The risk management process begins with identification - to examine a project "concept" for potential risks that could either threaten the project process itself, or the project outcome. But identification is only the beginning. It takes awareness and creative thinking to go beyond the analysis stage and figure out what comes next --- to pick the best option for risk control. This article explores the top three alternatives. Read on for more.
Once probable risks are identified, they must then be examined and evaluated to determine the level of impact (consequenc) - i.e. will there be a negative impact, and how serious will it be? If the impact is serious, that raises another question - i.e. is the negative impact sufficiently serious as to warrant further action? If the answer is yes, management steps must be initiated for appropriate risk control. This is where the planning part comes in - to size up the options and make the best selections for responsive action. Read More: Planning for Project Governance
Your first step in the risk control process is to determine the need. At this point, you may have taken steps to acknowledge the potential impact of risks, but awareness may not be enough. While you may choose to accept one or more types of risks, you may not be willing, or able, to withstand others. And, considering the time, effort and potential cost of risk control strategies, any such effort should be expended wisely.
Based on an analysis of probable risks, you may decide that you can withstand additional project expenses, but not schedule delays. As a result, you can focus your mitigation and control efforts onto timing risks, knowing that you could absorb certain increases in expenditures. Or, if your project schedule is aggressive, with limited time for risk analysis and control, you may decide to deal only with the most serious types of risks, taking your chances with others.
After completion of the risk "evaluation" process, you will be prepared to tackle the next step ... the formation of specific strategies for risk management and control. These strategies can include acceptance, avoidance or mitigation.
To acknowledge the risk, but decide that any actions to avoid or mitigate the risk can be too costly or time consuming. Or, it may just be possible that the risk cannot be avoided or mitigated in any meaningful way, and the benefits of the project far outweigh the risks.
To take action that will eliminate the risk in entirety. Depending upon the circumstances, you may need to change project scope, modify project plans, hire additional resources, or adopt different technical solutions. Avoidance can be costly, but it may be the only way to achieve project deliverables.
To take action that will minimize the potential impact of any given risk through the analysis and consideration of alternative solutions. In essence, this is a combination of acceptance and avoidance. You can alter plans and schedules, and take specific actions to minimize the chance that a risk will occur. And, you can also develop alternate plans to be enacted should the risk actually occur .... "i.e. if this happens, I will do that, but until then, I will stick with the original plan". In other words, you can be prepared in either event. While mitigating strategies provide the best of both worlds, that benefit cannot be realized without some expense in terms of time, equipment and staff resources.
Every process needs a starting point, and when options are viewed in a structured manner, decision making is made easier and more readily justifiable. Whether you choose to accept, avoid or mitigate a given risk will vary based on specific needs, issues and circumstances.
“Risk control” is a critical juncture in the risk management process. Every effort to control and mitigate risk has a price - in terms of time, money or resources. Before any action is taken to accept, avoid, or mitigate, these costs must be carefully considered. Risk control strategies must be carefully aligned with project needs, value and overall priority. Furthermore, risk control strategies must consider the impact that the risk could have on the project to ensure that control efforts are well placed.
About Us - ITtoolkit.com has been around since 2001. We started with a few articles about IT projects, and since then have developed our own series of time-saving practices and Toolkits for managing projects and IT services. The article above is part of of our full catalog of "how-to" articles, filled with these techniques (which you won't find elsewhere) to help you get better results in less time. We cover all the basics and then some - including projects, IT services, team building, disaster recovery and more. You can continue with our recommendations above, browse the articles catalog, or download free templates and whitepapers. And, visit our home page to learn all that our Service Strategy and Fast Track Project Toolkits can do for you!
Subscribe to the ITtoolkit newsletter for the latest articles and updates.
See the latest in our collection of IT Management Infographics. Visualize I.T.!
There's no doubt about it - projects are risky propositions. Surrounding conditions are unpredictable - sometimes capabilities meet demands, and sometimes they don't But one thing is for sure -- you are always expected to deliver. That's what strategic fast tracking is for -- to make sure you can deliver even when project conditions are not what you need them to be.