logging in or signing up 140103 The_Rock Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINTLite Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 136 Category: Entertainment License: All Rights Reserved Like it (0) Dislike it (0) Added: October 10, 2007 This Presentation is Public Favorites: 0 Presentation Description No description available. Comments Posting comment... Premium member Presentation Transcript ‘Managing Risk, Space Invaders and your friendly, neighbourhood Burglar an introduction to an assumptions-based approach to project Risk Management : ‘Managing Risk, Space Invaders and your friendly, neighbourhood Burglar an introduction to an assumptions-based approach to project Risk Management presentation to Kingston and Croydon branch of the BCS 14-Jan-2003 David GalleyIntroduction: Introduction Basic approach to project risk management Proactive + Devolved + Simple to understand Presentation Content Risk Risk Management (vs Project Management) Assumptions-based approach Identifying Assumptions Registers Risk Evaluation & Prioritisation Risk Plans Roles & Responsibilities Execution QuestionsRisk combines notions of hazard and uncertainty: impact if hazard occurs likelihood of hazard occurring low risk high risk Risk combines notions of hazard and uncertainty contours of equal risk exposure.Relative risk exposure can be represented on a 4*4 ‘risk grid’: Relative risk exposure can be represented on a 4*4 ‘risk grid’ A B C D A B C D impact if hazard occurs likelihood of hazard occurring high risk low risk intermediate riskRisk Management is an integral part of Project Mgt …but different : Risk Management is an integral part of Project Mgt …but different (rest of) project mgt. project definition project structuring planning cost/schedule statusing project control …in what way is Risk Mgt different? risk managementNeed for Risk Management arises from uncertainty: Need for Risk Management arises from uncertainty (rest of) project management risk management certain impossible obstacle likelihoodAssumptions based approach is proposed: Assumptions based approach is proposed Risk Evaluation & Prioritisation Monitoring Risks & Assumptions Risk Planning Risk Plan Execution Risk Mgt Roles Requirement Issues Hazard checklist …. Work Plan & Budget External threats Internal weaknesses …. Projects are exposed to the risk of assumption failure: Projects are exposed to the risk of assumption failure Decisions are made based on limited information Working assumptions Conscious/Explicit Unconscious/Implicit (become evident later, or remain hidden) Working assumptions proven to be: True – will not disturb the project False – will disturb the project For every assumption the project makes there is an inherent risk that the assumption will not be trueIf hazard is project assumption failure, the risk grid axes become project sensitivity, assumption instability: If hazard is project assumption failure, the risk grid axes become project sensitivity, assumption instability A B C D A B C D project sensitivity to assumption failure assumption instability First catch your assumptions… ...then assess the associated risk: First catch your assumptions… ...then assess the associated risk Broad search What could go wrong? Capture working assumptions Assess associated risk exposure Requirement Spec. Open Issues Hazard checklists Workplan Budget External threats Internal weaknesses External dependencies Stakeholders Business Case Project Assumptions and Project Risks need to be recorded in consolidated registers: Project Mgt. Risk Mgt. assumptions risks Project Assumptions and Project Risks need to be recorded in consolidated registersDocument assumptions in an Assumptions Register: Document assumptions in an Assumptions Register Assumption Identifier Project, Assumption Title & No. Assumption Description Sufficient to explain the nature of the assumption Associations Key Dependents, Associated Assumptions, References, Associated Risk No Registration Registration Date, Registered By, Project Mgr Closure Closure Comment, Closure Date, Closed By, Project Mgr assumption description associations closure assumption identifier registration Document risks in a Risk Register: Document risks in a Risk Register Risk Identifier & associations Project, Risk No., Assumption Title & No., Associated Risk Nos., Refs. Project Sensitivity (initial registration & subsequent re-evaluation) Explanation of the project’s sensitivity incl. the expected impact date, A-D score, Comment, Date, Risk Owner, Risk Mgr, Project Mgr. Assumption Instability Similar to ‘Project Sensitivity’ Closure Closure Comment, Closure Date, Closed By, Project Mgr project sensitivity assumption instability closure risk identifier & associationsHaving identified your risks, you need to manage them: Having identified your risks, you need to manage them too many risks... ...which one first? risk plan ...what’s that? ...what do I do? ...what do I do? Risk Prioritisation Risk Plans Roles & Responsibilities Execution & MonitoringRisk Management is a bit like playing ‘space invaders’ (Hugh Lake): Risk Management is a bit like playing ‘space invaders’ (Hugh Lake) Threats of different size approach closer and closer Aim is to defend your patch… but with