MB0049 | Define risk management? Explain the components of risk management.
Q: Define risk management? Explain the components of risk management.
Project risk management can be defined as “the systematic execution and monitoring of tasks to detect, analyze and optimize project risks.”
Project risk management is all about the systematic process of identifying, analysing, prioritising and responding to risk by applying risk management principles and controlling the probability and/or impact of unfortunate events at the project level.
The components or steps of risk management are:
• Risk Identification
• Risk Analysis
• Risk Management Planning
• Reviewing Risks
1. Risk Identification
• Risk identification occurs at each stage of the
project life cycle. To identify risks, we must first define risk.
• The best and most common methodology for risk identification is done using a brainstorming session but collecting known problems and probable future problems.
• Outputs from brainstorming session on can include:
o Name of the risk
o Detailed description of risk event
o Risk Trigger
o Risk Type
o Potential Response
o Comments, if any
2. Risk Analysis
• The first step in risk analysis is to make each risk item more specific.
• The next step is to set priorities and determine where to focus risk mitigation efforts.
• During the analysis, discuss with the team members each risk item to understand how devastating it would be if it did occur, and how likely it is to occur. This way you can gauge the probability of occurrence and the impact created. A risk analysis table might help in accessing risk easily.
In the process, we make the group agree on how likely it thinks each risk item is to occur, using a simple scale from 1 to 4 (where 1 is very unlikely and 4 is very likely). The group then rates how serious the impact would be if the risk did occur, using a simple scale from 1 to 4 (where 1 is little impact and 4 is very large). To use this numbering scheme, first pick out the items that rate 1 and 4, respectively. Then rate the other items relative to these boundaries.
3. Risk Management Planning
• After analyzing and prioritizing, the focus comes on management of the identified risks.
• There are two:
o The first is to take action to reduce (or partially reduce) the likelihood of the risk occurring.
o Second, you can take action to reduce the impact if the risk does occur.
Sometimes this is an action taken prior to the crisis, such as the creation of a simulator to use for testing if the hardware is late. At other times, it is a simple backup plan, such as running a night shift to share hardware.
4. Reviewing Risks
• After response actions have been implemented, risks must be tracked and record their effectiveness and any changes to the project risk profile. You need to review the risks periodically so that you can check how well mitigation is progressing.
• Significant changes might include the addition of new features, the changing of the target platform, or a change in project team members. Many people incorporate risk review into other regularly scheduled project reviews.