating processes, reliability of planning processes, methods and procedures Estimating errors, number of critical path items, degree of concurrency, unrealistic schedule baseline
External – subcontractors, regulatory, market, customer, weather  Contract terms and conditions, unclear statements of work, customer/client responsibilities

 

Developing a framework that identifies risk by category can greatly improve the efficiency at which an organization works to identify and respond to risk situations.  The RBS – Risk Breakdown Structure is commonly used to identify project risks by category and sub-category.  The RBS will help project teams identify risks and become more aware of the many sources of project risk.  The table shown provides some of the information that may be included in a risk breakdown structure.

A culture that encourages a positive and proactive approach to risk management will greatly improve an organization’s overall performance and will build confidence among its employees.  A quote by Louis Pasteur sums up the need for risk management “Chance favors the prepared mind”.  Create an organization that is prepared for the uncertainty of the future.

Whether your responsibilities include making decisions that impact the entire organization or the completion of a task within a project, risk management should be included in the decision process.

Failure to assess risk and develop the appropriate strategies can result in disaster at the project level or enterprise level.  So don’t risk it.  Take the time to assess risk.  Develop a culture that includes risk management as a part of the way things are done naturally.  It does not matter if an organization is risk averse or is aggressive when it comes to taking chances, having a plan is just good business sense.

Re-published with permission from allPM.com. Visit www.allpm.com, the project managers information portal.

About the Author:  Frank P. Saladis, PMP, is a Consultant and Instructor / Facilitator within the project management profession.  He is a senior trainer and consultant for the International Institute for Learning and has conducted numerous project management training seminars domestically and internationally.  He is a Project Management Professional and has been a featured presenter at the Project Management Institute ® Annual Symposiums and World Congresses and many other project management events.  Mr. Saladis is a graduate of the PMI Leadership Institute Masters Class and has held several positions within The Project Management Institute including President of the NYC Chapter, President of the Assembly of Chapter Presidents and Chair of the Education and Training Specific Interest Group.  Mr. Saladis the editor of the internationally distributed newsletter for allPM.com, and is the author of several project management books and numerous articles about project leadership.  Mr. Saladis is the originator of International Project Management Day and was recognized as PMI Person of the Year for 2006.