Posts

Methodology essay paper

/in /by

Methodology

ORDER A PLAGIARISM FREE PAPER NOW

PORTFOLIO RISK MANAGEMENT PROCESS

Introduction
KRMC follows a risk management process that manages project, program, portfolio, and observatory risk. For a general overview of KRMC’s risk management process, click here. This document discusses Portfolio risk management only. For a more detailed look at the complete risk management system at KRMC, see KRMC Risk Management on the Project Management Knowledge Base. Methodology
Portfolio risk is defined here as the potential for loss due to uncertainty at the KRMC Portfolio level. The potential for Portfolio risk is found by assessing the Portfolio’s strategic objectives using the categories of strategic, operational, financial, and compliance.
There are two levels of risk:
• Strategic risk- risks identified at the portfolio level.
• Tactical risk- risks identified by management process or escalated from the portfolio component.
Process
Portfolio risk management includes:
• Risk identification
• Risk Assessment Methodology
• Risk Mitigation Plan and Execution
• Risk Monitoring
• Contingency Plan and Execution
• Closing Risks
Same process as both project and program risks but more focused on the strategic objectives of the Portfolio. To kick-off the Portfolio risk management process, the Portfolio leader will review the Portfolio’s strategic objectives with the Portfolio department leaders and create a risk management plan. The plan will specify what actions the Portfolio leader will take for risk management. Next, the Portfolio leader will start the risk identification process.
Risk Identification

Portfolio risk identification can occur through several activities. Portfolio leaders can brainstorm potential risks against the list of Portfolio strategic objectives, review the Portfolio’s program and project risks registers; and perform a Portfolio risk identification and assessment process. Risks identified should be documented in a Portfolio risk register, template found here. Methodology
Risk Assessment
Once the risks are identified, they need to be assessed and rated. Risks are evaluated on a scale of one to five for impact and likelihood. The Portfolio leader will complete the impact and likelihood columns in the risk register in collaboration with Portfolio department heads. The following risk tolerances provide guidance on completing the ratings. Tolerances should be adjusted for the Portfolio objectives.

Impact
4-5 (High)
Strategic vision will not be met
Operational impact will include a stop or near stop of some functionality
Financial loss will be nn% of budget
Compliance – noncompliance will exist

3 (Moderate)
Strategic vision will be partially met Methodology
Operational impact will include a slow down or inability to perform some functionality without workarounds
Financial loss will be nn% of budget
Compliance – noncompliance is likely

1-2 (Low)
Strategic vision will be met
Operational loss is manageable
Financial loss will be less than 1% of budget
Compliance – noncompliance is probable but can be mitigated

Likelihood

4-5 (High)
Realization of this risk is inevitable. Risk mitigation is weak and there is minimal to no effective contingency plan.

3 (Moderate)
Realization of the risk is likely. Risk mitigation does not cover all areas of the risk and contingency plans are inadequate.

1-2 (Low)
Realization of the risk is unlikely but still possible. Mitigation plan is strong, contingency plan is effective.

Internal Risk Control
The Portfolio risk register includes a column for internal risk controls. These controls are organizational processes or procedures that are part of the organizational operations or culture but not program or project specific. If any applicable internal controls exist, add the description to the risk register and rank its effectiveness. Effectiveness is rated on a scale of one to five with one being most effective and five having minimal effect.

Planning and Implementing Risk response

Mitigation Plan
Risk mitigation planning is the process of developing options and actions to enhance opportunities and reduce threats to project objectives. A mitigation plan attempts to decrease the chance of a risk occurring or decrease the impact of the risk if it occurs. It is implemented in advance.

Contingency Plan
A contingency plan in project management is defined as an actionable plan that is to be enacted if an identified risk becomes a reality. A contingency plan explains the steps to take after the identified risk occurs, in order to reduce impact. The Project Management Institute (PMI) defines contingency planning as, “involv[ing] defining action steps to be taken if an identified risk event should occur.” Contingency plans are not only put in place to anticipate when things go wrong — they can also be created to take advantage of strategic opportunities. If a risk is realized in the Portfolio leader will ensure that the appropriate contingency plan is activated. The exact steps will depend on the contingency plan.

Risk Monitoring
The Portfolio leader will review the Portfolio risk register on a quarterly basis with the Portfolio department leaders. At those meetings, the members will discuss the effectiveness of the mitigation and contingency plans and adjust the risk register, if necessary.
The Portfolio leader is also responsible to roll up all medium and high Portfolio risks to the KRMC EPMO Director for the organizational risk register, as requested. The KRMC EPMO Director will decide which risks are appropriate for the organizational risk register.

Closing Risks
Once a risk is mitigated or realized it will remain in the risk register but moved the closed status. Closing a risk is a formal process to which information on the risk being closed is documented.

 

Methodology essay paper

/in /by

Methodology

ORDER A PLAGIARISM FREE PAPER NOW

 

Program Risk Management Plan

for

 

 

[Program]

 

 

[Program Manager]

 

 

Methodology

 

 

 

 

Table of Contents

 

 

Methodology

 

 

[How to Use this template – This template includes all the required sections for the program risk management plan with sample wording. The program manager will complete this plan and then delete any text shown in [ ]s.  Additional sections can be added to the program risk management plan as deemed necessary by the program manager.]

 

Program Risk Process

 

The [program name] Risk Management process includes identifying, assessing, monitoring, risk response planning and implementation (mitigation and contingency planning) and closing risks.  Risks will be evaluated against the program metrics.  To begin the program risk management process for this program, the program manager will create program metrics and review them with the project managers in the program. Once the metrics are established, risk identification will begin. Methodology

The begin program risk identification each project manager will provide the program manager with the project risk register for evaluation of all the project risks to the program metrics. Next, the program manager will brainstorm potential risks to the program based on the metrics. The program manager will then create a risk register for review by the program’s project managers. The risk register will follow the template provided on the Project Management Knowledge Base. The program manager owns the assessment, monitoring, mitigation, and contingency activities of these risks.

 

[Include this paragraph if the optional project identification and assessment process was used on any of the program’s projects.]

Project managers have the option to perform a risk identification and assessment process, recommended for large projects, that includes interviews with project team members.  For this program, we have chosen to complete that process for [some / all] of our projects.  This process results in a report that is another source for risk identification for this program. The reports created will be reviewed by the program manager for program risk identification.

 

Finally, the program manager will review the risk register on at least a monthly basis to ensure mitigation plans are effective. The program manager will make necessary changes to the risk register at the program status meetings, including changes to impact and likelihood, mitigation strategy, contingency plans, and close risk as required. Once the program is completed, the program manager will close all individual risks and the risk register.  The program manager owns the assessment, monitoring, mitigation, and contingency planning of these risks.

 

 

Budgeting

 

This program will require funding for risk management for:

  • Travel to XXX to perform risk interviews and mitigation,
  • Contingency funds,
  • Reason 3

The expected cost is $nnnn.nn.

 

[If there is no specific funding required for risk management, delete this section.]

 

Risk Register Scoring and Interpretation

 

Risks will be scored on a scale of 1-5 in two areas, impact and likelihood. The impact score reflects the impact to the category of the risks based on program metrics.  For example, recommended instrument metrics are research knowledge base, program delivery, community satisfaction, public outreach, and quality. Likelihood reflects the probability that the risk will be realized. This program will use the following scales for rating impact and likelihood of risks.

