Like a piece of good music, every risk manager’s job is to promote proper form so that the orchestra as a whole continues smoothly and without critical flaws. Dave Gordon, writing for The Practicing IT Project Manager, knows this analogy well.
The Rhythm of Risk
On the first day of a project, it’s not uncommon to overlook risk assessments, but that doesn’t make it right. Every instrument of the project should be tuned and monitored from the start. If one section is out of synch, it affects other divisions. Gordon recommends building risk management into the overall business process:
Whether you take a very structured approach to assessment, with quantitative analysis and a separately managed risk budget, or a qualitative approach with risk management costs baked in to the project budget, risk management is only beneficial if it is part of execution, as well as planning. Our risk assessment, like our requirements gathering, should be an ongoing process that improves the resilience (anti-fragility, if you prefer) of the endeavor over the course of the project.
Four Aspects of Risk Management
To take action, Gordon recommends focusing on four distinct areas:
- Transfer: the transference of responsibility must be followed up with compliance measures – a matter of chasing unknown and unforeseen impacts.
- Mitigate: this requires the placement of triggers. An effective trigger will initiate the appropriate mitigation strategy.
- Avoid: it is good to have a communication plan that informs stakeholders of risk avoidance-based changes relevant to scope or design.
- Accept: it is always possible for a risk to be accepted. However, any risk still requires monitoring and reclassification should the need arise.
Additionally, team members are crucial to the process of risk evaluation. They are comparable to the keys on a piano, and each one must play their respective note, sometimes loudly to signal an escalating risk. Risks are dynamic, and must be managed as the operational tune is played (in a manner of speaking).
Read the full blog at: http://blog.practicingitpm.com/2014/08/05/risk-management-part-operating-rhythm/