Categories: risk identification
For many people the idea of using the risk process to identify and manage opportunities is new, since their focus has previously been on dealing with threats. As a result, people are sometimes unsure where to find opportunities. A common concern is that proactively seeking opportunities may result in scope creep, as a result of looking for extra unplanned benefits in addition to those already defined in the agreed scope. Pursuing these optional extras might distract attention and effort from the original objectives, and could even be counter-productive.
A colleague illustrated this when he set himself an objective to lose some weight, and decided to take up running. He realised that he might discover that he really enjoyed running, and might even be quite a talented runner, so that perhaps he might be able to join a club or take part in a marathon. But do these count as opportunities, and should he be exploring them proactively? They have nothing directly to do with his original objective to lose weight, so aren’t they just additional scope to the weight-loss project?
The same situation might occur at work. If while we are trying to enhance an existing product we discover a gap in the market for a completely new product, is this a genuine opportunity to be pursued or just potential scope creep?
The answer to this important question is to treat opportunities in the same way as threats. So what happens if during a project risk assessment we identify a threat where the potential negative impact would be outside the scope of the project? Do we take responsibility for addressing this threat within our project, since if we identified it we should manage it? In fact an out-of-scope threat should be escalated to someone outside the project who can decide what to do, perhaps the project sponsor or someone in another part of the organisation.
In the same way, if we identify an opportunity which is outside the boundaries of our responsibility, we cannot just decide to include it in our project. Instead we should escalate the out-of-scope opportunity to someone who is able to decide whether and how to address it.
The key to deciding whether to escalate a risk or deal with it ourselves is to remember that all risks, both threats and opportunities, must be defined in relation to objectives. So the only risks which should be managed through a project risk process are those which could affect a project objective. Any threat or opportunity where the potential impact is outside the agreed project scope should be escalated. This ensures that these types of risk do not automatically result in scope creep, although of course a positive decision could be made to change scope to include a particularly good new opportunity or to avoid a serious wider threat.
Instead of worrying about scope creep, the search for opportunities should consider anything that might help us reach the agreed objectives. We are looking for ways of working “smarter, faster, cheaper” within the existing scope, and not trying to increase the scope. My colleague needs to find creative ways to help him lose weight more quickly with less effort, and not worry about running a marathon – unless he wants to launch a new project with a different objective.