[The program manager can adjust the numbers and categories below according to stakeholder risk tolerances.]

 

Impact

 

4-5 (High)

User experience – satisfaction unlikely

Integrated data < 10%

Security > nn events expected

Program delivery (schedule slip) > 10%

Quality guidelines will not be met

 

3 (Medium)

User experience – satisfaction questionable

Integrated data < 30%

Security > nn events

Program delivery (schedule slip) > 5%

Some quality guidelines will not be met

 

1-2 (High)

User experience – satisfaction likely but work-arounds required

Integrated data > 70%

Security < nn events

Program delivery (schedule slip) > 1%

Most quality guidelines will be met

 

Likelihood

 

4-5 (High)

Realization of this risk is inevitable. Risk mitigation is weak; there is minimal to no effective contingency plan.

 

3-4 (Moderate)

Realization of the risk is likely. Risk mitigation does not cover all areas of the risk; contingency plan is inadequate.

 

1-2 (Low)

Realization of the risk is unlikely but still possible. Mitigation plan is strong, contingency plan is effective.

 

 

Mitigation and Contingency Plans

 

The program manager will include mitigation and contingency plans, with an effectiveness rating on the mitigation plans, in the program risk register.  Contingency plans will be outlined as soon as the risk is identified and not delayed until the risk is realized.

 

If a risk is realized the program manager will ensure that the appropriate contingency plan is activated. The exact steps will depend on the contingency plan.

 

 

Reporting Formats

 

The program manager will create the risk register and ensure that the register is available on the program team site found in the Project Management Knowledge Base. The program manager will include the status of the medium and high risk on the periodic program status report.  The program manager will also report all medium and high risks to the division associate director.

 

 

Timing

 

The risk register will be kept on the Project Management Knowledge Base in the program site and kept up to date by the program manager. All team members and sponsor(s) will have access to the register. All stakeholders with comments and concerns should forward them to the appropriate team leads and the program manager.

 

Training

 

Any program team member needing risk management training will be directed to the online training on the Project Management Knowledge Base.  If more in-depth training is required, the team member’s manager will be notified and  will work with the team member to obtain the training externally.

 

Roles and Responsibilities

Methodology essay paper

/in /by

Methodology

ORDER A PLAGIARISM FREE PAPER NOW

PROJECT RISK MANAGEMENT PROCESS

One of the most significant issues a project manager must Methodology be dealing with is risk, especially in the healthcare environment. The Business Dictionary defines risk as the “probability or threat of a damage, injury, liability, loss, or other negative occurrence, caused by external or internal vulnerabilities, and which may be neutralized through pre-meditated action.”
KRMC follows a risk management approach that includes project, program, and portfolio risk management. This document discusses project risk management.
• For a high-level overview of the risk management approach, click here.
• For details on program and portfolio risk management, click here.
• For an in depth look at overall risk management system, visit the KRMC Risk Management System on the SharePoint project management TeamSite.
KRMC’s process for managing uncertainty Methodology that could have a negative or positive impact is as follow:

Process
The first step in project risk occurs when the project sponsor or project manager provides an initial risk rating for the project in the project charter. This initial rating is before risks are identified and evaluated in detail. Once the project is kicked off, the project team should proceed with the detailed project risk management process.

The first step in project risk management is to create a risk management plan that includes:
• Introduction
• Risk Strategy
• Methodology
o Plan Risk Management
o Identify Risks
o Perform Qualitative Risk Analysis
o Perform Quantitative Risk Analysis Methodology
o Plan Risk Responses
o Implement Risk Responses
o Monitor Risks (PMI, 2017)
• Roles and Responsibilities
• Funding
• Timing
• Risk Categories
For details on the specifics of these steps, see the template for the Project Risk Management Plan.

 

Risk Identification

Risk identification can come from several activities. Running the risk identification meeting as a brainstorming session is a very effective technique. One source of project risk identification is the Project Kickoff pre-work and meeting. Prior to the project kick-off, the project manager will share the risk management plan with the project team for review. As a project team members review the plan, it is expected that they will identify potential risks. Those risks should be emailed to the project manager prior to the project kick-off. The project manager will then present the list of risks or risk categories submitted to the project team review and disposition at the project kick-off. The risk register will be created from the template provided on the SharePoint project site. It is extremely important to have an on-going risk identification process by holding risk assessment sessions during different phases of the project.

Risk Assessment

Risk assessment will determine quantitatively and qualitatively the value of risk related to a specific situation and will recognize the threat. The assessment will measure the probability of a risk becoming a reality. Once the risks are identified, the project manager in collaboration with the project team members, will assess all risk qualitatively and quantitatively.

The quantitative process determines what impact the identified risk will have on the project and the probability they’ll occur. This process can be time consuming, therefore, is not always used.

The qualitative assessment process includes scoring the risk on a scale of 1-5 in two area, impact and likelihood. The impact score reflects the severity of the impact within the category assigned to the risk – project schedule, cost, resources, quality, and scope or user acceptance – if the risk is realized. Likelihood reflects the probability that the risk will be realized. The project will follow the scales shown below for rating impact and likelihood of risks. All risks are categorized in the risk register as shown.

Impact

4-5 (High)
Schedule slip > 20%
Budget overrun by > 10%
Resource requirements >10%
User acceptance unlikely
Quality guidelines will not be met by > 90%

3 (Moderate)
Schedule slip > 10%
Budget overrun by > 5%
Resource requirements >5%
User acceptance questionable
Some Quality guidelines will not be met by > 50%

1-2 (Low)
Schedule slip < 5%
Budget overrun by < 5%
Resource requirements < 5%
User acceptance is likely with some negotiating
Most Quality guidelines will be met by > 90%
Likelihood

4-5 (High)
Realization of this risk is inevitable. Risk mitigation is weak and there is minimal to no effective contingency plan.

3 (Moderate)
Realization of the risk is likely. Risk mitigation does not cover all areas of the risk; contingency plans are inadequate.

1-2 (Low)
Realization of the risk is unlikely but still possible. The mitigation plan is strong, the contingency plan is effective.

For ongoing risk assessment, the project manager will review the risks at the project status meetings and make necessary changes to the risk register, as needed.

Risk Response Planning

The risk response planning involves determining ways to reduce or eliminate any threats to the project, and the opportunities to increase their impact. Once the risks are identified, a response strategy needs to be determined. The PMBOK has five responses for both negative and positive risks (PMI, 2017).
Negative risk response: Escalate, Avoid, Mitigate, Transfer, Accept.
Positive risk response: Escalate, Exploit, Enhance, Share, Accept.

Negative Risk Response

• Risk Escalation process clarifies the boundaries and channels of decision-making throughout an organization in order to solve the problem quickly and with clarity. To make risk escalation work we need clear thresholds between the different levels in the organization, so everyone knows where each risk belongs, without confusion or ambiguity.

• Risk Avoidance process focuses on eliminating the cause and thus, eliminating the threat. Risk avoidance is an approach that eliminates any exposure to risk that poses a potential loss.

