Pmp Chapter 11 2004
This document was uploaded by user and they confirmed that they have the permission to share it. If you are author or own the copyright of this book, please report to us by using this DMCA report form. Report DMCA
Overview
Download & View Pmp Chapter 11 2004 as PDF for free.
More details
- Words: 6,424
- Pages: 39
1/22/2006
PMP
Preparation Training Your key in Successful Project Management Akram Al-Najjar, PMP Project Management Consultant
Chapter 11
Project Risk Management
Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 2
[email protected] +20105394312
1/22/2006
Lesson Objectives In this lesson , you will analyze project risks you will : Create a risk management plan. Identify project risks and triggers. Perform qualitative risk analysis. Perform quantitative risk analysis Develop a risk response plan Monitor and control project risk Discussion Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 3
[email protected] +20105394312
Project Risk Management Project Risk Management includes the processes concerned with conducting Risk management planning, identification, analysis, responses, and monitoring and control on a project; most of these processes are updated throughout the project. The objectives of Project Risk Management are to increase the probability and impact of positive events, and decrease the probability and impact of events adverse to the project. 11.1 Risk Management Planning 11.2 Risk Identification 11.3 Qualitative Risk Analysis 11.4 Quantitative Risk Analysis 11.5 Risk Response Planning 11.6 Risk Monitoring & Control Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 4
[email protected] +20105394312
Project Risk Management Process Flow Diagram
1/22/2006
Enterprise Environmental Factors
Organizational Process Assets
Commercials database
Polices , procedures, Lesson Learned
Scope Definition Scope Statement 5.2
Project Management Plan
Risk Management Planning 11.1
Approved change request & corrective action
Risk Management Plan
Risk Identification 11.2
Develop Project Management Plan 4.3
And prevention action
Approved change Request
Risk register
Develop Project Management Plan 4.3
Project cost and schedule Management plan
Performing reporting
Performance reporting 10.3
Work performance Direct and Manage information
Project Execution 4.4
Qualitative Risk Analysis 11.3 Risk register update
Quantitative Risk Analysis 11.4 Risk register update
Risk Response Planning 11.5
Project Management Plan update
Recommended corrective action
Risk register update
Recommended prevention action
Close Project 4.7
Risk register & Organizational Process Assets
Risk Monitoring & Control 11.6
Requested change Risk register update Project Management Plan update
Integrated Change Control 4.6
Risk Management Planning Risk management planning is the process of deciding how to approach and plan the risk management activities for a project , •First , we identify project charter , current policies , roles , risk tolerance , the project management plan , and any templates for risk management. •Thenwe perform an analysis on inputs. •Finally , we output the risk management plan.
Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 6
[email protected] +20105394312
1/22/2006
Risk Management Planning Tools & Techniques 1. Planning Meetings & analysis
Inputs 1. 2. 3. 4.
Enterprise environmental factors Organizations process assets Project scope statement Project management plan
Outputs 1. Risk Management Plan
Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 7
[email protected] +20105394312
Risk Management Planning input 1. Enterprise environmental factors : Factors that influence the project management plan include: attitudes toward risk and the risk tolerance of organizations and people involved in the project .These attitudes and tolerances may be expressed in policy statements or revealed in Personal actions.
Organizational Process Assets : Organizations may have predefined approaches to risk management such as risk categories, common definition of concepts and terms, standard templates, roles and responsibilities, and authority levels for decision-making. 3. Project Scope Statement (Boundaries , requirements , constrain , assumption , project needs ) 4. Project Management Plan: Other elements of the plan impacting the acquisitions planning process may include …. Risk Register , Risk related contracts , Activity resource requirements The project schedule , Activity cost estimates , and the cost baseline Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 8
[email protected] +20105394312
1/22/2006
Risk Management Planning Tools and Technique 1. Planning meeting and analysis : Planning meeting are the only tools for risk management planning. Project teams conduct planning meeting to develop the risk management. Generally , the project manager , project team leaders , and any one in the organization with responsibility to manage risk planning and execute activities will attend risk management planning meetings. Basic plans for conducting the risk management activities are defined in these meetings. Risk cost elements and schedule activities will be developed for inclusion in the project budget and schedule, respectively. Risk responsibilities will be assigned. General organizational templates for risk categories and definitions of terms such as levels of risk, probability by type of risk, impact by type of objectives, and the probability and impact matrix will be tailored to the specific project. The outputs of these activities will be summarized in the risk management Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 9
[email protected] +20105394312
Risk Management Planning Output 1. Risk Management plan : Describes how risk identification, qualitative and quantitative analysis, response planning, monitoring, and control will be structured and performed during the project life cycle, and it may include the followings: n
Methodology : define the tools, approaches and sources that may be used to perform risk management on the project
n
Roles and responsibilities : define the lead , support and risk management team membership for each type of action in the risk management plan.
n n
Budgeting: Established budget for Risk Management Timing : Define how often the risk management activities will be performed throughout the project life cycle.
Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 10
[email protected] +20105394312
1/22/2006
Risk Management Planning Output n
Risk categories Risks that may affect the project for better or worse can be identified and organized into categories Macro
Project
Managerial
Environment
Target
Team
Market
Design
Control
Political
Procurement
Funding
Financial
Technical
Contractual
Social
Job Site
Act of God Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 11
[email protected] +20105394312
Risk Management Planning Output n
Risk probability and impact : Risks and their probabilities are defined for use in Qualitative risk analysis using a scale of “ very unlikely “ to “ almost certain” Alternatively, assigned numerical probabilities on a general scale (e.g., 0.1, 0.3, 0.5, 0.7, 0.9) can be used.
n
Probability and impact matrix : Risks are prioritized according to their potential implications for meeting the project’s objectives. The typical approach to prioritizing risks is to use a look-up table or a Probability and Impact Matrix
Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 12
[email protected] +20105394312
1/22/2006
Risk Management Planning Output
Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 13
[email protected] +20105394312
Risk Management Planning Output
Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 14
[email protected] +20105394312
1/22/2006
Risk A risk is an uncertain event that either a positive or negative effect on the project. Its primary components are a measure of probability that a risk occur and the impact of the risk on a project. Some common ways to classify risk are business risk versus insurable risk , effect-based classification , source base classification , and level of uncertainty. Risk may also be classified by much is known about them, such as known , known – unknown , and unknown - unknown Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 15
[email protected] +20105394312
Example Due to its relative unpredictability , the weather is a risk com mon to business. For example , an organization planning an outdoor festival will likely choose a location and day with highest probability for agreeable weather. In this scenario , the threat of rain is a risk that could seriously impact attendance and profits. Because the weather is known to be possible risk , but its impact is yet unknown , this risk would be classified as Known - Unknown
Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 16
[email protected] +20105394312
1/22/2006
Risk vs. insurable Risk When a company opens it doors, it assumes that it will make money as well as spend money. This type of risk is called business risk, when undertaking a new project, an organization takes a business risk based on the assumption that the project has a potential for both profit and loss. Insurable risk: focuses on the potential for loss. Companies often purchase insurance to offset these risks. Direct property risk : Risk of property damage due to weather, fire and so on Indirect property risk: Risk of additional expenditures needed to recover from property loss. Liability risk : Risk of needing to make good after causing damage to another Personnel-related risk : Liability risk for damage to employees. Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 17
[email protected] +20105394312
Risks Classifications Effect Based risk classification: addresses risk in term of what it might affect. On a project, the major issues that can be effected are time ,cost ,quality and scope. All these risks are interrelated such that changes to one will affect of the others. You need to be sensitive to these relationship and how changing one can cause problems in another. Source Based risk classification: addresses risk in terms of where it originates Source may be internal or external to project, as well as technical , nontechnical , industry-specific , or generic.
Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 18
[email protected] +20105394312
1/22/2006
Risks Classifications Levels of uncertainty : address risks classified based on how much is known about them Known : Items that you are aware of and that will affect you, but you have no control over. Known-unknown : Items that will affect you, although you are not able to predict how or how much they will affect you. Unknown-unknown : Items beyond your ability to foresee.
Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 19
[email protected] +20105394312
Risks Tolerance Risk tolerance address the level of risk a project manager or key stakeholder is willing to take when money at stake is compared to the potential payoff. It’s measured in terms of the amount of satisfaction or pleasure the individual receives from payoff. Risk tolerance can be classified as risk-averter , risk-seeker , and risk-neutral Risk averter : Not likely to take a risk that is considered a high risk Risk seeker : Prefers an uncertain outcome and may be willing to pay a penalty to take a high risk. Risk neutral : Tolerance to risk is proportional to the amount of money at stake Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 20
[email protected] +20105394312
1/22/2006
Decision – Making and Categories Decision making encompasses three elements : Certainty : Completely sure of the states of nature to be faced and their respective payoffs. Risk : known states of nature and their respective payoff, but probability must be assigned to the occurrence of each state of nature Uncertainty : Each state of nature must be estimated and payoffs may be unknown.
Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 21
[email protected] +20105394312
Risk Mode Payoff matrix Example This Risk mode payoff matrix was used by a ski resort weigh the probabilities of different weather patterns against the cost of two different snow making machines. Strategy Lots of Snow Strategy 1: Snow-maker $90,00 Lite Strategy 2: Snow-maker $75,000 Deluxe
Little Snow $55,00
Dry and Cold $35,00
$70,00
$70,00
Strategy
Calculation
Snow-maker Lite Snow –maker Deluxe
(90)(.70)+(55)(.60)+(35)(.10)=99.5 (70)(.70) +(70)(.60)+(70)(.10)=101.5 Akram Al-Najjar, PMP.
Source: pmbok guide 2004
Slide 22
[email protected] +20105394312
1/22/2006
How to Create a Risk Management Plan Guidelines • Determine how you will organize your project management team -Consider assigning a risk officer to coordinate all risk management activities -Define the roles and responsibilities for each person on the risk management team -The sponsor may be able to assist in some risk management activities , such as developing response strategies for all risk classified as high risks. • Conduct risk planning meeting to develop the risk management plan •Establish a budget for risk management •Consult your organization’s risk management policy and make sure your risk planning complies with the policy •If your organization has a risk management plan template , use it and make modification to meet the specific needs of your project. Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 23
[email protected] +20105394312
How to Create a Risk Management Plan Guidelines : •Describe the approaches , tools , and data sources that may be used to perform risk management activities for the project. -How will the risk be identified? Will you conduct brainstorming sessions? Will you use the Delphi technique? Will you use subject matter expert? -How will the identification risks be scored and analyzed so that effective response strategies can be developed ? Is there organization policy mandating a specific scoring and prioritization method? -Determine and describe the schedule for performing risk management activities. -Determine and describe how your team will document risk response efforts. - What tools will your team use to store risk information and track responses? - How will the risk response efforts be communicated to the project stakeholders? -Determine and describe how the lessons learned from your risk management activities will be documented for the benefit of future projects. -If an organization, sponsor , or customer has specific guidelines or requirements regarding risk thresholds , this information should be included in your risk management plan.
1/22/2006
Risk Identification •Risk Identification is the process of identifying and documenting the characteristics of project risks. •First , you review the Risk management plan , project planning output , risk categories, and any historical information. •You then perform analysis using such tools as documentation reviews , checklist , information gathering , assumption analysis, and diagramming techniques. •Finally , you output the risk register. Initial risk identification may be done at the macro level Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 25
[email protected] +20105394312
Risk Identification Tools & Techniques 1. 2. 3. 4. 5.
Documentation reviews Information-gathering techniques Checklists analysis Assumptions analysis Diagramming technique
Inputs 1. Enterprise Environmental Factors 2. Organizational Process Assets 3. Project Scope Statement 4. Risk Management Plan 5. Project Management Plan Source: pmbok guide 2004
Outputs 1. Risk Register
Akram Al-Najjar, PMP. Slide 26
[email protected] +20105394312
1/22/2006
Project Risk Management Input n
Environmental factors: external sources of risk information may include commercial database , studies , or benchmarking.
n
Organizational process assets :historical information ..etc
n
Project scope statement : assumption may be source of risk.
n
Risk management plan : describes the team’s approach to identifying risk.
n
Project management plan : understanding the project’s mission , scope , objectives and all other planning output.
Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 27
[email protected] +20105394312
Project Risk Management Tools and Technique n
Documentation review: Structured review of project plans and related documents at both the total project and detailed scope level.
n
Information gathering technique :methods used to collect data that will assist the project team in identifying risks :
-Brainstorming , Delphi technique , interviewing and SWOT analysis n
Checklists : developed bases on historical information and provide a quick , simple , and standardizes way to identify risk.
n
Assumption analysis : technique used to explore the validity of project assumptions.
n
Diagramming technique : Cause and effect diagram , System or process flow charts, Influences diagram Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 28
[email protected] +20105394312
1/22/2006
Risk Categories n
Divisions into which project risks can be grouped to reflect common sources of risk for a specific project, industry, or application area.
n
Risk Categories n
Technical, quality, or performance risks
n
Project management risks (time , resources , and cost estimate )
n
Organizational risks (funding , conflicts and management support )
n
External risks ( Union , security issues …etc) Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 29
[email protected] +20105394312
Project Risk Management Output n
Risk register n
List of identified risk
n
List of potential responses
n
Root causes of risk
n
Update risk categories
Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 30
[email protected] +20105394312
1/22/2006
How to Identify Project Risks and Triggers n
n
n
Review outputs from other planning processes (Charter , WBS , Estimates assumptions…..etc) Use one or more risk identification techniques to identify risks and their possible triggers. Apply the method to identify project risks and triggers consistently.
n
Consult relevant historical information.
n
Group identified risks into categories.
n
Determine triggers for each identified risk.
Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 31
[email protected] +20105394312
Qualitative Risk Analysis n
n
n
n
It is the process of assessing the probability and impact of the identified risks and prioritizing them according to their effect on project objectives. Initially , you gather the risk management plan, risk register, and any relevant project documentation . Then , you analyze each risk using such tools as risk probability and impact , probability / impact risk rating matrix , project assumption testing , data precision ranking , and urgency. Finally , you enter any alterations into the risk register. Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 32
[email protected] +20105394312
1/22/2006
Qualitative Risk Analysis Tools & Techniques 1.
Risk probability & impact assessment
2.
Probability & impact matrix
3.
Risk data quality assessment
4.
Risk categorization
5.
Risk urgency assessment
Inputs 1.
Outputs
Organizations process assets
2.
Project scope statement
3.
Risk Management Plan
4.
Risk register
1.
Risk Register update
Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 33
[email protected] +20105394312
Qualitative Risk Analysis Input n
Organizational process assets :historical information ..etc
n
Project scope statement
n
Risk management plan : Roles and assignments in risk management , risk categories and so on.
n
Risk register : Contains the list of identified risk.
Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 34
[email protected] +20105394312
1/22/2006
Qualitative Risk Analysis Tools and Technique n
Risk Probability and Impact Often described in qualitative terms such as very low, low, moderate, high, and very high.
Probability n
The likelihood that a risk event will occur or prove true.
Impact n
The likely effect on project objectives if the risk event occurs— often expressed in terms of the amount of money at stake.
Akram Al-Najjar, PMP. Slide 35
Source: pmbok guide 2004
[email protected] +20105394312
Probability Scale
No Probability
0
Certainty
.1
.3
.5
.7
.9
1.0
Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 36
[email protected] +20105394312
1/22/2006
Impact Scales Impact Rating
Impact Level
Definition
1.5
Very low
Minor and not noticeable outside the project.
3.5
Low
Minor but noticeable to the customer or sponsor.
5.5
Moderate
Significant and would create customer or sponsor dissatisfaction with the project.
7.5
High
Significant and would create major customer or sponsor dissatisfaction. The project would be in jeopardy.
9.5
Very High
Catastrophic. The project would be cancelled.
If this risk occurs, the impact on the project’s objectives in:
Akram Al-Najjar, PMP. Slide 37
[email protected] +20105394312
0.1 Very Low
0.5 Medium
0.9 Very High
Qualitative Risk Analysis Tools and Technique
Probability
Probability/Impact Risk Rating Matrix
Source: pmbok guide 2004
1.35
4.95
7.65
.75
2.75
4.25
0.15
.55
.85
Very Low 1.5
Medium 5.5 Impact
Very High 8.5
1/22/2006
Qualitative Risk Analysis Tools and Technique n n
n
Risk data quality assessment : The evaluation of the usefulness of the data about risks being analyzed. Examining data obtained about a risk for: n
n n n
The extent to which the source of the information understands the risk. The amount of data available about the risk. The quality of the available information. The legitimacy and dependability of the available data.
Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 39
[email protected] +20105394312
Qualitative Risk Analysis Tools and Technique n n
Risk Urgency assessment : Risk that will require action in the near term may be considered more urgent than those occurring later.
Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 40
[email protected] +20105394312
1/22/2006
Project Risk Ranking It is the overall risk ranking for producing the final deliverables of the product or service of the project it is calculated by summing the risk factor scores for the project’s individual risk and then dividing them by the number of individual risks . It allows for comparisons among other projects , assisting in project initiation , budget and resource allocation , and other decisions.
n
Example:
n
The risk management team for a project identified and analyzed 30 risks for the project. The total of the risk factor scores for those 30 risk was 75. The project manager divided the number by the number of ris k to determine that the overall risk ranking for the project was 2.5 (75/30=2.5.) Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 41
[email protected] +20105394312
Qualitative Risk Analysis Output n
Risk register (updates) n
Relative ranking or priority list of project risks.
n
Risks grouped by categories.
n
List of risks requiring response in the near-term.
n
List of risks for additional analysis and response.
n
Watch lists of low priority risks.
n
Trends in qualitative risk analysis results.
Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 42
[email protected] +20105394312
1/22/2006
How to Perform Qualitative Risk Analysis Examine the list of identified risks to ensure all risks are documented. (Are all risks identified and documented?)
n
Analyze the data available for each risk to assign a data precision ranking score.
n
Determine the organization's risk threshold for this project.
n
Analyze the assumptions identified during risk identification as potential risks.
n
Analyze the probability and impact of each identified risk using well-defined probability and impact scales.
n
Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 43
[email protected] +20105394312
Quantitative Risk Analysis n
n
n
n
It is the process of numerically assessing the probability and impact of each risk and determining the extent of the overall project risk. Initially , you gather previous document indicating risk planning, project scope , as well as the risk register. Then , you analyze each risk using such tools as interviewing , probability distributions , sensitivity analysis expert judgement expected monetary value analysis , decision tree analysis and simulation. Finally , you enter any alterations into the risk register.
Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 44
[email protected] +20105394312
1/22/2006
Quantitative Risk Analysis Tools & Techniques 1. 2.
Data gathering and representation techniques Quantitative risk analysis and modeling techniques
Inputs 1.
2. 3. 4. 5.
Organizations process assets Project scope statement Risk Management Plan Risk register Project management plan -Project schedule management plan -Project cost management plan
Outputs 1. Risk Register update Akram Al-Najjar, PMP.
Source: pmbok guide 2004
Slide 45
[email protected] +20105394312
Quantitative Risk Analysis Tools and Technique n
Data gathering and representation techniques
n
Interviewing
n
Probability distributions
n
Expert judgment
Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 46
[email protected] +20105394312
1/22/2006
Probability Distribution
Distribution Type Description Uniform
All values are likely to occur (straight line display)
Normal
Most values in a sampling are close to the mean (bell-shaped density curves with a single peak display)
Triangular
Most optimistic, most likely, and most pessimistic values are analyzed (triangle-shaped display)
Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 47
[email protected] +20105394312
Probability
Uniform Distribution
Impact Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 48
[email protected] +20105394312
1/22/2006
Probability
Normal Distribution
Impact Akram Al-Najjar, PMP. Slide 49
Source: pmbok guide 2004
[email protected] +20105394312
Probability
Triangular Distribution
Impact Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 50
[email protected] +20105394312
1/22/2006
Quantitative Analysis Methods n
Sensitivity Analysis
n
Expected Mona try Value
n
Decision Tree Analysis
n
Modeling and Simulation
Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 51
[email protected] +20105394312
Sensitivity Analysis n
It is a method of assessing the relative impact of changing a variable in a project to gain insight of the possible outcome of one or more potential courses of action, Sensitivity analysis places a value on the effect of changing a SINGLE VARIABLE within a project by analyzing the effect on the project plan.
1.
Begin with your original time or cost estimate.
2.
Break out the components of the estimate into manageable chunks.
3.
Determine the variable to investigate and identify its likely range of variation.
4.
Calculate and assess the impact of changing the range of results on the overall project estimate for each value in the range. Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 52
[email protected] +20105394312
1/22/2006
Quantitative Risk Analysis, Tools & Tech. n
Expected Monetary Value (EMV) is a method of calculating the average out come when the future is uncertain. Status
Payoff
Good Market – Good Quality
80,000
Probability % 15
Good Market – Poor Quality
50,000
45
Poor Market – Good Quality
20,000
25
Poor Market – Poor Quality
-20,000
15
Expected Payoff for good market = 80,000*0.15 + 50,000*0.45 = LE 34,500 Expected Payoff for good quality = 80,000*0.15 + 20,000*0.25 = LE 17,000 EMV = 80,000*0.15 + 50,000*0.45 +20,000*0.25 + (-20,000)*0.15 = LE 36,500 Akram Al-Najjar, PMP. Slide 53
Source: pmbok guide 2004
[email protected] +20105394312
Decision Tree 00 $70,0 00 = $100,0 0.7 x
0 ,00 100 A$
0.3 x -$10,000
= - $3,000
0,000 000 = $3 0.5 x $60,
B $125,000
C$ 135 ,00 0
0.5 x $10,00 0 = -$5 ,000 0.2 x $20,000 = $4,000
0.8 x -$10 ,000 =
- $8,0 00
$100,000 + $70,000 - $3,000 = $167,000 $125,000 + $30,000 - $5,000 = $150, 000 $135,000 + $4,000 - $8,000 = $131,000 (Least Cost)
1/22/2006
Quantitative Risk Analysis, Tools & Tech. n
Modeling & Simulation n
Establish a model
n
Use
the
model
to
study
the
uncertainties
specified at a detailed level using impact on project objectives n
Monte Carlo technique
n
Cost Risk Analysis use WBS as Model
n
Schedule Risk Analysis use PDM, AON as Model
Akram Al-Najjar, PMP. Slide 55
Source: pmbok guide 2004
[email protected] +20105394312
Quantitative Risk Analysis, Tools & Tech. Cost Risk Simulation
Total project Cost Cumulative Chart
1.000
5.000
Frequency
Probability
Mean 46.67 .750
.500
.250 12% .000 30.00
$ 41 38.75
$ 50 47.50
56.25
Cost $
65.00
Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 56
[email protected] +20105394312
1/22/2006
Quantitative Risk Analysis, Outputs n
Risk register (updates) n n
n n
Probabilistic analysis of the project. Probability of achieving cost and time objectives. Prioritized list of quantified risks. Trends in quantitative risk analysis results.
Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 57
[email protected] +20105394312
How to Perform Quantitative Risk Analysis n n
n
n
n
Consult historical information regarding risk. Use the appropriate interviewing technique to query project stakeholders and subject matter experts to obtain probability distributions. Depict the distributions obtained for use in risk response planning. Perform a sensitivity analysis to determine which risks have the most potential impact on the project. Use decision tree analysis to examine the implications of choosing one of two or more alternatives. Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 58
[email protected] +20105394312
1/22/2006
How to Perform Quantitative Risk Analysis n
n
Conduct a project simulation using a model to translate uncertainties into their potential impact on project objectives at the total project level Prioritize the quantified risks according to the threat they pose or the opportunity they present to project objectives
Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 59
[email protected] +20105394312
Risk Response planning n
n
n
n
Risk response planning is the process of examining
each risk and corresponding response alternatives , determining which response will improve the likelihood of a positive outcome. First , you review the risk management plan and risk register , which were updated with previous risk management planning outputs. Then , you employ an appropriate technique for each risk , either avoidance , transference , mitigation , acceptance or exploitation . Finally , you enter any alternation into the risk register , risk response plan or the necessary project documentation. Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 60
[email protected] +20105394312
1/22/2006
Risk Response planning Tools & Techniques 1. 2. 3. 4. 5. 6. 7.
Strategies for negative risk or threats Strategies for positive risk or opportunities Strategies for both threats and opportunities Contingent response strategy
Outputs
Inputs 1. Risk management plan 1. Risk register Source: pmbok guide 2004
1. Risk management plan 2. Risk register (update) 3. Risk-related Contractual Akram Al-Najjar, PMP. Slide 61 agreements [email protected] +20105394312
Risk Response planning Tools and Technique
1. 2.
Strategies for negative risk or threats Risk Avoidance : it is involves changing the project plan to prevent a potentially detrimental risk condition or event from happening. One way to eliminate a risk is to reduce or change the scope of the project in an attempt to avoid high risk activities. The scope change could involve the requirements or specifications , or it can mean changing the approach to meeting the requirements or specifications.
