Methodology essay paper
Methodology
ORDER A PLAGIARISM FREE PAPER NOW
PROJECT RISK MANAGEMENT PROCESS
One of the most significant issues a project manager must Methodology be dealing with is risk, especially in the healthcare environment. The Business Dictionary defines risk as the “probability or threat of a damage, injury, liability, loss, or other negative occurrence, caused by external or internal vulnerabilities, and which may be neutralized through pre-meditated action.”
KRMC follows a risk management approach that includes project, program, and portfolio risk management. This document discusses project risk management.
• For a high-level overview of the risk management approach, click here.
• For details on program and portfolio risk management, click here.
• For an in depth look at overall risk management system, visit the KRMC Risk Management System on the SharePoint project management TeamSite.
KRMC’s process for managing uncertainty Methodology that could have a negative or positive impact is as follow:
Process
The first step in project risk occurs when the project sponsor or project manager provides an initial risk rating for the project in the project charter. This initial rating is before risks are identified and evaluated in detail. Once the project is kicked off, the project team should proceed with the detailed project risk management process.
The first step in project risk management is to create a risk management plan that includes:
• Introduction
• Risk Strategy
• Methodology
o Plan Risk Management
o Identify Risks
o Perform Qualitative Risk Analysis
o Perform Quantitative Risk Analysis Methodology
o Plan Risk Responses
o Implement Risk Responses
o Monitor Risks (PMI, 2017)
• Roles and Responsibilities
• Funding
• Timing
• Risk Categories
For details on the specifics of these steps, see the template for the Project Risk Management Plan.
Risk Identification
Risk identification can come from several activities. Running the risk identification meeting as a brainstorming session is a very effective technique. One source of project risk identification is the Project Kickoff pre-work and meeting. Prior to the project kick-off, the project manager will share the risk management plan with the project team for review. As a project team members review the plan, it is expected that they will identify potential risks. Those risks should be emailed to the project manager prior to the project kick-off. The project manager will then present the list of risks or risk categories submitted to the project team review and disposition at the project kick-off. The risk register will be created from the template provided on the SharePoint project site. It is extremely important to have an on-going risk identification process by holding risk assessment sessions during different phases of the project.
Risk Assessment
Risk assessment will determine quantitatively and qualitatively the value of risk related to a specific situation and will recognize the threat. The assessment will measure the probability of a risk becoming a reality. Once the risks are identified, the project manager in collaboration with the project team members, will assess all risk qualitatively and quantitatively.
The quantitative process determines what impact the identified risk will have on the project and the probability they’ll occur. This process can be time consuming, therefore, is not always used.
The qualitative assessment process includes scoring the risk on a scale of 1-5 in two area, impact and likelihood. The impact score reflects the severity of the impact within the category assigned to the risk – project schedule, cost, resources, quality, and scope or user acceptance – if the risk is realized. Likelihood reflects the probability that the risk will be realized. The project will follow the scales shown below for rating impact and likelihood of risks. All risks are categorized in the risk register as shown.
Impact
4-5 (High)
Schedule slip > 20%
Budget overrun by > 10%
Resource requirements >10%
User acceptance unlikely
Quality guidelines will not be met by > 90%
3 (Moderate)
Schedule slip > 10%
Budget overrun by > 5%
Resource requirements >5%
User acceptance questionable
Some Quality guidelines will not be met by > 50%
1-2 (Low)
Schedule slip < 5%
Budget overrun by < 5%
Resource requirements < 5%
User acceptance is likely with some negotiating
Most Quality guidelines will be met by > 90%
Likelihood
4-5 (High)
Realization of this risk is inevitable. Risk mitigation is weak and there is minimal to no effective contingency plan.
3 (Moderate)
Realization of the risk is likely. Risk mitigation does not cover all areas of the risk; contingency plans are inadequate.
1-2 (Low)
Realization of the risk is unlikely but still possible. The mitigation plan is strong, the contingency plan is effective.
For ongoing risk assessment, the project manager will review the risks at the project status meetings and make necessary changes to the risk register, as needed.
Risk Response Planning
The risk response planning involves determining ways to reduce or eliminate any threats to the project, and the opportunities to increase their impact. Once the risks are identified, a response strategy needs to be determined. The PMBOK has five responses for both negative and positive risks (PMI, 2017).
Negative risk response: Escalate, Avoid, Mitigate, Transfer, Accept.
Positive risk response: Escalate, Exploit, Enhance, Share, Accept.