• Risk Mitigation is the process that reduces risk exposure and minimizes the likelihood of an incident. There are risks that cannot be eliminated. However, their impact can be reduced. Mitigation often takes the form of controls, or processes and procedures that regulate and guide an organization.

• Risk Transfer is a risk reduction method that shifts the risk from the project to another party. Purchasing insurance, warranties, guarantees, etc. are examples of risk transfer. The risk is transferred from the project to an insurance company. The purpose of risk transfer is to pass the financial liability of risk, like legal expenses, damages awarded and repair costs, to the party who should be responsible should an accident occur.
• Risk Acceptance allows the risk to remain and deal with the consequences if it happens. The project team does not change the project plan to deal with the risk or is unable to identify other risk response strategy for a risk occurrence event. This strategy can be passive where the project team decides to deal with the risk if it occurs.

Positive Risk Response

• Risk Escalation process clarifies the boundaries and channels of decision-making throughout an organization in order to solve the problem quickly and with clarity. To make risk escalation work we need clear thresholds between the different levels in the organization, so everyone knows where each risk belongs, without confusion or ambiguity.
• Risk Exploitation seeks to eliminate the uncertainty by making the opportunity happen. A direct response will include making positive decisions to include an opportunity in the project scope or baseline, removing the uncertainty over whether it might be achieved or not, and making sure the potential opportunity is locked into the project.
• Risk Enhancement is a risk response strategy aimed to increase the probability of a positive risk occurrence. This approach involves trying to increase the chances that a potentially positive event will occur.
• Risk Sharing will allow working with others outside of the project who could also benefit and exploit it. Allocating ownership to a third party will increase the potential benefits both in terms of maximizing and increasing the probability of occurrence.
• Risk Acceptance allows the risk to remain and deal with the consequences if it happens. The project team does not change the project plan to deal with the risk or is unable to identify other risk response strategy for a risk occurrence event. This strategy can be passive where the project team decides to deal with the risk if it occurs.

Mitigation Plan

When the project manager creates the risk register, he or she will create mitigation plans with help from the project team members. Each week the project manager will review the risk register to ensure the mitigation plans are still correct and being applied by the appropriate project team members where necessary. If a mitigation plan is not working as expected, the project manager will raise the concern to the appropriate project team members and adjust the mitigation plan accordingly. All medium and high risks need mitigation plans. Low risks should be entered in the risk register completing the description, impact, and likelihood at a minimum. The creation of mitigation plans is at the discretion of the project manager.

Risk Response Implementation
While the project is progressing, the project manager will implement the risk response selected. If a risk is realized, the contingency plan needs to be activated. The purpose of this process is to ensure that each of the risks identified has appropriate actions or plans to mitigate or avoid risks before it happens.

Contingency Plan
When risks are identified, the project manager needs to create contingency plans and enter them into the risk register. Contingency plans are those activities that will be completed if the risk is realized. Contingency plans should be created as soon as the risk is identified; not when the risk is realized. The project manager will ensure that the appropriate contingency plan is activated if a risk is realized. The exact steps to follow will depend on the contingency plan. All medium and high risks need contingency plans. Low risks should be entered in the risk register completing the description, impact, and likelihood at a minimum. The creation of contingency plans for low risks is at the discretion of the project manager.

Some contingency plans cost money. The contingency plan costs should be entered when the risk is realized. Contingency funds for a project are either based on the sum of the individual contingency costs or a percentage of the project.

Monitoring Risks

The project manager will review project risks at the project team meetings and discuss the mitigation and contingency plans. Any change in the project activities may require adjustments to the risk register and can be made at that time. The project manager will also report the status of the medium and high risk on the periodic project status report. In addition, during the Initiation phase of the project, risk items of medium and high status will be added to the project mandate by the project manager prior to requesting execution phase approval.

Closing Risks

Once a risk is mitigated or is realized it will remain in the risk register but set to closed status. The project team will review the risk register as part of the lessons learned. At the end of the project, the project manager will close all risks and archive the risk register.

 

 

 

 

 

Methodology essay paper

/in /by

Methodology

ORDER A PLAGIARISM FREE PAPER NOW

Portfolio Risk Management Plan

 

 

Table of Contents  Methodology

[How to Use this template – This template includes suggested sections for the portfolio risk management plan with sample wording. A risk management plan is a requirement for the portfolio risk management process. The portfolio leader will either use this plan as a template or as a guideline to create his or her own format. If the portfolio leader decides to use this template, he or she should delete any text shown in [ ]s. Additional sections can be added to this plan as deemed necessary by the portfolio leader.] Methodology

Portfolio Risk Management Process

The KRMC risk management process includes identifying, assessing, mitigating and contingency planning and execution, monitoring, and closing risks. The portfolio leader will begin risk identification by reviewing the portfolio strategic goals with the portfolio department managers. Each portfolio department manager will then provide the portfolio leader with potential risks based on the strategic objectives prior to a portfolio risk review meeting. The portfolio leader will then create a risk register for review by the department and program managers. The risk register will follow the template provided on the Project Management Knowledge Base. The portfolio leader is accountable for the assessment, monitoring, mitigation, and contingency planning of these risks. Methodology

[Include this section only if you decide to do the identification and assessment process found in The Methodology.] KRMC will also take advantage of the portfolio risk identification and assessment process found on the Project Management Knowledge Base. On a yearly basis, after identifying a qualified assessor, the portfolio leader will kick-off the process. The assessor will complete the process and report findings to the portfolio leader.

The portfolio leader will review the portfolio risk register on a monthly basis to ensure mitigation plans are effective. The portfolio leader will make necessary changes to the risk register and review those changes with the portfolio department leaders at the quarterly portfolio status meetings making changes to impact and likelihood, mitigation strategy, contingency plans, and close risks as required.

Budgeting

Portfolio risk management will require funding for:
 Travel to XXX to perform risk interviews and mitigation,
 Contingency funds,
 Reason 3
The expected cost is $nnnn.nn.

[If there is no specific funding required for risk management, delete this section.] Methodology

 

Risk Register Scoring and Interpretation

Risks are evaluated on a scale of one to five for impact and likelihood. The portfolio leader will complete the impact and likelihood columns in the risk register in collaboration with portfolio department managers. The portfolio leader will use the following risk tolerances. [Tolerances should be adjusted for the portfolio objectives when completing this plan.]

Impact

4-5 (High)
Strategic vision will not be met
Operational impact will include a stop or near stop of some functionality
Financial loss will be nn% of budget
Compliance – noncompliance will exist

3 (Moderate)
Strategic vision will be partially met
Operational impact will include a slow down or inability to perform some functionality without work-arounds
Financial loss will be nn% of budget
Compliance – noncompliance is likely Methodology

1-2 (Low)
Strategic vision will be met
Operational loss is manageable
Financial loss will be less than 1% of budget
Compliance – noncompliance is probable but can be mitigated

Likelihood

4-5 (High)
Realization of this risk is inevitable. Risk mitigation is weak and there is minimal to no effective contingency plan.

3-4 (Moderate)
Realization of the risk is likely. Risk mitigation does not cover all areas of the risk and contingency plans are inadequate.

1-2 (Low)
Realization of the risk is unlikely but still possible. Mitigation plan is strong, contingency plan is effective.