limited ammo Which one to attack next? Deciding which risks to ‘attack’ is a complex decision: Deciding which risks to ‘attack’ is a complex decision So many risks… which should I attack? consider size, ie. risk exposure consider timing… when will it ‘hit’? How effective would an attack be? how will I deal with each risk? what chance that it’ll work? how much residual risk exposure? What about the cost? Will attacking a risk be worth the cost? Can I afford to attack a particular risk? Can I afford not to attack that risk? How do we ‘attack’ risks? Risk Handling Techniques – four main categories: Risk Handling Techniques – four main categories proactive Risk Plans reactive Risk Plans Risk mitigation is based on two basic strategies: Risk mitigation is based on two basic strategies Basic strategies stabilise the assumption de-sensitise the project Recommend developing at least two candidate risk plans Risk plan might combine assumption stabilisation and project de-sensitisation A B C D A B C D project sensitivity assumption instability action required to de-sensitise action required to stabilise Exercise: Risk Management applied to House Burglary: Exercise: Risk Management applied to House Burglary Background You’ve just moved to a new town and you’ve a 1001 things to sort out You learn that a number of burglaries have taken place in your new neighbourhood. Do you lock your self in, and refuse leave your house? – No. You’ve got a life to lead! What is your working assumption?Exercise: Risk Management applied to House Burglary: Exercise: Risk Management applied to House Burglary Background You’ve just moved to a new town and you’ve a 1001 things to sort out You learn that a number of burglaries have taken place in your new neighbourhood. Do you lock your self in, and refuse leave your house? – No. You’ve got a life to lead! The principal working assumption is an implicit assertion ‘We will not get burgled today’. The assumption wasn’t ‘I might get burgled’ That isn’t an assumption, it’s an infallible truism. But your working assumption might be wrong! Failure of that working assumption constitutes the hazard. You’ve identified a risk. How are you going to manage it?Here’s a heap of ‘risk plans’… assign each to a category of risk handling technique: Here’s a heap of ‘risk plans’… assign each to a category of risk handling technique Risk avoidance … … Risk mitigation (stabilise the assumption) … … Risk mitigation (de-sensitise impact) … … Risk transfer … … Risk retention … … keep stock of glass, timber to repair windows store valuable items in a safe, or at bank adopt non-materialistic philosophy arrange house contents insurance install extra high-security locks take any burglary ‘on the chin’ move away to safer district install a burglar alarm buy a big, noisy dog buy a quiet crocodile …what else?Categorised Risk Plans: Categorised Risk Plans Risk avoidance move away to safer district adopt non-materialistic philosophy Risk mitigation (stabilise the assumption) install extra high-security locks install a burglar alarm buy a big, noisy dog Risk mitigation (de-sensitise impact) store valuable items in a safe, or at bank buy a quiet crocodile Risk transfer arrange house contents insurance Risk retention keep stock of glass, timber to repair windows take any burglary ‘on the chin’Risk Management places extra responsibilities on the Steering Committee and Project Mgr: Risk Management places extra responsibilities on the Steering Committee and Project Mgr Steering Committee/senior management Project Manager Approve plans & allocate resources Monitor progress Approve closure Ensure risks identified/captured Assumption & risk registers Agree monitoring Reports critical risks Reports results Accounts for risk budget Risk budget RM places responsibilities on the Steering Committee and Project Mgr and introduces two new roles: Risk Managers and Risk Owners: Draw up plans Run the plan Close plan RM places responsibilities on the Steering Committee and Project Mgr and introduces two new roles: Risk Managers and Risk Owners Steering Committee/senior management Project Manager Risk Owner Risk Manager Approve plans & allocate resources Monitor progress Approve closure Appoint & empower Risk Mgrs Ensure risks identified/captured Assumption & risk registers Agree monitoring Appoint Risk Owners Confirm/review risks Agree the aim Monitor plans Stop plans Reports critical risks Reports results Accounts for risk budget delegation & empowerment report report Risk budget Identify & appoint external Risk Owners & Risk Mgrs agreeWhat happens after you have prioritised the risks and selected the risk plans?: What happens after you have prioritised the risks and selected the risk plans? Monitoring Assumptions & Risks Kicking-off Risk Plans Closing Risk Plans Developing & Selecting Risk Plans Prioritising Risks Running the Risk Plan Summary: Summary Risk as a product of hazard likelihood and hazard impact Risk Management relative to Project Management Proactive, Assumptions-based approach Assumption-failure as the source of project risk Integrated assumption & risk registers Complexity of deciding what risks to attack Risk handling: avoidance, mitigation, transfer, retention Devolved Risk Management organisation - responsibility and ownership devolved throughout, and outside, the project team Questions Annexe: AnnexeProjects have many stakeholders… …with interlinked objectives: Projects have many stakeholders… …with interlinked objectives Many stakeholders interdependent network of objectives failure doesn’t stay put Know your stakeholders identify them understand their objectives what is success/failure for them? Employees Community Vendors Customers Finance Users Executives project What happens after you have prioritised the risks and selected the risk plans: What happens after you have prioritised the risks and selected the risk plans Monitoring Assumptions & Risks Kicking-off Risk Plans Closing Risk Plans Developing & Selecting Risk Plans Running the Risk Plan Prioritising Risks Project Manager has to ensure that: Budget is agreed with the Risk Manager Success and closure criteria are agreed in advance with the Risk Owner and Risk Manager Roles & Responsibilities are agreed and published for all personnel involved in the risk plan Commitment of external owners, points of contact and champions, is agreed in advance. What happens after you have prioritised the risks and selected the risk plans: What happens after you have prioritised the risks and selected the risk plans Monitoring Assumptions & Risks Kicking-off Risk Plans Closing Risk Plans Running the Risk Plan Prioritising Risks Nominated Risk Manager: Manages execution of the risk plan Agrees with the Risk Owner progress against the plan Reports progress using the monitoring system agreed with the Project Manager What happens after you have prioritised the risks and selected the risk plans: What happens after you have prioritised the risks and selected the risk plans Kicking-off Risk Plans Closing Risk Plans Running the Risk Plan Prioritising Risks A risk plan must be stopped & closed when: it has achieved its objectives it is seen to be failing, or it has failed it is no longer necessary Closing is relatively easy if, when launched, the plan has clear objectives and clear success criteria What happens after you have prioritised the risks and selected the risk plans: What happens after you have prioritised the risks and selected the risk plans Monitoring Assumptions & Risks Kicking-off Risk Plans Closing Risk Plans Running the Risk Plan Prioritising Risks The lists of assumptions and risks need to be reviewed regularly. Are any changes occurring internally, or externally to the project which could alter project’s sensitivity to the assumption stability of the assumption expected hazard impact date You do not have the permission to view this presentation. In order to view it, please contact the author of the presentation.
140103 The_Rock Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINTLite Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 136 Category: Entertainment License: All Rights Reserved Like it (0) Dislike it (0) Added: October 10, 2007 This Presentation is Public Favorites: 0 Presentation Description No description available. Comments Posting comment... Premium member Presentation Transcript ‘Managing Risk, Space Invaders and your friendly, neighbourhood Burglar an introduction to an assumptions-based approach to project Risk Management : ‘Managing Risk, Space Invaders and your friendly, neighbourhood Burglar an introduction to an assumptions-based approach to project Risk Management presentation to Kingston and Croydon branch of the BCS 14-Jan-2003 David GalleyIntroduction: Introduction Basic approach to project risk management Proactive + Devolved + Simple to understand Presentation Content Risk Risk Management (vs Project Management) Assumptions-based approach Identifying Assumptions Registers Risk Evaluation & Prioritisation Risk Plans Roles & Responsibilities Execution QuestionsRisk combines notions of hazard and uncertainty: impact if hazard occurs likelihood of hazard occurring low risk high risk Risk combines notions of hazard and uncertainty contours of equal risk exposure.Relative risk exposure can be represented on a 4*4 ‘risk grid’: Relative risk exposure can be represented on a 4*4 ‘risk grid’ A B C D A B C D impact if hazard occurs likelihood of hazard occurring high risk low risk intermediate riskRisk Management is an integral part of Project Mgt …but different : Risk Management is an integral part of Project Mgt …but different (rest of) project mgt. project definition project structuring planning cost/schedule statusing project control …in what way is Risk Mgt different? risk managementNeed for Risk Management arises from uncertainty: Need for Risk Management arises from uncertainty (rest of) project management risk management certain impossible obstacle likelihoodAssumptions based approach is proposed: Assumptions based approach is proposed Risk Evaluation & Prioritisation Monitoring Risks & Assumptions Risk Planning Risk Plan Execution Risk Mgt Roles Requirement Issues Hazard checklist …. Work Plan & Budget External threats Internal weaknesses …. Projects are exposed to the risk of assumption failure: Projects are exposed to the risk of assumption failure Decisions are made based on limited information Working assumptions Conscious/Explicit Unconscious/Implicit (become evident later, or remain