Now that you have an idea about what is Risk and how to manage it, as discussed in Part 1, this next part will be a FAQ around this subject with Laura Holder, one of EPMA’S Certified Senior Project Managers.
Can you please introduce yourself and explain your role as a Senior Project Manager?
Hi Sophia, my name is Laura Holder, and I’m currently a Senior Manager at EPMA. I have over 15 years of experience in project management, and I’m still learning and improving my skills! My role as a project manager is to help people accomplish their goals in a timely manner while adhering to their budget. I do this through constant communication with the stakeholders and project team, and by managing the following project areas: scope, schedule, costs, deliverables, issues, and risks.
Do all projects have risks?
All projects have risks, and they come in all shapes and sizes! Some risks are minimal, and others may become major issues that have the ability to shut the project down in a heartbeat. Project risk severity depends on the business value, cost of investment, and experience in delivery. For example, a software upgrade is usually low risk, low cost, and provides some business value. Since we’ve upgraded this software before, the process is a proven vehicle for success.
On the other hand, a project whose objective is to create a new methodology for leak detection on low flowing pipelines, through a mountain range involves high complexity and high risk. Both projects should be evaluated for risk. Less risky projects sometimes go awry if the risks are not evaluated because no one is paying attention. How many times have you heard: “The project was supposed to be simple and straightforward, right?” Even if the mitigation plan is to just keep an eye on the risks, risk assessment is still a valuable exercise.
It is extremely important to understand what could possibly, and would most likely go wrong in the project so that the risks can be communicated, planned for, and monitored. Sometimes the riskier the project, the more business value comes from the results, but only if the risks are well managed.
How do you minimize risk?
Minimizing risk is logical, but is also an art! Sometimes, the mitigation is straightforward with a technical solution. Other times, the mitigation depends on communication, relationships, coordination with other departments, networking, informing of project benefits, etc. These skills are important for risk mitigation, but more importantly, risk awareness.
The more people who are aware and addressing the risk, the more success you will have with keeping risks in check or having it disappear altogether. As Jerry Maguire would say, “Help me, help you”!
Why is it difficult to manage risk?
The difficult part of managing risk is being aware of new risks and reacting to existing risks that shift in severity. Regular risk reviews are necessary to respond to the add-ons and shifts in a timely manner. Sometimes a mitigation plan of a high priority risk turns into a mini-project; which leads to more work as well.
One way to share the work is to engage your team in the risk reviews so that, they are on the look-out for new risks and keep you in the loop when risk severity is shifting. It’s better to spend the time to stay on top of the risks and have a successful project, then to ignore risks and spend more time later digging yourself out of a hole.
How do you evaluate risk on an ongoing basis?
Identifying risk is relatively easy. With the sponsor and project team, evaluate the common risks categories of External, Internal, Technical, and brainstorm on all that could go wrong and/or impact your delivery. Be realistic and candid. After making your list in the Risk Register, rank the likelihood of the risk becoming an issue and rank the impact to the project.
After the ranking, sort the risks in priority order, starting with the highest-ranking likelihood and impact down to the lowest ranking. Next, brainstorm on the mitigation plan for each risk and update the project plan and schedule, if needed. Many projects stop here when it comes managing risks, but that’s just the start of the risk management work!
Risks need to be reviewed on a regular basis. Depending on the effectiveness of the mitigation plan, where you are at in the project, critical resource availability, available funds, changing business direction, etc., the risks on the register may have changed in severity and priority, or they may not be risks anymore, or new risks may have been identified. The size of the Risk Register and the complexity of the risks will tell you if they can be reviewed at your weekly project team status meeting or if a separate risk meeting should be scheduled.
Starting with the highest priority risk, determine if it is still relevant. If so, verify the likelihood and impact rankings. Review the mitigation plan and decide whether it is working or needs to be changed. After reviewing the existing risks, ask the team if there are new risks that need to be added to the list. Determine if the risk status updates trigger updates to the project plan and schedule.
Communicating risks to management and keeping them in the loop is always a good thing. This way, management can help with the mitigation and/or be familiar with the risks in case they turn into issues.
Thanks to Laura for the knowledge sharing and traveling with us on our risk management journey. As you can see, the consultants and teams at EPMA, have the skills and know-how to support organizations in improving project management best practices, including risk management.
Learn how we can partner with you today. 1.713.400.9200