Three years of research into any topic is bound to yield some valuable insights, and when the topic is risk management, those insights just might be the ticket to avoiding catastrophe. Dr. Blaize Horner Reich and her colleagues developed five overarching principles for managing IT risk over a period of three years at Simon Fraser University, and with it, new strategies were born for mitigating risk. In a PDF, PMPerspectives overviews these principles and how to best abide by them in order to keep risk under control. These are the principles identified:
- Establish a learning climate.
- Mitigate knowledge loss.
- Create channels for knowledge flow.
- Develop a shared team memory.
- Use the risk register to monitor knowledge risks.
In order to create a learning climate, engage the team when coming up with the risk register in order to set a tone that everyone has knowledge worth sharing. Recognize that mistakes are inevitable and reward behaviors that foster the learning climate in addition to the behaviors that solve problems. Practice your information-sharing protocols during minor issues so that you are better prepared when larger issues arise, and remember to stay honest with everyone, because there is seldom a benefit to the alternative.
Mitigating knowledge loss means finding ways to disperse the knowledge of one person to others, often through means of methodology workshops, estimation exercises, and presentations on the history of and strategies of the organization. Backing up key roles through role-shadowing is a way for junior executives to gain senior-level skills, and you can use retention bonuses to entice your best people to stick around after projection completion. Creating channels for knowledge flow will of course be vital in ensuring information moves efficiently, and this can include websites, repositories, team meetings, brainstorming sessions, and informal socializing. This segues well into the next principle, developing a shared team memory:
Create and update the team's collective memory throughout the project. Discuss past lessons learned at the start of the project to establish a shared understanding of how and why the current project will be designed and managed. Keep members informed about progress and problems as the project progresses. At the end of the project, capture lessons learned. This enhances members' learning and competency, creates a shared story about the project that offers both closure and organizational learning, and helps future teams to meet their goals more efficiently and effectively.
When it comes to using the risk register, have all key team members compile it and update it continuously, allowing the lessons learned from previous projects to add up. Know when there are gaps in team knowledge and reach out for external assistance as necessary, and this includes anticipating when team members may be departing for other opportunities.
We never have the time we want to learn all the things we want, and so when others do spend the effort to acquire insights like these, we should be grateful for the assist. Use these five principles to make risk management more like juggling pins than juggling chainsaws.