hidden) Working assumptions proven to be: True – will not disturb the project False – will disturb the project For every assumption the project makes there is an inherent risk that the assumption will not be trueIf hazard is project assumption failure, the risk grid axes become project sensitivity, assumption instability: If hazard is project assumption failure, the risk grid axes become project sensitivity, assumption instability A B C D A B C D project sensitivity to assumption failure assumption instability First catch your assumptions… ...then assess the associated risk: First catch your assumptions… ...then assess the associated risk Broad search What could go wrong? Capture working assumptions Assess associated risk exposure Requirement Spec. Open Issues Hazard checklists Workplan Budget External threats Internal weaknesses External dependencies Stakeholders Business Case Project Assumptions and Project Risks need to be recorded in consolidated registers: Project Mgt. Risk Mgt. assumptions risks Project Assumptions and Project Risks need to be recorded in consolidated registersDocument assumptions in an Assumptions Register: Document assumptions in an Assumptions Register Assumption Identifier Project, Assumption Title & No. Assumption Description Sufficient to explain the nature of the assumption Associations Key Dependents, Associated Assumptions, References, Associated Risk No Registration Registration Date, Registered By, Project Mgr Closure Closure Comment, Closure Date, Closed By, Project Mgr assumption description associations closure assumption identifier registration Document risks in a Risk Register: Document risks in a Risk Register Risk Identifier & associations Project, Risk No., Assumption Title & No., Associated Risk Nos., Refs. Project Sensitivity (initial registration & subsequent re-evaluation) Explanation of the project’s sensitivity incl. the expected impact date, A-D score, Comment, Date, Risk Owner, Risk Mgr, Project Mgr. Assumption Instability Similar to ‘Project Sensitivity’ Closure Closure Comment, Closure Date, Closed By, Project Mgr project sensitivity assumption instability closure risk identifier & associationsHaving identified your risks, you need to manage them: Having identified your risks, you need to manage them too many risks... ...which one first? risk plan ...what’s that? ...what do I do? ...what do I do? Risk Prioritisation Risk Plans Roles & Responsibilities Execution & MonitoringRisk Management is a bit like playing ‘space invaders’ (Hugh Lake): Risk Management is a bit like playing ‘space invaders’ (Hugh Lake) Threats of different size approach closer and closer Aim is to defend your patch… but with limited ammo Which one to attack next? Deciding which risks to ‘attack’ is a complex decision: Deciding which risks to ‘attack’ is a complex decision So many risks… which should I attack? consider size, ie. risk exposure consider timing… when will it ‘hit’? How effective would an attack be? how will I deal with each risk? what chance that it’ll work? how much residual risk exposure? What about the cost? Will attacking a risk be worth the cost? Can I afford to attack a particular risk? Can I afford not to attack that risk? How do we ‘attack’ risks? Risk Handling Techniques – four main categories: Risk Handling Techniques – four main categories proactive Risk Plans reactive Risk Plans Risk mitigation is based on two basic strategies: Risk mitigation is based on two basic strategies Basic strategies stabilise the assumption de-sensitise the project Recommend developing at least two candidate risk plans Risk plan might combine assumption stabilisation and project de-sensitisation A B C D A B C D project sensitivity assumption instability action required to de-sensitise action required to stabilise Exercise: Risk Management applied to House Burglary: Exercise: Risk Management applied to House Burglary Background You’ve just moved to a new town and you’ve a 1001 things to sort out You learn that a number of burglaries have taken place in your new neighbourhood. Do you lock your self in, and refuse leave your house? – No. You’ve got a life to lead! What is your working assumption?Exercise: Risk Management applied to House Burglary: Exercise: Risk Management applied to House Burglary Background You’ve just moved to a new town and you’ve a 1001 things to sort out You learn that a number of burglaries have taken place in your new neighbourhood. Do you lock your self in, and refuse leave your house? – No. You’ve got a life to lead! The principal working assumption is an implicit assertion ‘We will not get burgled today’. The assumption wasn’t ‘I might get burgled’ That isn’t an assumption, it’s an infallible truism. But your working assumption might be wrong! Failure of that working assumption constitutes the hazard. You’ve identified a risk. How are you going to manage it?Here’s a heap of ‘risk plans’… assign each to a category of risk handling technique: Here’s a heap of ‘risk plans’… assign each to a category of risk handling technique Risk avoidance … … Risk mitigation (stabilise the assumption) … … Risk mitigation (de-sensitise impact) … … Risk transfer … … Risk retention … … keep stock of glass, timber to repair windows store valuable items in a