If you are interested in managing projects, you'll have to get comfortable with managing risks. Here's how, when and how to create a risk management plan.
Project risks can come from internal or external factors. They can be the result of human action or inaction, technological error or interference, natural disasters, compliance changes, or any environmental change. But if you have a well-prepared plan in place, you have a better chance of preventing disaster or at least making it less painful.
SEE: Project failure: 10 excuses your boss doesn't want to hear (free PDF) (TechRepublic)
What is a risk management plan?
A risk management plan is a document prepared by a project manager to identify, document, and prioritize all possible risks. It also spells out how to deal with each risk if it occurs. The best way to assess your risk while building your plan is with a risk matrix.
When should a risk management plan be created?
Closely monitoring and managing risks can be stressful at the best of times. So, to be effective in your role as a project manager or risk manager, you'll need to identify and start managing potential risks from day one.
Project managers should start identifying any potential risks during the planning stage of a project. Using a risk assessment matrix to document potential risks, a project manager and their team will document all risks that could surface throughout the project and identify the potential damage and frequency of each.
Two factors to consider: Risk and change
When evaluating risks and identifying all possible strategies, it's essential to factor in not just the types of risk but also whether your risk management is impacted heavily by change. These two factors shouldn't be taken lightly.
- Types of risk
The significance of planning for these risks is one of the most crucial activities because risk can be a multi-layered concern. Today, organizations conduct business in an environment of constant change that tends to over-complicate project work and daily operations. As a result, organizations face multi-level risks as well as organizational-level risks, with both overlapping at times. Prosci's Tim Creasey shared the risks of poorly managed change.
- Active or passive resistance
- Projects that are put on hold
- Unavailable resources
- Unexpected and sudden obstacles
- Unrealized results
- Abandoned projects
- Impact on customers
- Impact on suppliers
- Declining morale
- A legacy of failed change
- Stress, confusion, and fatigue
- Change saturation
Late detection and management of risks can cost organizations dearly through missed objectives, poor quality, budget overages, and failed projects.
Change has a way of making risk management a moving target. One of the more overlooked factors in risk management is constantly changing environments. To be effective, risk management has to be an ongoing exercise of monitoring the organization's and project's internal and external environment, and re-evaluating the potential risks and strategies.
When you identify types of risk and factor in change when developing strategies, the potential cost to your project and organization is drastically reduced. This can give you and your team a greater chance of delivering the results your customers expect, no matter what comes along.
- How to become a CIO: A cheat sheet (TechRepublic)
- How to develop your IT team's capabilities (TechRepublic download)
- Policy pack: Workplace ethics (TechRepublic Premium)
- ZDNet's top enterprise CEOs of the 2010s (ZDNet)
- 6 ways to delete yourself from the internet (CNET)
- Best to-do list apps for managing tasks on any platform (Download.com)
- CXO: More must-read coverage (TechRepublic on Flipboard)