I have never been a big fan of adding another layer of bureaucracy to an organization. But this fact remains: A formalized risk management plan could save you a lot of headaches and cash. Even if your company lacks the resources to dedicate any full-time employees to assessing project risks, risk management should be an official part of your precoding development efforts.

Risk management includes activities, such as technical and economic feasibility, as well as a detailed vulnerability list and the impact of failure. For example, strong reliance on a third-party provider for rolling out your electronic data interchange (EDI) could mean that an external party has the power to derail critical communications with business partners.

What are some signs that you need risk management?

  • Ballpark estimates are the rule. I have ranted before on this topic, and I’ll say it again: ballparking it is practically a one-way ticket to put you and your team on the wrong side of an unrealistic commitment.
  • Risk management can quantify the dangers. The worst kind of project lead agrees to every condition that the business driver tosses out. So when they ask how long it will take to upgrade the payroll system, a detailed risk analysis can give you an accurate time frame.
  • You have virtual stacks of historical data not earning its keep. The problem with archived data is that nobody bothers to analyze it. Thoroughly mining past data can help you project future trends.
  • Your company’s senior team thinks you’re doing okay, so you don’t have any risks to manage. Don’t deceive yourself into thinking that risk management is important only for companies on the verge of shutting their doors. Risk management can help fiscally sound companies fortify themselves so they can stay sound, even if something drastic happens.

Rolling out a risk management scheme may seem like extra work—and it is. But it is extra work that could save you from the corporate version of the Blue Screen of Death.

A game of chance

Does your company have a formal risk management plan? Does it work? Contact the editors or post a comment below.