Example : The product description for an elementary social sciences
education multimedia program references stock video clips of children riding bikes and roller skating without helmets or knee pads. During risk identification , the project team reviewed the product description and identified a potential risk of school administration not buying the program because it appears to advocate unsafe activities. Viewing this as a high risk , the team avoided this risk by changing the project scope so that it did not include the videos. Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 62
[email protected] +20105394312
1/22/2006
Strategies for negative risk or threats 2.
Risk transference : is involves shifting the impact of a risk event and ownership of the risk response to a third party. This strategy typically is used in connection with financial risk exposure and most often involves payment of a risk premium to the party assuming the risk.
Example: Risk sharing is a form of risk transference in which only a portion of the risk is transferred to another party. For instance , organization often transfer responsibility for the risk of an employee getting injured on the job by paying a premium for worker’s compensation insurance. The insurance company assumes liability of the risk and is responsible for covering the injured worker’s medical bills and / or partial wages depending on the circumstances. Because the initial organization has transferred part of the financial liability to the insurance company and they now share the risk. This would be an example of both risk sharing and risk transference. Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 63
[email protected] +20105394312
Strategies for negative risk or threats 3.
Risk mitigation: Is attempts to reduce the probability or impact of a potential risk event to an acceptable level. Mitigation may involve implementing a new courses of action in an effort to reduce the problem or changing the current conditions so that the probability of the risk occurring is reduced. Sometimes , when reducing the probability is not possible, the focus must be on reducing the consequences of the risk event.
Example: An example of risk mitigation is the develop of design model , or prototype, the earlier this can be done in a project, the lower the risk , Mock-ups , which are similar to prototypes, can test user interaction with system or products. The project team can make changes to the design based on early test result, thereby reducing the probability of a problem once the product is released to market.
Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 64
[email protected] +20105394312
1/22/2006
Strategies for Positive risk or Opportunities Risk exploitation : This strategy is often used when a project team wants to make sure that a positive risk is fully realized. This is often done by hiring the best experts in a field or ensuring the most technologically advanced resources are available to the project team. Risk sharing : This strategy entails partnering up with another party in an effort to give your team the best chance of seizing the opportunity, joint ventures are common example of risk sharing. Risk enhancement : This strategy attempts to increase the probability that an opportunity will occur. This is done by focusing on trigger condition of the opportunity and trying to optimize their chances for occurrence.
Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 65
[email protected] +20105394312
Strategies for both threats and opportunities Risk Acceptance : Is any decision not to change the project plan to deal with a risk. It may be chosen for a risk that has an extremely low possibility of occurrence or for which no suitable risk response strategy is identified. Risk acceptance is performed either passively by doing nothing or actively by creating a contingency plan to deal with the risk. Example: You own a business on a hill in an area that floods relatively often. Because of your location, you decide not to buy flood insurance. Instead , you set aside money that is earmarked for the repair of water damage in case of flooding. In this case, you are employing a risk acceptance strategy by establishing a contingency reserve for an emergency . Although you aren’t ignoring the risk , you will spend money only if the risk event actually occurs. Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 66
[email protected] +20105394312
1/22/2006
Strategies for both threats and opportunities Contingency plan : Is a strategy developed in advanced for dealing with the occurrence of identified risk. It’s performed to construct a strategy before things go wrong. With a good contingency plan in place, you can react quick and appropriately to the risk event , reducing its overall impact. A contingency plan may include a fallback plan for risks with high impact. The fallback plan is implemented if the initial contingency plan is ineffective in responding to the risk event. Contingency reserve : Usually , when risk acceptance is the selected response strategy , a contingency reserve is established to deal with unknown risks and accepted known risks. The contingency reserve may be in the form of additional time , money or resources . It covers risk events that are not accounted for in the project’s baseline duration and cost estimates. The amount of the reserve is determined by the potential impact of the risk, but should include enough to implement any contingency plans as well as a buffer for dealing with unidentified risks. Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 67
[email protected] +20105394312
Risk Response planning Output n n n n n n n n n
n
Risk register (updates) Identified Risk Risk owner Results from qualitative and quantitative risk analysis processes Agreed response Specific action to implement the chosen response strategy Residual and secondary risk (next slides) Budget and time of responses Contingency plan and triggers
Risk related contractual agreements: Insurance , partnerships,
and risk sharing parties will generate language that specifies each party’s responsibility for different risk
Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 68
[email protected] +20105394312
1/22/2006
Risk Response planning Output n n
n n
Residual Risk The risks that remain after avoidance, transfer or mitigation responses have been taken. Its also include minor risks that have been accepted.
Secondary Risk The risks that arise as a implementing a risk response.
direct
result
of
Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 69
[email protected] +20105394312
How to Develop a Risk Response Plan n
n n
n
n
n
Examine each identified risk to determine its causes and how it might affect project objectives. Brainstorm possible response strategies for each risk. Choose the response strategy that is most likely to be effective for each identified risk. Develop specific actions for implementing the chosen strategy. Identify backup strategies for risks with high risk factor scores. Determine the amount of contingency reserves necessary to deal with accepted risks. Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 70
[email protected] +20105394312
1/22/2006
How to Develop a Risk Response Plan (cont.) n
n
n
n
Determine how much of a contingency reserve you should set aside for unknown risks. Consult the risk management plan for the description of the content and format of the risk response plan. Incorporate the risk response plan into the overall project plan. Examine trends in analysis results which may guide response strategies.
Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 71
[email protected] +20105394312
Risk Monitoring and Control n
Is the process of responding to identified and unforeseen risk. It involves tracking identified risk , identifying new risks , implementing risk response plans, and monitoring their effectiveness.
Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 72
[email protected] +20105394312
1/22/2006
Risk Monitoring and Control Tools & Techniques 1. 2. 3. 4. 5. 6.
Risk reassessment Risk audits Variance and trend analysis Technical performance measurement Reserve analysis Status meeting
Outputs 1. 2. 3. 4.
Inputs 1. 2. 3. 4. 5.
Risk management plan Risk register Approved change requests Work performance information Performance Reports
5. 6.
Risk register updates Requested changes Recommended corrective actions Recommended preventative actions Organizational process assets (updates) Project management plan (updates) Akram Al-Najjar, PMP.
Source: pmbok guide 2004
Slide 73
[email protected] +20105394312
Project Risk Response Audit n
n
An examination of the effectiveness of risk response plans and the performance of the risk owner. May be conducted by a third party, the project’s risk officer, or other qualified personnel.
Project Risk Response Audit Process n
n
n
Gather relevant project data regarding work results including risk database. Review the risk response plans and implementation of the plans. Prepare a report of the findings and distribute to the project team and key stakeholders. Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 74
[email protected] +20105394312
1/22/2006
How to Monitor and Control Project Risk n n
n
n
Consult the risk response plan to identify risks and triggers. Monitor the environment for any new risks that may arise due to changes in project scope, cost, schedule, or quality. Monitor the effectiveness of the risk response, contingency, and fallback plans. Deal with unforeseen risks by systematically planning a reasoned response.
n
Update project documentation as changes are indicated.
n
Manage the contingency reserve.
Workaround Plans n
Unplanned responses to emerging risks that were previously unidentified or accepted. Akram Al-Najjar, PMP.
Slide 75
Project Risk Management Process Flow Diagram
Source: pmbok guide 2004
Enterprise Environmental Factors
Organizational Process Assets
Commercials database
Polices , procedures, Lesson Learned
Scope Definition Scope Statement 5.2
[email protected] +20105394312
Project Management Plan
Risk Management Planning 11.1
Approved change request & corrective action
Risk Management Plan
Risk Identification 11.2
Develop Project Management Plan 4.3
And prevention action
Approved change Request
Risk register
Develop Project Management Plan 4.3
Performance reporting 10.3
Project cost and schedule Management plan
Performing reporting
Work performance Direct and Manage information
Project Execution 4.4
Qualitative Risk Analysis 11.3 Risk register update
Quantitative Risk Analysis 11.4 Risk register update
Risk Response Planning 11.5 Risk register update
Project Management Plan update
Recommended corrective action Recommended prevention action
Close Project 4.7
Risk register & Organizational Process Assets
Risk Monitoring & Control 11.6
Requested change Risk register update Project Management Plan update
Integrated Change Control 4.6
1/22/2006
Discussion Any question?
Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 77
[email protected] +20105394312
PMP
Preparation Training Your key in Successful Project Management Akram Al-Najjar, PMP Project Management Consultant
Chapter 11
Project Risk Management
Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 2
[email protected] +20105394312
1/22/2006
Lesson Objectives In this lesson , you will analyze project risks you will : Create a risk management plan. Identify project risks and triggers. Perform qualitative risk analysis. Perform quantitative risk analysis Develop a risk response plan Monitor and control project risk Discussion Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 3
[email protected] +20105394312
Project Risk Management Project Risk Management includes the processes concerned with conducting Risk management planning, identification, analysis, responses, and monitoring and control on a project; most of these processes are updated throughout the project. The objectives of Project Risk Management are to increase the probability and impact of positive events, and decrease the probability and impact of events adverse to the project. 11.1 Risk Management Planning 11.2 Risk Identification 11.3 Qualitative Risk Analysis 11.4 Quantitative Risk Analysis 11.5 Risk Response Planning 11.6 Risk Monitoring & Control Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 4
[email protected] +20105394312
Project Risk Management Process Flow Diagram
1/22/2006
Enterprise Environmental Factors
Organizational Process Assets
Commercials database
Polices , procedures, Lesson Learned
Scope Definition Scope Statement 5.2
Project Management Plan
Risk Management Planning 11.1
Approved change request & corrective action
Risk Management Plan
Risk Identification 11.2
Develop Project Management Plan 4.3
And prevention action
Approved change Request
Risk register
Develop Project Management Plan 4.3
Project cost and schedule Management plan
Performing reporting
Performance reporting 10.3
Work performance Direct and Manage information
Project Execution 4.4
Qualitative Risk Analysis 11.3 Risk register update
Quantitative Risk Analysis 11.4 Risk register update
Risk Response Planning 11.5
Project Management Plan update
Recommended corrective action
Risk register update
Recommended prevention action
Close Project 4.7
Risk register & Organizational Process Assets
Risk Monitoring & Control 11.6
Requested change Risk register update Project Management Plan update
Integrated Change Control 4.6
Risk Management Planning Risk management planning is the process of deciding how to approach and plan the risk management activities for a project , •First , we identify project charter , current policies , roles , risk tolerance , the project management plan , and any templates for risk management. •Thenwe perform an analysis on inputs. •Finally , we output the risk management plan.
Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 6
[email protected] +20105394312
1/22/2006
Risk Management Planning Tools & Techniques 1. Planning Meetings & analysis
Inputs 1. 2. 3. 4.
Enterprise environmental factors Organizations process assets Project scope statement Project management plan
Outputs 1. Risk Management Plan
Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 7
[email protected] +20105394312
Risk Management Planning input 1. Enterprise environmental factors : Factors that influence the project management plan include: attitudes toward risk and the risk tolerance of organizations and people involved in the project .These attitudes and tolerances may be expressed in policy statements or revealed in Personal actions.
Organizational Process Assets : Organizations may have predefined approaches to risk management such as risk categories, common definition of concepts and terms, standard templates, roles and responsibilities, and authority levels for decision-making. 3. Project Scope Statement (Boundaries , requirements , constrain , assumption , project needs ) 4. Project Management Plan: Other elements of the plan impacting the acquisitions planning process may include …. Risk Register , Risk related contracts , Activity resource requirements The project schedule , Activity cost estimates , and the cost baseline Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 8
[email protected] +20105394312
1/22/2006
Risk Management Planning Tools and Technique 1. Planning meeting and analysis : Planning meeting are the only tools for risk management planning. Project teams conduct planning meeting to develop the risk management. Generally , the project manager , project team leaders , and any one in the organization with responsibility to manage risk planning and execute activities will attend risk management planning meetings. Basic plans for conducting the risk management activities are defined in these meetings. Risk cost elements and schedule activities will be developed for inclusion in the project budget and schedule, respectively. Risk responsibilities will be assigned. General organizational templates for risk categories and definitions of terms such as levels of risk, probability by type of risk, impact by type of objectives, and the probability and impact matrix will be tailored to the specific project. The outputs of these activities will be summarized in the risk management Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 9
[email protected] +20105394312
Risk Management Planning Output 1. Risk Management plan : Describes how risk identification, qualitative and quantitative analysis, response planning, monitoring, and control will be structured and performed during the project life cycle, and it may include the followings: n
Methodology : define the tools, approaches and sources that may be used to perform risk management on the project
n
Roles and responsibilities : define the lead , support and risk management team membership for each type of action in the risk management plan.
n n
Budgeting: Established budget for Risk Management Timing : Define how often the risk management activities will be performed throughout the project life cycle.
Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 10
[email protected] +20105394312
1/22/2006
Risk Management Planning Output n
Risk categories Risks that may affect the project for better or worse can be identified and organized into categories Macro
Project
Managerial
Environment
Target
Team
Market
Design
Control
Political
Procurement
Funding
Financial
Technical
Contractual
Social
Job Site
Act of God Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 11
[email protected] +20105394312
Risk Management Planning Output n
Risk probability and impact : Risks and their probabilities are defined for use in Qualitative risk analysis using a scale of “ very unlikely “ to “ almost certain” Alternatively, assigned numerical probabilities on a general scale (e.g., 0.1, 0.3, 0.5, 0.7, 0.9) can be used.
n
Probability and impact matrix : Risks are prioritized according to their potential implications for meeting the project’s objectives. The typical approach to prioritizing risks is to use a look-up table or a Probability and Impact Matrix
Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 12
[email protected] +20105394312
1/22/2006
Risk Management Planning Output
Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 13
[email protected] +20105394312
Risk Management Planning Output
Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 14
[email protected] +20105394312
1/22/2006
Risk A risk is an uncertain event that either a positive or negative effect on the project. Its primary components are a measure of probability that a risk occur and the impact of the risk on a project. Some common ways to classify risk are business risk versus insurable risk , effect-based classification , source base classification , and level of uncertainty. Risk may also be classified by much is known about them, such as known , known – unknown , and unknown - unknown Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 15
[email protected] +20105394312
Example Due to its relative unpredictability , the weather is a risk com mon to business. For example , an organization planning an outdoor festival will likely choose a location and day with highest probability for agreeable weather. In this scenario , the threat of rain is a risk that could seriously impact attendance and profits. Because the weather is known to be possible risk , but its impact is yet unknown , this risk would be classified as Known - Unknown
Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 16
[email protected] +20105394312
1/22/2006
Risk vs. insurable Risk When a company opens it doors, it assumes that it will make money as well as spend money. This type of risk is called business risk, when undertaking a new project, an organization takes a business risk based on the assumption that the project has a potential for both profit and loss. Insurable risk: focuses on the potential for loss. Companies often purchase insurance to offset these risks. Direct property risk : Risk of property damage due to weather, fire and so on Indirect property risk: Risk of additional expenditures needed to recover from property loss. Liability risk : Risk of needing to make good after causing damage to another Personnel-related risk : Liability risk for damage to employees. Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 17
[email protected] +20105394312
Risks Classifications Effect Based risk classification: addresses risk in term of what it might affect. On a project, the major issues that can be effected are time ,cost ,quality and scope. All these risks are interrelated such that changes to one will affect of the others. You need to be sensitive to these relationship and how changing one can cause problems in another. Source Based risk classification: addresses risk in terms of where it originates Source may be internal or external to project, as well as technical , nontechnical , industry-specific , or generic.
Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 18
[email protected] +20105394312
1/22/2006
Risks Classifications Levels of uncertainty : address risks classified based on how much is known about them Known : Items that you are aware of and that will affect you, but you have no control over. Known-unknown : Items that will affect you, although you are not able to predict how or how much they will affect you. Unknown-unknown : Items beyond your ability to foresee.
Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 19
[email protected] +20105394312
Risks Tolerance Risk tolerance address the level of risk a project manager or key stakeholder is willing to take when money at stake is compared to the potential payoff. It’s measured in terms of the amount of satisfaction or pleasure the individual receives from payoff. Risk tolerance can be classified as risk-averter , risk-seeker , and risk-neutral Risk averter : Not likely to take a risk that is considered a high risk Risk seeker : Prefers an uncertain outcome and may be willing to pay a penalty to take a high risk. Risk neutral : Tolerance to risk is proportional to the amount of money at stake Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 20
[email protected] +20105394312
1/22/2006
Decision – Making and Categories Decision making encompasses three elements : Certainty : Completely sure of the states of nature to be faced and their respective payoffs. Risk : known states of nature and their respective payoff, but probability must be assigned to the occurrence of each state of nature Uncertainty : Each state of nature must be estimated and payoffs may be unknown.
Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 21
[email protected] +20105394312
Risk Mode Payoff matrix Example This Risk mode payoff matrix was used by a ski resort weigh the probabilities of different weather patterns against the cost of two different snow making machines. Strategy Lots of Snow Strategy 1: Snow-maker $90,00 Lite Strategy 2: Snow-maker $75,000 Deluxe
Little Snow $55,00
Dry and Cold $35,00
$70,00
$70,00
Strategy
Calculation
Snow-maker Lite Snow –maker Deluxe
(90)(.70)+(55)(.60)+(35)(.10)=99.5 (70)(.70) +(70)(.60)+(70)(.10)=101.5 Akram Al-Najjar, PMP.
Source: pmbok guide 2004
Slide 22
[email protected] +20105394312
1/22/2006
How to Create a Risk Management Plan Guidelines • Determine how you will organize your project management team -Consider assigning a risk officer to coordinate all risk management activities -Define the roles and responsibilities for each person on the risk management team -The sponsor may be able to assist in some risk management activities , such as developing response strategies for all risk classified as high risks. • Conduct risk planning meeting to develop the risk management plan •Establish a budget for risk management •Consult your organization’s risk management policy and make sure your risk planning complies with the policy •If your organization has a risk management plan template , use it and make modification to meet the specific needs of your project. Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 23
[email protected] +20105394312
How to Create a Risk Management Plan Guidelines : •Describe the approaches , tools , and data sources that may be used to perform risk management activities for the project. -How will the risk be identified? Will you conduct brainstorming sessions? Will you use the Delphi technique? Will you use subject matter expert? -How will the identification risks be scored and analyzed so that effective response strategies can be developed ? Is there organization policy mandating a specific scoring and prioritization method? -Determine and describe the schedule for performing risk management activities. -Determine and describe how your team will document risk response efforts. - What tools will your team use to store risk information and track responses? - How will the risk response efforts be communicated to the project stakeholders? -Determine and describe how the lessons learned from your risk management activities will be documented for the benefit of future projects. -If an organization, sponsor , or customer has specific guidelines or requirements regarding risk thresholds , this information should be included in your risk management plan.
1/22/2006
Risk Identification •Risk Identification is the process of identifying and documenting the characteristics of project risks. •First , you review the Risk management plan , project planning output , risk categories, and any historical information. •You then perform analysis using such tools as documentation reviews , checklist , information gathering , assumption analysis, and diagramming techniques. •Finally , you output the risk register. Initial risk identification may be done at the macro level Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 25
[email protected] +20105394312
Risk Identification Tools & Techniques 1. 2. 3. 4. 5.
Documentation reviews Information-gathering techniques Checklists analysis Assumptions analysis Diagramming technique
Inputs 1. Enterprise Environmental Factors 2. Organizational Process Assets 3. Project Scope Statement 4. Risk Management Plan 5. Project Management Plan Source: pmbok guide 2004
Outputs 1. Risk Register
Akram Al-Najjar, PMP. Slide 26
[email protected] +20105394312
1/22/2006
Project Risk Management Input n
Environmental factors: external sources of risk information may include commercial database , studies , or benchmarking.
n
Organizational process assets :historical information ..etc
n
Project scope statement : assumption may be source of risk.
n
Risk management plan : describes the team’s approach to identifying risk.
n
Project management plan : understanding the project’s mission , scope , objectives and all other planning output.
Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 27
[email protected] +20105394312
Project Risk Management Tools and Technique n
Documentation review: Structured review of project plans and related documents at both the total project and detailed scope level.
n
Information gathering technique :methods used to collect data that will assist the project team in identifying risks :
-Brainstorming , Delphi technique , interviewing and SWOT analysis n
Checklists : developed bases on historical information and provide a quick , simple , and standardizes way to identify risk.
n
Assumption analysis : technique used to explore the validity of project assumptions.
n
Diagramming technique : Cause and effect diagram , System or process flow charts, Influences diagram Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 28
[email protected] +20105394312
1/22/2006
Risk Categories n
Divisions into which project risks can be grouped to reflect common sources of risk for a specific project, industry, or application area.
n
Risk Categories n
Technical, quality, or performance risks
n
Project management risks (time , resources , and cost estimate )
n
Organizational risks (funding , conflicts and management support )
n
External risks ( Union , security issues …etc) Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 29
[email protected] +20105394312
Project Risk Management Output n
Risk register n
List of identified risk
n
List of potential responses
n
Root causes of risk
n
Update risk categories
Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 30
[email protected] +20105394312
1/22/2006
How to Identify Project Risks and Triggers n
n
n
Review outputs from other planning processes (Charter , WBS , Estimates assumptions…..etc) Use one or more risk identification techniques to identify risks and their possible triggers. Apply the method to identify project risks and triggers consistently.
n
Consult relevant historical information.
n
Group identified risks into categories.
n
Determine triggers for each identified risk.
Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 31
[email protected] +20105394312
Qualitative Risk Analysis n
n
n
n
It is the process of assessing the probability and impact of the identified risks and prioritizing them according to their effect on project objectives. Initially , you gather the risk management plan, risk register, and any relevant project documentation . Then , you analyze each risk using such tools as risk probability and impact , probability / impact risk rating matrix , project assumption testing , data precision ranking , and urgency. Finally , you enter any alterations into the risk register. Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 32
[email protected] +20105394312
1/22/2006
Qualitative Risk Analysis Tools & Techniques 1.
Risk probability & impact assessment
2.
Probability & impact matrix
3.
Risk data quality assessment
4.
Risk categorization
5.
Risk urgency assessment
Inputs 1.
Outputs
Organizations process assets
2.
Project scope statement
3.
Risk Management Plan
4.
Risk register
1.
Risk Register update
Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 33
[email protected] +20105394312
Qualitative Risk Analysis Input n
Organizational process assets :historical information ..etc
n
Project scope statement
n
Risk management plan : Roles and assignments in risk management , risk categories and so on.
n
Risk register : Contains the list of identified risk.
Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 34
[email protected] +20105394312
1/22/2006
Qualitative Risk Analysis Tools and Technique n
Risk Probability and Impact Often described in qualitative terms such as very low, low, moderate, high, and very high.
Probability n
The likelihood that a risk event will occur or prove true.
Impact n
The likely effect on project objectives if the risk event occurs— often expressed in terms of the amount of money at stake.
Akram Al-Najjar, PMP. Slide 35
Source: pmbok guide 2004
[email protected] +20105394312
Probability Scale
No Probability
0
Certainty
.1
.3
.5
.7
.9
1.0
Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 36
[email protected] +20105394312
1/22/2006
Impact Scales Impact Rating
Impact Level
Definition
1.5
Very low
Minor and not noticeable outside the project.
3.5
Low
Minor but noticeable to the customer or sponsor.
5.5
Moderate
Significant and would create customer or sponsor dissatisfaction with the project.
7.5
High
Significant and would create major customer or sponsor dissatisfaction. The project would be in jeopardy.
9.5
Very High
Catastrophic. The project would be cancelled.
If this risk occurs, the impact on the project’s objectives in:
Akram Al-Najjar, PMP. Slide 37
[email protected] +20105394312
0.1 Very Low
0.5 Medium
0.9 Very High
Qualitative Risk Analysis Tools and Technique
Probability
Probability/Impact Risk Rating Matrix
Source: pmbok guide 2004
1.35
4.95
7.65
.75
2.75
4.25
0.15
.55
.85
Very Low 1.5
Medium 5.5 Impact
Very High 8.5
1/22/2006
Qualitative Risk Analysis Tools and Technique n n
n
Risk data quality assessment : The evaluation of the usefulness of the data about risks being analyzed. Examining data obtained about a risk for: n
n n n
The extent to which the source of the information understands the risk. The amount of data available about the risk. The quality of the available information. The legitimacy and dependability of the available data.
Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 39
[email protected] +20105394312
Qualitative Risk Analysis Tools and Technique n n
Risk Urgency assessment : Risk that will require action in the near term may be considered more urgent than those occurring later.
Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 40
[email protected] +20105394312
1/22/2006
Project Risk Ranking It is the overall risk ranking for producing the final deliverables of the product or service of the project it is calculated by summing the risk factor scores for the project’s individual risk and then dividing them by the number of individual risks . It allows for comparisons among other projects , assisting in project initiation , budget and resource allocation , and other decisions.
n
Example:
n
The risk management team for a project identified and analyzed 30 risks for the project. The total of the risk factor scores for those 30 risk was 75. The project manager divided the number by the number of ris k to determine that the overall risk ranking for the project was 2.5 (75/30=2.5.) Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 41
[email protected] +20105394312
Qualitative Risk Analysis Output n
Risk register (updates) n
Relative ranking or priority list of project risks.
n
Risks grouped by categories.
n
List of risks requiring response in the near-term.
n
List of risks for additional analysis and response.
n
Watch lists of low priority risks.
n
Trends in qualitative risk analysis results.
Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 42
[email protected] +20105394312
1/22/2006
How to Perform Qualitative Risk Analysis Examine the list of identified risks to ensure all risks are documented. (Are all risks identified and documented?)
n
Analyze the data available for each risk to assign a data precision ranking score.
n
Determine the organization's risk threshold for this project.
n
Analyze the assumptions identified during risk identification as potential risks.
n
Analyze the probability and impact of each identified risk using well-defined probability and impact scales.
n
Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 43
[email protected] +20105394312
Quantitative Risk Analysis n
n
n
n
It is the process of numerically assessing the probability and impact of each risk and determining the extent of the overall project risk. Initially , you gather previous document indicating risk planning, project scope , as well as the risk register. Then , you analyze each risk using such tools as interviewing , probability distributions , sensitivity analysis expert judgement expected monetary value analysis , decision tree analysis and simulation. Finally , you enter any alterations into the risk register.
Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 44
[email protected] +20105394312
1/22/2006
Quantitative Risk Analysis Tools & Techniques 1. 2.
Data gathering and representation techniques Quantitative risk analysis and modeling techniques
Inputs 1.
2. 3. 4. 5.
Organizations process assets Project scope statement Risk Management Plan Risk register Project management plan -Project schedule management plan -Project cost management plan
Outputs 1. Risk Register update Akram Al-Najjar, PMP.
Source: pmbok guide 2004
Slide 45
[email protected] +20105394312
Quantitative Risk Analysis Tools and Technique n
Data gathering and representation techniques
n
Interviewing
n
Probability distributions
n
Expert judgment
Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 46
[email protected] +20105394312
1/22/2006
Probability Distribution
Distribution Type Description Uniform
All values are likely to occur (straight line display)
Normal
Most values in a sampling are close to the mean (bell-shaped density curves with a single peak display)
Triangular
Most optimistic, most likely, and most pessimistic values are analyzed (triangle-shaped display)
Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 47
[email protected] +20105394312
Probability
Uniform Distribution
Impact Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 48
[email protected] +20105394312
1/22/2006
Probability
Normal Distribution
Impact Akram Al-Najjar, PMP. Slide 49
Source: pmbok guide 2004
[email protected] +20105394312
Probability
Triangular Distribution
Impact Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 50
[email protected] +20105394312
1/22/2006
Quantitative Analysis Methods n
Sensitivity Analysis
n
Expected Mona try Value
n
Decision Tree Analysis
n
Modeling and Simulation
Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 51
[email protected] +20105394312
Sensitivity Analysis n
It is a method of assessing the relative impact of changing a variable in a project to gain insight of the possible outcome of one or more potential courses of action, Sensitivity analysis places a value on the effect of changing a SINGLE VARIABLE within a project by analyzing the effect on the project plan.
1.
Begin with your original time or cost estimate.
2.
Break out the components of the estimate into manageable chunks.
3.
Determine the variable to investigate and identify its likely range of variation.
4.
Calculate and assess the impact of changing the range of results on the overall project estimate for each value in the range. Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 52
[email protected] +20105394312
1/22/2006
Quantitative Risk Analysis, Tools & Tech. n
Expected Monetary Value (EMV) is a method of calculating the average out come when the future is uncertain. Status
Payoff
Good Market – Good Quality
80,000
Probability % 15
Good Market – Poor Quality
50,000
45
Poor Market – Good Quality
20,000
25
Poor Market – Poor Quality
-20,000
15
Expected Payoff for good market = 80,000*0.15 + 50,000*0.45 = LE 34,500 Expected Payoff for good quality = 80,000*0.15 + 20,000*0.25 = LE 17,000 EMV = 80,000*0.15 + 50,000*0.45 +20,000*0.25 + (-20,000)*0.15 = LE 36,500 Akram Al-Najjar, PMP. Slide 53
Source: pmbok guide 2004
[email protected] +20105394312
Decision Tree 00 $70,0 00 = $100,0 0.7 x
0 ,00 100 A$
0.3 x -$10,000
= - $3,000
0,000 000 = $3 0.5 x $60,
B $125,000
C$ 135 ,00 0
0.5 x $10,00 0 = -$5 ,000 0.2 x $20,000 = $4,000
0.8 x -$10 ,000 =
- $8,0 00
$100,000 + $70,000 - $3,000 = $167,000 $125,000 + $30,000 - $5,000 = $150, 000 $135,000 + $4,000 - $8,000 = $131,000 (Least Cost)
1/22/2006
Quantitative Risk Analysis, Tools & Tech. n
Modeling & Simulation n
Establish a model
n
Use
the
model
to
study
the
uncertainties
specified at a detailed level using impact on project objectives n
Monte Carlo technique
n
Cost Risk Analysis use WBS as Model
n
Schedule Risk Analysis use PDM, AON as Model
Akram Al-Najjar, PMP. Slide 55
Source: pmbok guide 2004
[email protected] +20105394312
Quantitative Risk Analysis, Tools & Tech. Cost Risk Simulation
Total project Cost Cumulative Chart
1.000
5.000
Frequency
Probability
Mean 46.67 .750
.500
.250 12% .000 30.00
$ 41 38.75
$ 50 47.50
56.25
Cost $
65.00
Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 56
[email protected] +20105394312
1/22/2006
Quantitative Risk Analysis, Outputs n
Risk register (updates) n n
n n
Probabilistic analysis of the project. Probability of achieving cost and time objectives. Prioritized list of quantified risks. Trends in quantitative risk analysis results.
Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 57
[email protected] +20105394312
How to Perform Quantitative Risk Analysis n n
n
n
n
Consult historical information regarding risk. Use the appropriate interviewing technique to query project stakeholders and subject matter experts to obtain probability distributions. Depict the distributions obtained for use in risk response planning. Perform a sensitivity analysis to determine which risks have the most potential impact on the project. Use decision tree analysis to examine the implications of choosing one of two or more alternatives. Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 58
[email protected] +20105394312
1/22/2006
How to Perform Quantitative Risk Analysis n
n
Conduct a project simulation using a model to translate uncertainties into their potential impact on project objectives at the total project level Prioritize the quantified risks according to the threat they pose or the opportunity they present to project objectives
Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 59
[email protected] +20105394312
Risk Response planning n
n
n
n
Risk response planning is the process of examining
each risk and corresponding response alternatives , determining which response will improve the likelihood of a positive outcome. First , you review the risk management plan and risk register , which were updated with previous risk management planning outputs. Then , you employ an appropriate technique for each risk , either avoidance , transference , mitigation , acceptance or exploitation . Finally , you enter any alternation into the risk register , risk response plan or the necessary project documentation. Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 60
[email protected] +20105394312
1/22/2006
Risk Response planning Tools & Techniques 1. 2. 3. 4. 5. 6. 7.
Strategies for negative risk or threats Strategies for positive risk or opportunities Strategies for both threats and opportunities Contingent response strategy
Outputs
Inputs 1. Risk management plan 1. Risk register Source: pmbok guide 2004
1. Risk management plan 2. Risk register (update) 3. Risk-related Contractual Akram Al-Najjar, PMP. Slide 61 agreements [email protected] +20105394312
Risk Response planning Tools and Technique
1. 2.
Strategies for negative risk or threats Risk Avoidance : it is involves changing the project plan to prevent a potentially detrimental risk condition or event from happening. One way to eliminate a risk is to reduce or change the scope of the project in an attempt to avoid high risk activities. The scope change could involve the requirements or specifications , or it can mean changing the approach to meeting the requirements or specifications.
Example : The product description for an elementary social sciences
education multimedia program references stock video clips of children riding bikes and roller skating without helmets or knee pads. During risk identification , the project team reviewed the product description and identified a potential risk of school administration not buying the program because it appears to advocate unsafe activities. Viewing this as a high risk , the team avoided this risk by changing the project scope so that it did not include the videos. Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 62
[email protected] +20105394312
1/22/2006
Strategies for negative risk or threats 2.
