Working to understand the risks a project may endure along with the cost associated is critical in every project management plan. Understanding potential risks based on the project type, resources needed, timeline and budget still leaves gaps that creates uncertainty for actually predicating the outcome of the project. There is not a true way to predict when and where a project risk will occur but designing a plan to properly address and manage those risks will increase confidence while eliminating the element of surprise.
Before developing a risk management plan an analysis of risk needs to be performed. This analysis should include all aspects of the project that may be part of an uncertain event or condition that may have a positive or negative effect on the project objectives and outcome. The overall goal is to work to address any type of risk before they become problematic. Analyzing and relaying the level and probability of the risk to the stakeholders, sponsors and project team can help in reducing mistakes that can be cause for project failures. Some common mistakes that can be overlooked when analyzing risk, is not understanding the benefits of a risk management plan, not allowing time for risk management, not properly identifying and assessing risk.
Developing a risk management plan leans heavily on a bold commitment by all stakeholders. The stakeholders need also to understand the roles and responsibilities related to the determined risks. As with any project these risks will vary depending on the type of projects along with what the project is dealing with. The project manager must understand that all projects should be approached with a clear thought process and not bring previously used mind sets to a new project. Clear and fresh minds will help to discover new risks and bring immediate attention to unusual or unfamiliar elements and concerns.
The PMBOK® guide identifies seven areas that detail what it takes to properly create the framework of a risk management plan. The first step is risk planning, this is having a firm commitment from all persons involved in the project through the length of the project. This solidifies the project will have the resources to properly manage the risks. Many times plans are disregarded an the first sign of trouble, and immediate reactions can cause the situation to develop into a crisis. It is important that resources, processes, and tools be in place to adequately plan the activities for project risk management. Proper planning will help to minimize the adverse effects of the project (Marchewka, 2009).
After the commitment of the risk has been verified, the next step is to identify the actual risks of the project. Risk identification should entail both threats and opportunities. These risks need to be identified so that the project manager can differentiate between a true problem and not just a symptom. To do this, the causes and effects of each risk must be understood so that the effective strategies and responses can be made. The project team needs to understand that many times risks tend to be interrelated and not isolated, causing effects on the stakeholders differently. Risk assessment is the third step and is done after the risks have been identified and causes are understood. Risk assessment provides an understanding of how to deal with the potential risks. Assessing the risks help the project manager and stakeholders prioritize and develop responses to the risks that will have an impact on the project. Most projects do not have a separate budget for working with risks, so there is a need to use the available resources within the constraints of the project. Once the risks are assessed then there is the need to determine how to actually deal with the projects risks. Risk strategy deals with the projects managements team and stakeholders perception of the risk and their willingness to take on the particular risk (Marchewka, 2009). The project risk strategy focuses on accepting or ignoring the risk, avoiding the risk all together, reducing the likelihood or impact of the risk, and/or transfer the risk to someone else. This part of the plan works to tie an owner to a particular risk and ensure that
resources are immediately made available to respond to the risk. Once these details are documented, they then become the basis for the risk response plan.
Risk monitoring and control is the next step and involves the owners of the risks to monitor various risk triggers. This works by scanning the project environment for both identified and unidentified threats and opportunities much like a radar screen (Marchewka, 2009). This approach directly relates to how to respond to the risk. Risk response allows the owner of the risk to commit resources and take actions once the risk is known or opportunity is available. This action usually follows the planned risk strategy.
The last step in a risk management plan is to evaluate the risks. This is a learning step and works to provide experiences gained form working with risks. This evaluation should consider all aspects of the plan and identify best practices. The evaluation should answer the questions pertaining to how the project team did, what could be done better, what lessons were learned, and how can best practices be incorporated into the risk management process. This risk evaluation helps to influence how the organization will plan, prepare and commit to future risk management plans.
Another important plan described in the PMBOK Guide is project procurement management. Developing a procurement management plan is also a need to cover all required resources, products, and service that will be purchased or acquired from external sources. This plan will vary depending on the needs of the project and decisions to select outside sources and support. Most times the project scope and deliverables will justify the needs to look beyond what is available locally for the project. Once the decision has been made to look externally for additional resources, products, and services, the need to properly address concerns and manageability will be acquired and fall under the procurement management plan. The procurement management plan should consist of the following areas: Plan purchase and acquisition-Making the decision to what will be purchased or acquired and determining the logistics of when and how purchases will be made. Plan contracting-Consists of documenting the products and services needed and
identifying potential sellers, vendors, suppliers, contractors, subcontractors, and other service providers. Request seller responses-The need to obtain bids, quotes, proposals, literature, and other information from potential sellers and service providers. Contract administration-Deals with managing the relationship and contract between the buyer and seller. Also to include reviewing and documenting the sellers performance, contract changes, and taking corrective action when necessary. Contract closure-Completing and settling all contract opened during the project after all products, services, and settlements have been resolved. As of recently many project procurements management plans have involved outsourcing of the projects resources, products and services. This is due to a reduction in costs and a larger pool of labor and/or knowledge to pool from.
Marchewka, J. T. (2009). Information Technology Project Management. Providing Measurable Organizational Value (3rd ed.). Hoboken, NJ: John Wiley & Sons.