Risk
management has its own international standard (IS0 31000) built upon the ANZ
standard that preceded it. It's also a core function in the Project Management Body of Knowledge published by the Project Management Institute. Our experience conducting RegPM assessments for the AIPM has show it is not,
however, something that is practiced very often by most project managers. Most
project managers though, would be aware of the process:
-Identify
potential threats to your project
-Assess
their likelihood and consequence
-Develop
contingency plans
-Execute
said plans
-Monitor
-Course
correct.
Unfortunately,
most project managers only ever get to the ‘assess their likelihood and
consequence’ stage and even then, it’s usually only at the start of the project
lifecycle or when a new team is formed. We believe there are a few reasons behind this.
Firstly, risks identified at the start of a project are recorded into a MS Word
document and then stored on a server, never to see the light of day again.
Secondly, when there is intent to manage risks, it gets included as an agenda
item in the notoriously tedious weekly project meetings,
where it will usually sit at the bottom of the list. Being the last item on the
agenda is never a good thing, all the progress updates consume every minute of the meeting, which leaves the risks
to be looked at ‘next time.’ Naturally and predictably, tomorrow never comes,
and even if it does, full mitigation is never developed again because people
run out of time.
Mitigation
actions appear in a user’s ‘my work’ summary list.
Risks can
be added to by anyone on the team at any point in time. Re-rating risks
dynamically updates risk trend graphs that track the success/ or failure of
risk mitigation strategies over time, which will help to better the quality and
outcomes of a project.
No comments:
Post a Comment