Risk transference : is involves shifting the impact of a risk event and ownership of the risk response to a third party. This strategy typically is used in connection with financial risk exposure and most often involves payment of a risk premium to the party assuming the risk.
Example: Risk sharing is a form of risk transference in which only a portion of the risk is transferred to another party. For instance , organization often transfer responsibility for the risk of an employee getting injured on the job by paying a premium for worker’s compensation insurance. The insurance company assumes liability of the risk and is responsible for covering the injured worker’s medical bills and / or partial wages depending on the circumstances. Because the initial organization has transferred part of the financial liability to the insurance company and they now share the risk. This would be an example of both risk sharing and risk transference. Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 63
[email protected] +20105394312
Strategies for negative risk or threats 3.
Risk mitigation: Is attempts to reduce the probability or impact of a potential risk event to an acceptable level. Mitigation may involve implementing a new courses of action in an effort to reduce the problem or changing the current conditions so that the probability of the risk occurring is reduced. Sometimes , when reducing the probability is not possible, the focus must be on reducing the consequences of the risk event.
Example: An example of risk mitigation is the develop of design model , or prototype, the earlier this can be done in a project, the lower the risk , Mock-ups , which are similar to prototypes, can test user interaction with system or products. The project team can make changes to the design based on early test result, thereby reducing the probability of a problem once the product is released to market.
Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 64
[email protected] +20105394312
1/22/2006
Strategies for Positive risk or Opportunities Risk exploitation : This strategy is often used when a project team wants to make sure that a positive risk is fully realized. This is often done by hiring the best experts in a field or ensuring the most technologically advanced resources are available to the project team. Risk sharing : This strategy entails partnering up with another party in an effort to give your team the best chance of seizing the opportunity, joint ventures are common example of risk sharing. Risk enhancement : This strategy attempts to increase the probability that an opportunity will occur. This is done by focusing on trigger condition of the opportunity and trying to optimize their chances for occurrence.
Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 65
[email protected] +20105394312
Strategies for both threats and opportunities Risk Acceptance : Is any decision not to change the project plan to deal with a risk. It may be chosen for a risk that has an extremely low possibility of occurrence or for which no suitable risk response strategy is identified. Risk acceptance is performed either passively by doing nothing or actively by creating a contingency plan to deal with the risk. Example: You own a business on a hill in an area that floods relatively often. Because of your location, you decide not to buy flood insurance. Instead , you set aside money that is earmarked for the repair of water damage in case of flooding. In this case, you are employing a risk acceptance strategy by establishing a contingency reserve for an emergency . Although you aren’t ignoring the risk , you will spend money only if the risk event actually occurs. Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 66
[email protected] +20105394312
1/22/2006
Strategies for both threats and opportunities Contingency plan : Is a strategy developed in advanced for dealing with the occurrence of identified risk. It’s performed to construct a strategy before things go wrong. With a good contingency plan in place, you can react quick and appropriately to the risk event , reducing its overall impact. A contingency plan may include a fallback plan for risks with high impact. The fallback plan is implemented if the initial contingency plan is ineffective in responding to the risk event. Contingency reserve : Usually , when risk acceptance is the selected response strategy , a contingency reserve is established to deal with unknown risks and accepted known risks. The contingency reserve may be in the form of additional time , money or resources . It covers risk events that are not accounted for in the project’s baseline duration and cost estimates. The amount of the reserve is determined by the potential impact of the risk, but should include enough to implement any contingency plans as well as a buffer for dealing with unidentified risks. Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 67
[email protected] +20105394312
Risk Response planning Output n n n n n n n n n
n
Risk register (updates) Identified Risk Risk owner Results from qualitative and quantitative risk analysis processes Agreed response Specific action to implement the chosen response strategy Residual and secondary risk (next slides) Budget and time of responses Contingency plan and triggers
Risk related contractual agreements: Insurance , partnerships,
and risk sharing parties will generate language that specifies each party’s responsibility for different risk
Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 68
[email protected] +20105394312
1/22/2006
Risk Response planning Output n n
n n
Residual Risk The risks that remain after avoidance, transfer or mitigation responses have been taken. Its also include minor risks that have been accepted.
Secondary Risk The risks that arise as a implementing a risk response.
direct
result
of
Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 69
[email protected] +20105394312
How to Develop a Risk Response Plan n
n n
n
n
n
Examine each identified risk to determine its causes and how it might affect project objectives. Brainstorm possible response strategies for each risk. Choose the response strategy that is most likely to be effective for each identified risk. Develop specific actions for implementing the chosen strategy. Identify backup strategies for risks with high risk factor scores. Determine the amount of contingency reserves necessary to deal with accepted risks. Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 70
[email protected] +20105394312
1/22/2006
How to Develop a Risk Response Plan (cont.) n
n
n
n
Determine how much of a contingency reserve you should set aside for unknown risks. Consult the risk management plan for the description of the content and format of the risk response plan. Incorporate the risk response plan into the overall project plan. Examine trends in analysis results which may guide response strategies.
Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 71
[email protected] +20105394312
Risk Monitoring and Control n
Is the process of responding to identified and unforeseen risk. It involves tracking identified risk , identifying new risks , implementing risk response plans, and monitoring their effectiveness.
Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 72
[email protected] +20105394312
1/22/2006
Risk Monitoring and Control Tools & Techniques 1. 2. 3. 4. 5. 6.
Risk reassessment Risk audits Variance and trend analysis Technical performance measurement Reserve analysis Status meeting
Outputs 1. 2. 3. 4.
Inputs 1. 2. 3. 4. 5.
Risk management plan Risk register Approved change requests Work performance information Performance Reports
5. 6.
Risk register updates Requested changes Recommended corrective actions Recommended preventative actions Organizational process assets (updates) Project management plan (updates) Akram Al-Najjar, PMP.
Source: pmbok guide 2004
Slide 73
[email protected] +20105394312
Project Risk Response Audit n
n
An examination of the effectiveness of risk response plans and the performance of the risk owner. May be conducted by a third party, the project’s risk officer, or other qualified personnel.
Project Risk Response Audit Process n
n
n
Gather relevant project data regarding work results including risk database. Review the risk response plans and implementation of the plans. Prepare a report of the findings and distribute to the project team and key stakeholders. Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 74
[email protected] +20105394312
1/22/2006
How to Monitor and Control Project Risk n n
n
n
Consult the risk response plan to identify risks and triggers. Monitor the environment for any new risks that may arise due to changes in project scope, cost, schedule, or quality. Monitor the effectiveness of the risk response, contingency, and fallback plans. Deal with unforeseen risks by systematically planning a reasoned response.
n
Update project documentation as changes are indicated.
n
Manage the contingency reserve.
Workaround Plans n
Unplanned responses to emerging risks that were previously unidentified or accepted. Akram Al-Najjar, PMP.
Slide 75
Project Risk Management Process Flow Diagram
Source: pmbok guide 2004
Enterprise Environmental Factors
Organizational Process Assets
Commercials database
Polices , procedures, Lesson Learned
Scope Definition Scope Statement 5.2
[email protected] +20105394312
Project Management Plan
Risk Management Planning 11.1
Approved change request & corrective action
Risk Management Plan
Risk Identification 11.2
Develop Project Management Plan 4.3
And prevention action
Approved change Request
Risk register
Develop Project Management Plan 4.3
Performance reporting 10.3
Project cost and schedule Management plan
Performing reporting
Work performance Direct and Manage information
Project Execution 4.4
Qualitative Risk Analysis 11.3 Risk register update
Quantitative Risk Analysis 11.4 Risk register update
Risk Response Planning 11.5 Risk register update
Project Management Plan update
Recommended corrective action Recommended prevention action
Close Project 4.7
Risk register & Organizational Process Assets
Risk Monitoring & Control 11.6
Requested change Risk register update Project Management Plan update
Integrated Change Control 4.6
1/22/2006
Discussion Any question?
Akram Al-Najjar, PMP. Source: pmbok guide 2004
Slide 77
[email protected] +20105394312
Related Documents
Pmp Chapter 11 2004
November 2019 9
Pmp Chapter 4 2004
November 2019 2
Pmp Chapter 5 2004
November 2019 0
Pmp Chapter 8 2004
November 2019 2
Pmp Chapter 6 2004
November 2019 4