This is a third process of planning project risks
whereby the identified risks are prioritized after assessing and combining their probability
of occurrence and impact on the project. It helps to know which risks need more
attention than the other. The process can therefore lead into performing
quantitative risk analysis or direct into planning risk responses.
The inputs to refer are:
- Risk Management Plan whereby the elements used in the process such as roles and responsibility for conducting risk management, budget, risk categories, probability and impact matrix, stakeholders’ risk tolerance etc are stated.
- Scope Baseline whereby the scope for common projects have more well understood risks while the scope for new type of projects with complexity have more uncertainties.
- Risk Register whereby the list of identified risks are used for assessment and prioritization
- Enterprise Environmental Factors whereby through risk specialists and other sources, some insights can be provided
- Organizational Process Assets whereby previous projects can provide some information about the process
The Perform Qualitative Risk Analysis process can be
done by:
- Assessing Risk Probability and Impact through meetings and interviews with the persons who are familiar and knowledgeable with risk categories. They will assess the likelihood of risk occurrence and its potential effect on the project scope, cost, time, quality and performance. Both negative effects for threats and positive effects for opportunities will be also included. Then the risks will be rated according to the definitions provided in the Risk Management Plan.
- Using Probability and Impact Matrix or look-up table whereby after rating the risks in relative and numerical form depending on the Organizational preference, they will be then classified into high risk, moderate risk and low risk. The high risk will need more priority actions and response strategies, while the low risk will be put in contiguous reserve and monitored.
- Assessing Risk Data Quality whereby the data about risk is evaluated and understood in terms of accuracy, quality and reliability.
- Categorizing Risk using Work Breakdown Structure, Risk Breakdown Structure, Project phases or common root causes in order to develop effective risk responses.
- Assessing Risk Urgency through symptoms, warning signs, time to affect the risk response, risk rating and probability of detecting the risk.
- Gathering expert judgment through workshops and interviews in order to determine and assess the probability and impact of the risks
The output of the process is an updated project
document such as risk register with probability and impacts for the identified
risks, risk ranking, risk urgency etc.
References:
PMI (2013). A Guide to the Project Management Book of Knowledge (PMBOK Guide 5th Ed.) USA, Project Management Institute
https://scrumstudy.wordpress.com/2014/08/27/scrum-master-how-are-risks-assessed-in-a-scrum-project/
http://rmsgroupholdings.com/risk-management/
No comments:
Post a Comment