 

Internal Risk Controls

The portfolio leader will determine if any internal risk controls exist that could help mitigate portfolio risks and add a description to the risk register with a ranking for its effectiveness. Effectiveness is rated on a scale of one to five with one being most effective and five having minimal effect.

Plan and Implement Risk Responses

Mitigation and Contingency Plans

The portfolio leader will include mitigation and contingency plans, with an effectiveness rating on the mitigation plans, in the risk register. Contingency plans will be outlined as soon as the risk is identified and not delayed until the risk is realized.

If a risk is realized the portfolio leader will ensure that the appropriate contingency plan is activated. The exact steps will depend on the contingency plan.

Monitoring Risks

The portfolio leader will review the portfolio risk register on a quarterly basis with the portfolio department leaders. At those meetings, the members will discuss the effectiveness of the mitigation and contingency plans and make adjustments to the risk register, if necessary.

The portfolio leader will roll up all medium and high portfolio risks to the EPMO Director for the KRMC risk report, as requested. The EPMOi Director will decide which risks are appropriate for the Observatory risk register.

Closing Risks

Once a risk is mitigated or realized it will remain in the risk register but moved the closed status.

Training

Any portfolio staff member requesting risk management training will be directed to the online training in the Project Management Knowledge Base. If more in-depth training is required, the team member’s manager will be notified and will work with the team member to obtain the training externally.

Timing

When will activities take place?

Roles and Responsibilities

Add a RACI matrix

Methodology essay paper

/in /by

Methodology

ORDER A PLAGIARISM FREE PAPER NOW

 

Project Risk Management Plan

for

Methodology

[Project]:

 

[Project Manager]:

 

Date:

 

 

 

Methodology

 

 

Methodology

Project Risk Process                                                                                                                                                          3

Other Roles and Responsibilities                                                                                                                                                          3

Budgeting                                                                                                                                                          3

Timing                                                                                                                                                          4

Risk Register Scoring and Interpretation                                                                                                                                                          4

Reporting Formats                                                                                                                                                          5

Tracking                                                                                                                                                          5

 

 

 

Risk Strategy

Methodology

  1. Plan Risk Management
  2. Identify Risks
  3. Perform Qualitative Risk Analysis
  4. Perform Quantitative Risk Analysis Methodology
  5. Plan Risk Responses
  6. Implement Risk Responses
  7. Monitor Risks

Roles and Responsibilities

Funding

Timing

Risk Categories

 

 

 

 

[How to Use this template – This template includes all the required sections for the project risk management plan with sample wording. The project manager will complete this plan and then delete any text shown in [ ]s.]

 

Introduction – Project Risk Process

 

The [project name] Risk Management process includes a process for managing uncertain events that could have a negative effect on the project’s objectives, if they occur.  The first step in risk management source of risk identification will be from our project kickoff pre-work and meeting. Attendees of the project kickoff will review this risk management plan prior to the project kickoff and email a list of potential risks to the project manager. The project manager will create a risk register for review and risk dispositioning at the project kick off. The risk register will follow the template provided on the Project Management Knowledge Base. The project manager owns the monitoring, mitigation, and contingency planning of these risks.

Methodology

Another source for risk identification will be the interviews performed by the project manager at the beginning of the project and during the life of the project. The project manager will interview project team members from different functional areas and document the resulting risks. The project manager will review those risks with the project team. The project manager owns the assessment, mitigation, and contingency planning of these risks.

 

Finally, the project manager will review the risks on a weekly basis to ensure mitigation is occurring and is effective. The project manager will also review the risks with the project team members at the project status meetings, as needed. The project manager will make necessary changes to the risk register at the Methodology project status meetings, including changes to impact and likelihood, mitigation strategy, contingency plans, and close risks as required.

 

Once the project is completed, the project manager will close all risks and the risk register. The risk register and plan will then be archived with the project documents.

 

Introduction

Risk Strategy

Methodology

  1. Plan Risk Management
  2. Identify Risks
  3. Perform Qualitative Risk Analysis
  4. Perform Quantitative Risk Analysis
  5. Plan Risk Responses
  6. Implement Risk Responses
  7. Monitor Risks

Roles and Responsibilities

Funding

Timing

Risk Categories

The Risk Register

Reporting Formats

Tracking

 

Roles and Responsibilities

 

The project manager will request input from functional area managers on project risks. The functional area managers or leads are responsible for defining, evaluating, and mitigating the risks in his or her area and reporting status to the project manager. All project team members are responsible for identifying and escalating all area-specific risks to their team lead.

 

 

Funding

 

This project will require funding for risk management for:

  • Travel to XXX to perform risk interviews and mitigation,
  • Reason 2,
  • Reason 3

The expected cost is $nnnn.nn.

 

[If there is no specific funding required for risk management, delete this section.]

 

Timing

 

The project manager will write the risk management plan prior to the project kick-off.

 

The project manager and project team will complete the risk register at the project kick-off.

 

New risks will be added to the risk register within one business day of be identified and assessed during the next project team meeting.

 

The project manager will lead a discussion on project risks at each project team meetings where the project team will discuss mitigation and contingency plans and make adjustments to the risk register as needed.

 

Risk Categories

 

 

The Risk Register – Scoring and Interpretation

 

Risks will be scored on a scale of 1-5 in two areas, impact and likelihood. The impact score reflects the impact to the project schedule, cost, scope, quality, or user acceptance if the risk realized. Likelihood reflects the probability that the risk will be realized. This project will use the following tolerances for rating impact and likelihood of risks. [The tolerances below are suggestions. PM can adjust the numbers below according to stakeholder risk tolerances.]

 

 

Impact

 

4-5 (High)

Schedule slip > 20%

Budget overrun by > 10%

Resource shortage >10%

User acceptance unlikely

Quality guidelines will not be met > 90%

 

3 (Moderate)

Schedule slip > 10%

Budget overrun by > 5%

Resource shortage >5%

User acceptance questionable

Quality guidelines will not be met > 50%

 

1-2 (Low)

Schedule slip < 5%

Budget overrun by < 5%

Resource shortage < 5%

User acceptance is likely with some negotiating

Quality guidelines will be met > 90%

 

Likelihood

 

4-5 (High)

Risk mitigation is weak; there is minimal to no effective contingency plan. Realization of this risk is inevitable.

3-4 (Moderate)

Risk mitigation does not cover all areas of the risk; the contingency plan is inadequate. Realization of the risk is likely.

1-2 (Low)

The mitigation plan is strong, the contingency plan is effective. Realization of the risk is unlikely but still possible.

 

 

Reporting Formats

 

The project manager will create the risk register and ensure that the register is available on the project team site found in the Project Management Knowledge Base. The project manager will include the status of the medium and high risks on the project status report. During the initiation phase of the project, the project sponsor or project manager will include risk items of yellow or red status in the project mandate when the project sponsor or manager request execution phase approval.

 

 

Tracking

 

The risk register will be kept on the Project Management Knowledge Base in the project site and kept up to date by the project manager. All team members and sponsor(s) will have access to the register. All stakeholders with comments and concerns should forward them to the team leads and the project manager.

