Managing projects of any size can be full of obstacles to navigate (or avoid) and failing to do so can cost an organization more than it’s able to absorb, let alone tolerate. But what can organizations do to manage and mitigate risks that can create bumps in the road or even derail an entire project? In fact, 52% of large government IT projects went over budget, were behind schedule or didn’t meet expectations; 41.4% were abandoned or had to be restarted.
Risk Identification
You can’t fight an enemy you can’t see. So, before you can control or minimize any project-related risks, you first need to know what to look for. Risks can be identified in a number of ways, including (but not limited to) brainstorming and interviewing, historical data, and assumptions analysis. And it’s important to remember that this is not just something that’s done once at the beginning of a project either as certain risks can emerge and or become irrelevant throughout the duration of the project. For instance, you may add catastrophic weather events to the list of potential risks that could impact your project—which is valid—but which types and when they could be a factor is something to address in the next step.
Risk Assessment
Once you’ve identified potential project risks, it’s time to look at each of them more closely to evaluate two primary factors—likelihood and impact. In other words, for each risk you’ve identified, you need to determine how likely it is to occur, and if it does, to what degree it would impact the project. Generally speaking, organizations are able to tolerate higher impact risks the less likely they are to occur, and similarly, risks that are more likely to occur but are relatively low impact. So, in our weather example from above, if you’re in the southeastern United States and tropical storms or hurricanes could have a major impact on your project, they would carry much less risk from December 1st through May 31st than they would from June 1st through November 30th.
Risk Handling
For each risk, there are four different response strategies you can choose from: avoid, transfer, mitigate, and accept. So, again with our weather example, you may choose to avoid that risk by adjusting the project schedule so that it falls outside the official hurricane season for your area as possible. Transferring the risk offloads some of the responsibility to another party in the event that risk occurs, for instance adjustments to insurance coverage, fixed-price contracts, etc. Let’s say the project is to relocate your datacenter. In this example, one way to mitigate the risk of damage from catastrophic weather could be to choose an off-site location that’s less susceptible. And finally, you can accept risks in either a passive way (i.e., deal with the risk if it occurs) or an active one, in which you may have a contingency plan in place that can be enacted should that risk occur.
Risk Control
As you can see, risk management is a moving target, which is why it’s important to continually monitor and control risks to the best of your ability throughout your projects. Risks can range from common and minor to unlikely and disastrous. Through careful identification, assessment, and handling of these risks, you’ll be better prepared to handle anything that comes your way.
Want to dive deeper into managing and mitigating project management risk? Learn more
