Every project is a journey of uncertainty. How can we complete the challenges of each journey successfully? By identifying, evaluating, and responding to our project risks consistently. Let’s focus on the what, why, and when of evaluating project risks.
What is the best way to evaluate risks?
There are many ways to evaluate risks. Each has its place. In general, project managers perform qualitative and quantitative risk analysis. What’s the difference?
Qualitative risk analysis is a quick way to evaluate risks. A common qualitative method is the probability and impact matrix. Risks are evaluated in terms of probability (i.e., likelihood) and impact (i.e., effect or consequence) on a scale such as 1 to 5. While this method is subjective, it does provide a method for prioritizing risks quickly.
Quantitative risk analysis is a numeric evaluation. There are several quantitative tools, such as the decision tree diagram, sensitivity analysis, and expected monetary value (EMV).
Consider an EMV example, a numeric analysis: A risk could be evaluated with a probability of 30% and an impact of $40,000. We multiply the probability times the impact, resulting in a risk exposure of $12,000.
While the quantitative risk analysis requires more time, we benefit from a deeper level of understanding. This may be required to make significant decisions such as go/no-go decisions in moving forward with projects. Lastly, we may use the quantitative risk analysis to determine the schedule and budget reserves.
The amount of risk evaluation rigor should be commensurate with the size and complexity of each project. It’s a good practice to determine your risk evaluation approach as you define your risk management plan.
Why do project managers struggle with analyzing risks?
Good risk analysis starts with a good risk description. Individuals have difficulty evaluating the likelihood and impact of poorly defined risks. Write clear risk statements by differentiating between the causes, the risk or uncertainty, and the effects or impacts.
Another problem is the evaluation bias. Some people want to influence a decision in one direction or another for selfish or political reasons. Others make inferences in an illogical fashion based on wrong perceptions. Seek to reduce the risk evaluation bias by uncloaking the bias, having open conversations, and reducing the subjectivity.
Why evaluate risks?
The primary reason for evaluating risks is to prioritize our risks. Project managers face competing demands every day. How can we decide where to invest our time and energy best? By evaluating and prioritizing our risks.
Risks—including threats and opportunities—with a high priority should be our focus. Project managers monitor these important risks, formulate plans, and take actions when necessary. And we watch the lower-priority risks because these risks may increase over time, meriting a response.
When should project managers evaluate risks?
It’s never too early to start identifying and evaluating risks. Project managers can have a greater influence on risks the earlier the risks are identified. Why? We have more time to respond, and things are not as fixed as they will be later in a project.
A good practice is to identify, evaluate, and include the highest overall project risks—risks that are important to the entire project—in the project charter. A good understanding of the most significant risks helps management to select the right projects and to staff the project in a manner that helps to address those risks.
How to Actually Perform a Qualitative Risk Analysis Mini-Course
I’ve developed this course to help you quickly review the concepts of qualitative risk analysis. You’ll be able to test your understanding through a quiz. Additional risk evaluation resources are provided, including a FREE risk register template. Click here to enroll!
For more brilliant insights, check out Harry’s blog: The Project Risk Coach