 

 

 

 

Methodology essay paper

/in /by

Methodology

ORDER A PLAGIARISM FREE PAPER NOW

                                    PROGRAM RISK MANAGEMENT PROCESS

 

Introduction

____ follows a risk management process that manages project, program, and portfolio risk. For a high-level overview of ____’s risk management process, click here. This document discusses program risk management only. For more detailed information on the complete risk management system at _____, see ______ Risk Management on the Project Management website.

 

Programs are a collection of related projects that when managed together achieve higher benefits than would be achieved if they were managed separately. Programs can have risks from the individual projects or from the program goals and program metrics. Methodology

 

Process

For program risk management to be successful, the program manager must establish program metrics at the beginning of the program. Program metrics can be indicators such as scientific impact, community satisfaction, program delivery, and quality.

Once metrics are in place, program risk management includes:

  • Identifying Risk
  • Assessing Risk
  • Planning and Implementing Risk Response – Mitigation and Contingency Plan.
  • Internal Risk Control
  • Monitoring Risk
  • Closing Program Risks Methodology

 

The program manager will write a risk management plan for the program (template here) and create a risk register (template here) at the beginning of the program. The program manager will also facilitate risk reviews through a program risk management advisory board, if needed. Once the program risk management plan and risk register are created, any project presented for inclusion into the program should be evaluated against the program metrics.

 

 

Identifying Risks

 

Program risk identification occurs in several ways. The program manager will review the program’s projects’ risk registers and consider any of the medium or high project risks for inclusion in the program risk register. The program manager will monitor the overall program’s projects’ performance to detect any areas of potential risk not originally identified. The program manager will also maintain status on the program metrics performance set at the beginning of the program. Finally, risk identification can also come from other program managers. Methodology

 

A program manager may also choose to create a program risk advisory board made up of project managers in the program and key functional leaders. The program risk advisory board would be responsible for identifying program risks, reviewing program risks in the risk register, reviewing mitigation plans and adjusting as necessary, and activating contingency plans. Program risk advisory boards should meet at an appropriate interval based on the length of the program.

 

Assessing Risk

 

Once the risks are identified, the program manager, with help from the program risk advisory board if applicable, will score the risks in the program risk register on a scale of 1-5 in two areas, impact and likelihood. The impact score reflects the impact to the category of the risks based on program metrics.  For example, recommended instrument metrics are research knowledge base, program delivery, community satisfaction, public outreach, and quality.  Likelihood reflects the probability that the risk will be realized. The program will follow the scales shown below for rating impact and likelihood of risks. The program manager is responsible for setting or changing any tolerances with respect to impact based on the risk tolerances of the stakeholders.  All risks are categorized in the risk register as shown.

 

Impact

 

4-5 (High)

Research knowledge base < nn publications

Program delivery (schedule slip) > 10%

Public outreach < nn events

Project Risk

Community satisfaction unlikely

Quality guidelines will not be met

 

3 (Moderate)

Research knowledge base < nn publications

Program delivery (schedule slip) > 5% Methodology

Public outreach < nn events

Project Risk

Community satisfaction questionable

50% of the quality guidelines will not be met

 

1-2 (Low)

Research knowledge base < nn publications

Program delivery (schedule slip) > 10%

Public outreach < nn events

Project Risk

Community satisfaction likely with some negotiating

90% of the quality guidelines will be met

 

Likelihood

4-5 (High)

Realization of this risk is inevitable. Risk mitigation is weak; there is minimal to no effective contingency plan.

 

3 (Moderate)

Realization of the risk is likely. Risk mitigation does not cover all areas of the risk; contingency plan is inadequate.

 

1-2 (Low)

Realization of the risk is unlikely but still possible. Mitigation plan is strong, contingency plan is effective.

 

For ongoing program risk assessment, the program manager will periodically review the risks and make necessary changes to the risk register, as needed.

 

Planning and Implementing Risk Response

 

Mitigation Plan

 

When the program manager creates the risk register, he or she will create mitigation plans with help from the program risk advisory board, if applicable, and the program’s project managers. Periodically, the program manager will review the risk register to ensure the mitigation plans are correct and being applied at the appropriate program level. If a mitigation plan is not working as expected, the program manager will raise the concern to the appropriate project manager and adjust the mitigation plan accordingly.

 

Contingency Plan

 

Once a risk is identified, the program manager needs to create contingency plans and enter them in the risk register. Contingency plans should be created as soon as the risk is identified not when the risk is realized.

If a risk is realized the program manager will ensure that the appropriate contingency plan is activated. The exact steps to follow will depend on the documented contingency plan.

 

Internal Risk Control

 

The risk register includes a column for internal risk controls. These controls are organizational processes or procedures that are part of the organizational operations or culture and not program specific. If any internal risk controls exist, add the description to the risk register and rank its effectiveness. Effectiveness is rated on a scale of one to five with one being most effective and five having minimal effect.

 

Monitoring Risks

 

The program manager will regularly review the risks for his or her program with the program’s project managers and with the program risk advisory board, if applicable. The reviews will include review of mitigation and contingency plans and adjustments to the risk register when necessary. The program manager will report the status of the medium and high risks on the periodic program status report to the portfolio leaders.

 

Closing Risks

 

Once a risk is mitigated it will remain in the risk register but moved to the closed status. Once the program has ended, the program team will review the risk register at a program closure review as part of lessons learned. The program manager will ensure all risks are closed and archive the risk register.

 

 

 

 

 

 

 

Methodology essay paper

/in /by

Methodology

ORDER A PLAGIARISM FREE PAPER NOW

KRMC RISK MANAGEMENT SYSTEM OVERVIEW

 

Introduction

The KRMC risk management system is designed to ultimately reduce or eliminate risks that could negatively affect the organization’s goals and objectives. Methodology
Risks will be managed at three connected levels:
• Project
• Program
• Portfolio Methodology

Moving from a tactical approach (project and program) to a strategic one (portfolio). KRMC individual risk management includes:
• Risk Identification
• Risk Assessment
• Risk Response Plan
• Risk Response Implementation (includes mitigation and contingency plan)
• Risk Monitoring Methodology
• Closing Risk

Continuous improvement is part of the KRMC risk management system. The SEI | Carnegie Mellon identifies the seven principles for an effective risk management system as:
• Open Communication- refers to the sharing of ideas and opinions between professionals who are working on similar or related tasks.
• Integrated Management- refers to the management of all aspects of a project including processes and related systems, that insures the successful execution of a project.
• Teamwork- refers to the process of working collaboratively with a group of individuals in order to achieve a goal.
• Forward-looking View- refers to the capacity of developing a vision for the project, focusing on the customer’s requirements.
• Global Perspective- refers to the capability of understanding different cultures and geographical regions.
• Shared Product Vision- refers to the Methodology long-term mission of the product, that help develop a better product roadmap, improves the strategic decision-making, and will help align team and stakeholders across the company.
• Continuous Process- refers to the methodology that follows a cyclical approach throughout the life of a project. The continuous process provides the foundation for the next.
(Organizational Risk Management, 2012). Methodology

These systems are incorporated into the KRMC risk management process. A tool for assessing risk management systems is available here.
The Project Management Methodology found on the KRMC Project Management website Base has detailed process documents and supporting tools and templates for risk management. There are also risk management training modules available here.