Negative Risk Response
• Risk Escalation process clarifies the boundaries and channels of decision-making throughout an organization in order to solve the problem quickly and with clarity. To make risk escalation work we need clear thresholds between the different levels in the organization, so everyone knows where each risk belongs, without confusion or ambiguity.
• Risk Avoidance process focuses on eliminating the cause and thus, eliminating the threat. Risk avoidance is an approach that eliminates any exposure to risk that poses a potential loss.
• Risk Mitigation is the process that reduces risk exposure and minimizes the likelihood of an incident. There are risks that cannot be eliminated. However, their impact can be reduced. Mitigation often takes the form of controls, or processes and procedures that regulate and guide an organization.
• Risk Transfer is a risk reduction method that shifts the risk from the project to another party. Purchasing insurance, warranties, guarantees, etc. are examples of risk transfer. The risk is transferred from the project to an insurance company. The purpose of risk transfer is to pass the financial liability of risk, like legal expenses, damages awarded and repair costs, to the party who should be responsible should an accident occur.
• Risk Acceptance allows the risk to remain and deal with the consequences if it happens. The project team does not change the project plan to deal with the risk or is unable to identify other risk response strategy for a risk occurrence event. This strategy can be passive where the project team decides to deal with the risk if it occurs.
Positive Risk Response
• Risk Escalation process clarifies the boundaries and channels of decision-making throughout an organization in order to solve the problem quickly and with clarity. To make risk escalation work we need clear thresholds between the different levels in the organization, so everyone knows where each risk belongs, without confusion or ambiguity.
• Risk Exploitation seeks to eliminate the uncertainty by making the opportunity happen. A direct response will include making positive decisions to include an opportunity in the project scope or baseline, removing the uncertainty over whether it might be achieved or not, and making sure the potential opportunity is locked into the project.
• Risk Enhancement is a risk response strategy aimed to increase the probability of a positive risk occurrence. This approach involves trying to increase the chances that a potentially positive event will occur.
• Risk Sharing will allow working with others outside of the project who could also benefit and exploit it. Allocating ownership to a third party will increase the potential benefits both in terms of maximizing and increasing the probability of occurrence.
• Risk Acceptance allows the risk to remain and deal with the consequences if it happens. The project team does not change the project plan to deal with the risk or is unable to identify other risk response strategy for a risk occurrence event. This strategy can be passive where the project team decides to deal with the risk if it occurs.
Mitigation Plan
When the project manager creates the risk register, he or she will create mitigation plans with help from the project team members. Each week the project manager will review the risk register to ensure the mitigation plans are still correct and being applied by the appropriate project team members where necessary. If a mitigation plan is not working as expected, the project manager will raise the concern to the appropriate project team members and adjust the mitigation plan accordingly. All medium and high risks need mitigation plans. Low risks should be entered in the risk register completing the description, impact, and likelihood at a minimum. The creation of mitigation plans is at the discretion of the project manager.
Risk Response Implementation
While the project is progressing, the project manager will implement the risk response selected. If a risk is realized, the contingency plan needs to be activated. The purpose of this process is to ensure that each of the risks identified has appropriate actions or plans to mitigate or avoid risks before it happens.
Contingency Plan
When risks are identified, the project manager needs to create contingency plans and enter them into the risk register. Contingency plans are those activities that will be completed if the risk is realized. Contingency plans should be created as soon as the risk is identified; not when the risk is realized. The project manager will ensure that the appropriate contingency plan is activated if a risk is realized. The exact steps to follow will depend on the contingency plan. All medium and high risks need contingency plans. Low risks should be entered in the risk register completing the description, impact, and likelihood at a minimum. The creation of contingency plans for low risks is at the discretion of the project manager.
Some contingency plans cost money. The contingency plan costs should be entered when the risk is realized. Contingency funds for a project are either based on the sum of the individual contingency costs or a percentage of the project.
Monitoring Risks
The project manager will review project risks at the project team meetings and discuss the mitigation and contingency plans. Any change in the project activities may require adjustments to the risk register and can be made at that time. The project manager will also report the status of the medium and high risk on the periodic project status report. In addition, during the Initiation phase of the project, risk items of medium and high status will be added to the project mandate by the project manager prior to requesting execution phase approval.
Closing Risks
Once a risk is mitigated or is realized it will remain in the risk register but set to closed status. The project team will review the risk register as part of the lessons learned. At the end of the project, the project manager will close all risks and archive the risk register.