safe, or at bank adopt non-materialistic philosophy arrange house contents insurance install extra high-security locks take any burglary ‘on the chin’ move away to safer district install a burglar alarm buy a big, noisy dog buy a quiet crocodile …what else?Categorised Risk Plans: Categorised Risk Plans Risk avoidance move away to safer district adopt non-materialistic philosophy Risk mitigation (stabilise the assumption) install extra high-security locks install a burglar alarm buy a big, noisy dog Risk mitigation (de-sensitise impact) store valuable items in a safe, or at bank buy a quiet crocodile Risk transfer arrange house contents insurance Risk retention keep stock of glass, timber to repair windows take any burglary ‘on the chin’Risk Management places extra responsibilities on the Steering Committee and Project Mgr: Risk Management places extra responsibilities on the Steering Committee and Project Mgr Steering Committee/senior management Project Manager Approve plans & allocate resources Monitor progress Approve closure Ensure risks identified/captured Assumption & risk registers Agree monitoring Reports critical risks Reports results Accounts for risk budget Risk budget RM places responsibilities on the Steering Committee and Project Mgr and introduces two new roles: Risk Managers and Risk Owners: Draw up plans Run the plan Close plan RM places responsibilities on the Steering Committee and Project Mgr and introduces two new roles: Risk Managers and Risk Owners Steering Committee/senior management Project Manager Risk Owner Risk Manager Approve plans & allocate resources Monitor progress Approve closure Appoint & empower Risk Mgrs Ensure risks identified/captured Assumption & risk registers Agree monitoring Appoint Risk Owners Confirm/review risks Agree the aim Monitor plans Stop plans Reports critical risks Reports results Accounts for risk budget delegation & empowerment report report Risk budget Identify & appoint external Risk Owners & Risk Mgrs agreeWhat happens after you have prioritised the risks and selected the risk plans?: What happens after you have prioritised the risks and selected the risk plans? Monitoring Assumptions & Risks Kicking-off Risk Plans Closing Risk Plans Developing & Selecting Risk Plans Prioritising Risks Running the Risk Plan Summary: Summary Risk as a product of hazard likelihood and hazard impact Risk Management relative to Project Management Proactive, Assumptions-based approach Assumption-failure as the source of project risk Integrated assumption & risk registers Complexity of deciding what risks to attack Risk handling: avoidance, mitigation, transfer, retention Devolved Risk Management organisation - responsibility and ownership devolved throughout, and outside, the project team Questions Annexe: AnnexeProjects have many stakeholders… …with interlinked objectives: Projects have many stakeholders… …with interlinked objectives Many stakeholders interdependent network of objectives failure doesn’t stay put Know your stakeholders identify them understand their objectives what is success/failure for them? Employees Community Vendors Customers Finance Users Executives project What happens after you have prioritised the risks and selected the risk plans: What happens after you have prioritised the risks and selected the risk plans Monitoring Assumptions & Risks Kicking-off Risk Plans Closing Risk Plans Developing & Selecting Risk Plans Running the Risk Plan Prioritising Risks Project Manager has to ensure that: Budget is agreed with the Risk Manager Success and closure criteria are agreed in advance with the Risk Owner and Risk Manager Roles & Responsibilities are agreed and published for all personnel involved in the risk plan Commitment of external owners, points of contact and champions, is agreed in advance. What happens after you have prioritised the risks and selected the risk plans: What happens after you have prioritised the risks and selected the risk plans Monitoring Assumptions & Risks Kicking-off Risk Plans Closing Risk Plans Running the Risk Plan Prioritising Risks Nominated Risk Manager: Manages execution of the risk plan Agrees with the Risk Owner progress against the plan Reports progress using the monitoring system agreed with the Project Manager What happens after you have prioritised the risks and selected the risk plans: What happens after you have prioritised the risks and selected the risk plans Kicking-off Risk Plans Closing Risk Plans Running the Risk Plan Prioritising Risks A risk plan must be stopped & closed when: it has achieved its objectives it is seen to be failing, or it has failed it is no longer necessary Closing is relatively easy if, when launched, the plan has clear objectives and clear success criteria What happens after you have prioritised the risks and selected the risk plans: What happens after you have prioritised the risks and selected the risk plans Monitoring Assumptions & Risks Kicking-off Risk Plans Closing Risk Plans Running the Risk Plan Prioritising Risks The lists of assumptions and risks need to be reviewed regularly. Are any changes occurring internally, or externally to the project which could alter project’s sensitivity to the assumption stability of the assumption expected hazard impact date