Project Risk Management

The primary objective of using a project risk management is to increment organizational value. This process is used in identifying, assessing, monitoring, response planning and implementation, and closing project risk. At the beginning of the project, the project manager will create a risk management plan (template found here.) Project teams will then participate in a risk identification and assessment activity during project kick-off or first project team meeting and during the project as needed.

The project manager will create the risk register (template found here) with all risks submitted by project team members. The risk register will include a description of the risk, the type of risk (technical, benefits, resources, schedule, cost, scope, user acceptance), the impact, the likelihood, the risk score, internal risk controls, the mitigation plan and strength, the contingency plan, and a risk owner.

To monitor risks, the project manager is responsible for regularly reviewing and assessing project risks with the project team and adjusting the risk plan, risk register, and mitigation plans as necessary.

An optional risk identification and assessment process is also available for project risk management, document found here. This process is recommended for large projects but can be used on any. Please note: this process can take some time to complete, up to two weeks or so, but yields valuable information for risk management. Training modules for risk management can be found here. Tools for the project risk management process can be found here.

 

Program Risk Management

Programs are a selection of projects managed together to obtain benefits that would not be achieved if the projects were managed separately. Program risk management is the identification, assessment, and management of those risks that put the program benefits in jeopardy. Program risks can come from two sources – a program risk assessment or risks submitted from the program’s associated projects.

At the beginning of the program, the program manager will create a risk management plan (template found here.) Next, the program manager, in consultation with the program’s project managers, will create a program risk register (template found here.) Risk categories for a program risk assessment in the program risk register include research knowledge base, program delivery, community satisfaction, service excellence, and quality. These can be modified as needed. Program risks can also be based on project interdependencies for resources, funding, and schedule. The program manager, in collaboration with the program’s project managers, is responsible for regularly reviewing and assessing the program risks maintained in the program risk register. Tools for the program risk management process can be found here.

Portfolio Risk Management

Portfolio risk management is the identification, assessment, and management of those risks that put the organization’s strategic objectives in jeopardy. Portfolio risks can include program or project risks, or risks identified by performing an organizational risk assessment. In addition, program managers or project managers, not associated with a program, will notify the organizational leader of risks to be reviewed and potentially added to the organizational risk register. Identifying, assessing, and monitoring other risks on the portfolio risk register, not specifically related to a program or project, are the responsibility of the organization’s leader. The portfolio leader will facilitate a quarterly division risk board meeting to review the portfolio risks. Portfolio risk categories map to the organization’s risk categories: xxx, yyy, zzz, and aaa. The portfolio risk management approach will be evaluated yearly, based on the strategic objectives for the upcoming year. Portfolio risk tools and templates can be found here.

 

Methodology essay paper

/in /by

Methodology

ORDER A PLAGIARISM FREE PAPER NOW

PORTFOLIO RISK MANAGEMENT PROCESS

 

Introduction

KRMC follows a risk management process that manages project, program, portfolio, and observatory risk. For a general overview of KRMC’s risk management process, click here. This document discusses Portfolio risk management only. For a more detailed look at the complete risk management system at KRMC, see KRMC Risk Management on the Project Management Knowledge Base. Methodology

Portfolio risk is defined here as the potential for loss due to uncertainty at the KRMC Portfolio level. The potential for Portfolio risk is found by assessing the Portfolio’s strategic objectives using the categories of strategic, operational, financial, and compliance.

There are two levels of risk:

  • Strategic risk– risks identified at the portfolio level. Methodology
  • Tactical risk– risks identified by management process or escalated from the portfolio component.

Process

Portfolio risk management includes:

  • Risk identification
  • Risk Assessment
  • Risk Mitigation Plan and Execution
  • Risk Monitoring
  • Contingency Plan and Execution
  • Closing Risks

Same process as both project and program risks but more focused on the strategic objectives of the Portfolio. To kick-off the Portfolio risk management process, the Portfolio leader will review the Portfolio’s strategic objectives with the Portfolio department leaders and create a risk management plan.  The plan will specify what actions the Portfolio leader will take for risk management.  Methodology Next, the Portfolio leader will start the risk identification process.

Risk Identification

 

Portfolio risk identification can occur through several activities. Portfolio leaders can brainstorm potential risks against the list of Portfolio strategic objectives, review the Portfolio’s program and project risks registers; and perform a Portfolio risk identification and assessment process. Risks identified should be documented in a Portfolio risk register, template found here.

Risk Assessment

Once the risks are identified, they need to be assessed and rated. Risks are evaluated on a scale of one to five for impact and likelihood. The Portfolio leader will complete the impact and likelihood columns in the risk register in collaboration with Portfolio department heads. The following risk tolerances provide guidance on completing the ratings. Tolerances should be adjusted for the Portfolio objectives. Methodology

 

Impact

4-5 (High)

Strategic vision will not be met

Operational impact will include a stop or near stop of some functionality

Financial loss will be nn% of budget

Compliance – noncompliance will exist

 

 

3 (Moderate)

Strategic vision will be partially met

Operational impact will include a slow down or inability to perform some functionality without workarounds

Financial loss will be nn% of budget Methodology

Compliance – noncompliance is likely

 

1-2 (Low)

Strategic vision will be met

Operational loss is manageable

Financial loss will be less than 1% of budget

Compliance – noncompliance is probable but can be mitigated

 

Likelihood

 

4-5 (High)

Realization of this risk is inevitable. Risk mitigation is weak and there is minimal to no effective contingency plan.

 

3 (Moderate)

Realization of the risk is likely. Risk mitigation does not cover all areas of the risk and contingency plans are inadequate.

 

1-2 (Low)

Realization of the risk is unlikely but still possible. Mitigation plan is strong, contingency plan is effective.

 

 

Internal Risk Control

The Portfolio risk register includes a column for internal risk controls. These controls are organizational processes or procedures that are part of the organizational operations or culture but not program or project specific. If any applicable internal controls exist, add the description to the risk register and rank its effectiveness.  Effectiveness is rated on a scale of one to five with one being most effective and five having minimal effect. Methodology

 

Planning and Implementing Risk response

 

Mitigation Plan

Risk mitigation planning is the process of developing options and actions to enhance opportunities and reduce threats to project objectives. A mitigation plan attempts to decrease the chance of a risk occurring or decrease the impact of the risk if it occurs. It is implemented in advance.

 

Contingency Plan

A contingency plan in project management is defined as an actionable plan that is to be enacted if an identified risk becomes a reality. A contingency plan explains the steps to take after the identified risk occurs, in order to reduce impact. The Project Management Institute (PMI) defines contingency planning as, “involv[ing] defining action steps to be taken if an identified risk event should occur.” Contingency plans are not only put in place to anticipate when things go wrong — they can also be created to take advantage of strategic opportunities. If a risk is realized in the Portfolio leader will ensure that the appropriate contingency plan is activated. The exact steps will depend on the contingency plan.

 

Risk Monitoring

The Portfolio leader will review the Portfolio risk register on a quarterly basis with the Portfolio department leaders. At those meetings, the members will discuss the effectiveness of the mitigation and contingency plans and adjust the risk register, if necessary.

The Portfolio leader is also responsible to roll up all medium and high Portfolio risks to the KRMC EPMO Director for the organizational risk register, as requested.  The KRMC EPMO Director will decide which risks are appropriate for the organizational risk register.

