Risk exists for any kind of a project, irrespective of its size, complexity and other aspects. A project’s success depends heavily on its Project Manager’s ability to manage the risk. So, it is important that as a PM, you are asking all the right questions when it comes to handling risk.
Let us run through this handy checklist to gauge your risk management quotient.
1) Have you created a risk matrix?
A risk matrix is a core artefact to be prepared by the PM, right at the start of the project. Creating such a document compels the PM and everyone else to look at the project from different perspectives, identify the loose ends or live wires and ensures that these details are recorded and registered for everyone to be aware.
2) Have you prioritised the risks?
Once you get your list of risks ready, prioritise them as H/M/L or colour code them if that’s your style, but make sure that not all risks do not get the same treatment. For e.g. if I’m planning a birthday party, a few guests not turning up and the food getting wasted is a risk, but it’s a low one, because the party will not be cancelled due to this. However, if the caterer himself does not turn up, well, then, it’s a high risk!
The reason we need to prioritise risks is, let’s admit it, managing risks is an overhead which does not contribute directly to the project output. So, it’s important we invest our time on the ones that need the most attention.
3) Have you assigned owners for the risk items?
Collective accountability is a must when it comes to mitigating risks. The PM is not a super hero who can single-handedly control all the risks. So, it is important to assign different owners for the risk items and make people aware of their ownership.
For e.g. while working on version 1.0 of a project, you want to make the design and the schema scalable, because there is a scheduled 2.0 that is bound to follow-up shortly. A Technical Architect would most likely happen to own this risk item.
4) How are you planning to track the risk items?
You’ve created the risk matrix, prioritised and assigned owners to the risk items. Great! Two months later, how would you assess the likelihood of occurrence of that event? Would that be a subjective decision? Maybe, all the stakeholders get together once a month to review the risk items? What happens if the stakeholders cannot arrive at a consensus?
One of the biggest challenges in the area of risk management is tracking the risks. The Project Manager and the other risk owners should watch out for early warning signs that are potential indicators. Also, wherever possible, it is important to define the risk item in a measurable way so it’s easy to track it. (E.g. if the fuel goes down to 15%, abort the flight and land).
For e.g. Integration testing is a risk item for your project since you have to test with an external system. You can define it as – if the external system is not ready for testing by August, then the risk is high and it is time to resort to contingency plan. These criteria can be drafted as early as the beginning of the project.
5) How often do you revisit the risk matrix?
As the project progresses, the landscape can vary to the extent that some risks may just drop off or their priorities may change or new risk items may crop up. All this goes to say that your risk matrix has to remain updated and need to be relooked at a regular interval (preferably, weekly or bi-weekly)
Sometimes, it’s possible a certain risk event has now occurred, which necessitates you to take action points. For e.g. if a certain key developer has left the firm, this means resource changes and the training associated with getting the new person up to speed.
6) Have you got your contingency plans ready?
It is surprising to see projects where risks are meticulously identified and tracked, but people do not know what to do when the event actually occurs. When the action you need to take is not clear, people start pressing the panic button and run like headless chicken.
A successful Project Manager is often someone who can keep his calm at the worst of situations and that usually happens with a) experience and b) clarity in thinking and planning. Even for the worst of the risks, have a contingency plan ready. For e.g. one of your requirements has undergone a significant change due to the dynamic markets. It could just be that you need to buy more time to implement or you may choose to leave this out for the next phase.
7) Have you communicated the risks to your stakeholders?
Pick any aspect of Project Management and you would invariably add – ‘please communicate’. So, risk is no exception. One of the positive things about communicating risks is that people are aware of the things that can go wrong and when you present your contingency plans, they know that you’re ready to tackle when things go wrong. So, the risks become calculated risks, which are the ones that projects need to take. It also means the accountability is spread across the team and people are aware of the things to consider before taking a decision.
For e.g. during a project kick-off, a major risk identified about having insufficient budget to procure the right kind of hardware could make the customer rethink about going ahead with the project. Maybe, he would defer it till the budget is made available. Although, it may appear to be a failure, it would work out in the long-term, because the project may not yield the expected results with out of date hardware.
This handy checklist should help you deal with the project risks. A final parting thought – a Project Manager should never consider risks as a personal success or a failure. Some of the risks can even be ‘good risks’. If you are able to look at the risk matrix impartially, it is more likely that you’ll be able to manage it better.