 

Closing Risks

Once a risk is mitigated or realized it will remain in the risk register but moved the closed status. Closing a risk is a formal process to which information on the risk being closed is documented.

 

Methodology essay paper

/in /by

Methodology

ORDER A PLAGIARISM FREE PAPER NOW

PROJECT RISK MANAGEMENT PROCESS

One of the most significant issues a Methodology project manager must be dealing with is risk, especially in the healthcare environment. The Business Dictionary defines risk as the “probability or threat of a damage, injury, liability, loss, or other negative occurrence, caused by external or internal vulnerabilities, and which may be neutralized through pre-meditated action.”
KRMC follows a risk management approach that includes project, program, and portfolio risk management. This document discusses project risk management.
• For a high-level overview of the risk management approach, click here.
• For details on program and portfolio risk management, click here.
• For an in depth look at overall risk management system, visit the KRMC Risk Management System on the SharePoint project management TeamSite. Methodology
KRMC’s process for managing uncertainty that could have a negative or positive impact is as follow:

Process
The first step in project risk occurs when the project sponsor or project manager provides an initial risk rating for the project in the project charter. This initial rating is before risks are identified and evaluated in detail. Once the project is kicked off, the project team should proceed with the detailed project risk management process.

The first step in project risk management isMethodology to create a risk management plan that includes:
• Introduction
• Risk Strategy
• Methodology
o Plan Risk Management
o Identify Risks
o Perform Qualitative Risk Analysis
o Perform Quantitative Risk Analysis
o Plan Risk Responses
o Implement Risk Responses
o Monitor Risks (PMI, 2017)
• Roles and Responsibilities
• FundingMethodology
• Timing
• Risk Categories
For details on the specifics of these steps, see the template for the Project Risk Management Plan.

 

Risk Identification

Risk identification can come from several activities. Running the risk identification meeting as a brainstorming session is a very effective technique. Methodology One source of project risk identification is the Project Kickoff pre-work and meeting. Prior to the project kick-off, the project manager will share the risk management plan with the project team for review. As a project team members review the plan, it is expected that they will identify potential risks. Those risks should be emailed to the project manager prior to the project kick-off. The project manager will then present the list of risks or risk categories submitted to the project team review and disposition at the project kick-off. The risk register will be created from the template provided on the SharePoint project site. It is extremely important to have an on-going risk identification process by holding risk assessment sessions during different phases of the project. Methodology

Risk Assessment

Risk assessment will determine quantitatively and qualitatively the value of risk related to a specific situation and will recognize the threat. The assessment will measure the probability of a risk becoming a reality. Once the risks are identified, the project manager in collaboration with the project team members, will assess all risk qualitatively and quantitatively.

The quantitative process determines what impact the identified risk will have on the project and the probability they’ll occur. This process can be time consuming, therefore, is not always used.

The qualitative assessment process includes scoring the risk on a scale of 1-5 in two area, impact and likelihood. The impact score reflects the severity of the impact within the category assigned to the risk – project schedule, cost, resources, quality, and scope or user acceptance – if the risk is realized. Likelihood reflects the probability that the risk will be realized. The project will follow the scales shown below for rating impact and likelihood of risks. All risks are categorized in the risk register as shown. Methodology

Impact

4-5 (High)
Schedule slip > 20%
Budget overrun by > 10%
Resource requirements >10%
User acceptance unlikely
Quality guidelines will not be met by > 90%

3 (Moderate)
Schedule slip > 10%
Budget overrun by > 5%
Resource requirements >5%
User acceptance questionable Methodology
Some Quality guidelines will not be met by > 50%

1-2 (Low)
Schedule slip < 5%
Budget overrun by < 5%
Resource requirements < 5%
User acceptance is likely with some negotiating
Most Quality guidelines will be met by > 90%
LikelihoodMethodology

4-5 (High)
Realization of this risk is inevitable. Risk mitigation is weak and there is minimal to no effective contingency plan.

3 (Moderate)
Realization of the risk is likely. Risk mitigation does not cover all areas of the risk; contingency plans are inadequate.

1-2 (Low)
Realization of the risk is unlikely but still possible. The mitigation plan is strong, the contingency plan is effective.

For ongoing risk assessment, the project manager will review the risks at the project status meetings and make necessary changes to the risk register, as needed. Methodology

Risk Response Planning

The risk response planning involves determining ways to reduce or eliminate any threats to the project, and the opportunities to increase their impact. Once the risks are identified, a response strategy needs to be determined. The PMBOK has five responses for both negative and positive risks (PMI, 2017).
Negative risk response: Escalate, Avoid, Mitigate, Transfer, Accept.
Positive risk response: Escalate, Exploit, Enhance, Share, Accept.

Negative Risk Response

• Risk Escalation process clarifies the boundaries and channels of decision-making throughout an organization in order to solve the problem quickly and with clarity. To make risk escalation work we need clear thresholds between the different levels in the organization, so everyone knows where each risk belongs, without confusion or ambiguity.

• Risk Avoidance process focuses on eliminating the cause and thus, eliminating the threat. Risk avoidance is an approach that eliminates any exposure to risk that poses a potential loss.

• Risk Mitigation is the process that reduces risk exposure and minimizes the likelihood of an incident. There are risks that cannot be eliminated. However, their impact can be reduced. Mitigation often takes the form of controls, or processes and procedures that regulate and guide an organization.

• Risk Transfer is a risk reduction method that shifts the risk from the project to another party. Purchasing insurance, warranties, guarantees, etc. are examples of risk transfer. The risk is transferred from the project to an insurance company. The purpose of risk transfer is to pass the financial liability of risk, like legal expenses, damages awarded and repair costs, to the party who should be responsible should an accident occur.
• Risk Acceptance allows the risk to remain and deal with the consequences if it happens. The project team does not change the project plan to deal with the risk or is unable to identify other risk response strategy for a risk occurrence event. This strategy can be passive Methodology where the project team decides to deal with the risk if it occurs.

Positive Risk Response

• Risk Escalation process clarifies the boundaries and channels of decision-making throughout an organization in order to solve the problem quickly and with clarity. To make risk escalation work we need clear thresholds between the different levels in the organization, so everyone knows where each risk belongs, without confusion or ambiguity.
• Risk Exploitation seeks to eliminate the uncertainty by making the opportunity happen. A direct response will include making positive decisions to include an opportunity in the project scope or baseline, removing the uncertainty over whether it might be achieved or not, and making sure the potential opportunity is locked into the project.
• Risk Enhancement is a risk response strategy aimed to increase the probability of a positive risk occurrence. This approach involves trying to increase the chances that a potentially positive event will occur.
• Risk Sharing will allow working with others outside of the project who could also benefit and exploit it. Allocating ownership to a third party will increase the potential benefits both in terms of maximizing and increasing the probability of occurrence.
• Risk Acceptance allows the risk to remain and deal with the consequences if it happens. The project team does not change the project plan to deal with the risk or is unable to identify other risk response strategy for a risk occurrence event. This strategy can be passive where the project team decides to deal with the risk if it occurs.

Mitigation Plan

When the project manager creates the risk register, he or she will create mitigation plans with help from the project team members. Each week the project manager will review the risk register to ensure the mitigation plans are still correct and being applied by the appropriate project team members where necessary. If a mitigation plan is not working as expected, the project manager will raise the concern to the appropriate project team members and adjust the mitigation plan accordingly. All medium and high risks need mitigation plans. Low risks should be entered in the risk register completing the description, impact, and likelihood at a minimum. The creation of mitigation plans is at the discretion of the project manager.

Risk Response Implementation
While the project is progressing, the project manager will implement the risk response selected. If a risk is realized, the contingency plan needs to be activated. The purpose of this process is to ensure that each of the risks identified has appropriate actions or plans to mitigate or avoid risks before it happens.

Contingency Plan
When risks are identified, the project manager needs to create contingency plans and enter them into the risk register. Contingency plans are those activities that will be completed if the risk is realized. Contingency plans should be created as soon as the risk is identified; not when the risk is realized. The project manager will ensure that the appropriate contingency plan is activated if a risk is realized. The exact steps to follow will depend on the contingency plan. All medium and high risks need contingency plans. Low risks should be entered in the risk register completing the description, impact, and likelihood at a minimum. The creation of contingency plans for low risks is at the discretion of the project manager.

Some contingency plans cost money. The contingency plan costs should be entered when the risk is realized. Contingency funds for a project are either based on the sum of the individual contingency costs or a percentage of the project.

Monitoring Risks

The project manager will review project risks at the project team meetings and discuss the mitigation and contingency plans. Any change in the project activities may require adjustments to the risk register and can be made at that time. The project manager will also report the status of the medium and high risk on the periodic project status report. In addition, during the Initiation phase of the project, risk items of medium and high status will be added to the project mandate by the project manager prior to requesting execution phase approval.

Closing Risks

Once a risk is mitigated or is realized it will remain in the risk register but set to closed status. The project team will review the risk register as part of the lessons learned. At the end of the project, the project manager will close all risks and archive the risk register.

 

 

 

 

 

 

Methodology essay paper

/in /by

Methodology

ORDER A PLAGIARISM FREE PAPER NOW

                                    PROGRAM RISK MANAGEMENT PROCESS

 

Introduction

____ follows a risk management process that manages project, program, and portfolio risk. For a high-level overview of ____’s risk management process, click here. This document discusses program risk management only. For more detailed information on the complete risk management system at _____, see ______ Risk Management on the Project Management website.Methodology

 

Programs are a collection of related projects that when managed together achieve higher benefits than would be achieved if they were managed separately. Programs can have risks from the individual projects or from the program goals and program metrics.

 

Process

For program risk management to be successful, the program manager must establish program metrics at the beginning of the program. Program metrics can be indicators such as scientific impact, community satisfaction, program delivery, and quality. Methodology

Once metrics are in place, program risk management includes:

  • Identifying Risk
  • Assessing Risk
  • Planning and Implementing Risk Response – Mitigation and Contingency Plan.
  • Internal Risk Control
  • Monitoring Risk
  • Closing Program Risks

Methodology

The program manager will write a risk management plan for the program (template here) and create a risk register (template here) at the beginning of the program. The program manager will also facilitate risk reviews through a program risk management advisory board, if needed. Once the program risk management plan and risk register are created, any project presented for inclusion into the program should be evaluated against the program metrics.

Methodology

 

Identifying Risks

 

Program risk identification occurs in several ways. The program manager will review the program’s projects’ risk registers and consider any of the medium or high project risks for inclusion in the program risk register. The program manager will monitor the overall program’s projects’ performance to detect any areas of potential risk not originally identified. The program manager will also maintain status on the program metrics performance set at the beginning of the program. Finally, risk identification can also come from other program managers.

 

A program manager may also choose to create a program risk advisory board made up of project managers in the program and key functional leaders. The program risk advisory board would be responsible for identifying program risks, reviewing program risks in the risk register, reviewing mitigation plans and adjusting as necessary, and activating contingency plans. Program risk advisory boards should meet at an appropriate interval based on the length of the program.

Methodology

Assessing Risk

 

Once the risks are identified, the program manager, with help from the program risk advisory board if applicable, will score the risks in the program risk register on a scale of 1-5 in two areas, impact and likelihood. The impact score reflects the impact to the category of the risks based on program metrics.  For example, recommended instrument metrics are research knowledge base, program delivery, community satisfaction, public outreach, and quality.  Likelihood reflects the probability that the risk will be realized. The program will follow the scales shown below for rating impact and likelihood of risks. The program manager is responsible for setting or changing any tolerances with respect to impact based on the risk tolerances of the stakeholders.  All risks are categorized in the risk register as shown.

Methodology

Impact

 

4-5 (High)

Research knowledge base < nn publications

Program delivery (schedule slip) > 10%

Public outreach < nn events

Project Risk

Community satisfaction unlikely

Quality guidelines will not be met

 

3 (Moderate)

Research knowledge base < nn publications

Program delivery (schedule slip) > 5%

Public outreach < nn events

Project Risk Methodology

Community satisfaction questionable

50% of the quality guidelines will not be met

 

1-2 (Low)

Research knowledge base < nn publications

Program delivery (schedule slip) > 10%

Public outreach < nn events

Project Risk

Community satisfaction likely with some negotiating

90% of the quality guidelines will be met

 

Likelihood

4-5 (High)

Realization of this risk is inevitable. Risk mitigation is weak; there is minimal to no effective contingency plan.

 

3 (Moderate)

Realization of the risk is likely. Risk mitigation does not cover all areas of the risk; contingency plan is inadequate.

 

1-2 (Low)

Realization of the risk is unlikely but still possible. Mitigation plan is strong, contingency plan is effective.

 

For ongoing program risk assessment, the program manager will periodically review the risks and make necessary changes to the risk register, as needed.

 

Planning and Implementing Risk Response

 

Mitigation Plan

 

When the program manager creates the risk register, he or she will create mitigation plans with help from the program risk advisory board, if applicable, and the program’s project managers. Periodically, the program manager will review the risk register to ensure the mitigation plans are correct and being applied at the appropriate program level. If a mitigation plan is not working as expected, the program manager will raise the concern to the appropriate project manager and adjust the mitigation plan accordingly.

 

Contingency Plan

 

Once a risk is identified, the program manager needs to create contingency plans and enter them in the risk register. Contingency plans should be created as soon as the risk is identified not when the risk is realized.

If a risk is realized the program manager will ensure that the appropriate contingency plan is activated. The exact steps to follow will depend on the documented contingency plan.

 

Internal Risk Control

 

The risk register includes a column for internal risk controls. These controls are organizational processes or procedures that are part of the organizational operations or culture and not program specific. If any internal risk controls exist, add the description to the risk register and rank its effectiveness. Effectiveness is rated on a scale of one to five with one being most effective and five having minimal effect.

 

Monitoring Risks

 

The program manager will regularly review the risks for his or her program with the program’s project managers and with the program risk advisory board, if applicable. The reviews will include review of mitigation and contingency plans and adjustments to the risk register when necessary. The program manager will report the status of the medium and high risks on the periodic program status report to the portfolio leaders.

 

Closing Risks

 

Once a risk is mitigated it will remain in the risk register but moved to the closed status. Once the program has ended, the program team will review the risk register at a program closure review as part of lessons learned. The program manager will ensure all risks are closed and archive the risk register.