Project Management

Project Management Central

Please login or join to subscribe to this thread

Topics: Risk Management
The Risk of unchallenged Risks
A properly regulated risk management practice will provide a stable foundation for the “project compass,” enabling the project manager to stay on the path that leads to success. However, if improperly regulated, risk management will provide a façade of stability, leading a project to a success of a different kind, that is - success redefined.

The categories of concern for risks include areas such as:

- Risks that are created to redirect an aspect of accountability from being placed on an individual or group.
- A Unilateral risk which is not widely accepted, but is politically taken-in to appease.
- Generic Risks that create noise that detract from those of consequence.
- Path of least resistance risks that are stated to avoid tasks that are considered difficult to realize (e.g., product and technology risks or opportunity risks).

In your experience, have you seen or retrospectively recognized where established risks (such as the type stated above) affected project outcomes? The outcomes may still be that of a truly successful project; it just may (in reflection) be outcomes that could have been more substantial. To help others understand this concern, please provide examples where established risks had a “less than desired” effect on a project.
Sort By:
A properly formulated Risk Management Plan and Risk Register should address what you are labelling "unchallenged risks". What is the risk? Why is it a risk? What is the potential impact? How do we address it? How do we track it? Unchallenged risks become a risk.

However, the Risk Management Plan is usually developed and implemented by the project team and there can be a tendency to focus attention away from the project - identify all sorts of external risks, risks that cannot be influenced by the project team thus creating ready-made "excuses" for less than stellar project delivery. Market conditions, unavailability of resources, political influence, extreme weather conditions (acts of nature), social unrest, unpredictable competition, etc. "We would have been under budget if […...]. We initially identified it as a risk however had no opportunity to avoid or mitigate."
Dear George
Interesting your question
Thanks for sharing

The climate (relationship) between the project manager and team members or between the team's lies (conflicts, poor help) clearly affects project deliverables and it may fall into the category ofn unchallenged Risks
George -

All the time.

This is why I love Dr. Hillson's definition of risk as "uncertainty that matters". Whenever I teach risk management in my PM classes, I always emphasize that you need to make risk information matter to key stakeholders if you wish them to sit up, pay attention and implement risk responses.

A lot has to do with the risk appetite of the company and the key stakeholders. Psychological safety also plays into this.

In the same as we have watermelon reporting of actual project status, we get dilution and genericization (yes, that is a made up word) of risk information.

My favorite one is "If I don't get the resources we need, the project will be late". Great way to "pass the buck" or provide a CYA without being specific enough to shine the light on the constrained suppliers...

Kiron
Thank you @Peter for resurrecting my question from second-page oblivion.

@Kiron, @Peter and @Luis:
- Is there a practical way to prevent the risk register from being a “politically hijacked CYA” instrument?

Breaking this pattern is difficult when the prime suspects for this type of content are the [1] sponsors, [2] project manager, and the [3] leads (done explicitly or through a proxy). How do we trump this ingrained human behavior to mitigate consequences?
...
1 reply by Kiron Bondale
Dec 29, 2019 4:56 PM
Kiron Bondale
...
Educating senior stakeholders on the value of effective risk management and making sure they have "skin in the game" (as per Nassim Taleb) to incent them to make good risk decisions.

Kiron
As I suggested in the first post make abuse of the risk management process, (CYA and the like) identified project risks, analyze and provide for mitigation.
Risk: sponsor will hijack risk register.
Result: waste of resources.
Probability: high.
Impact: moderate.
Mitigation: ???
Hopefully this will provide a forum to discuss, maybe avoid and as a last choice provide mitigation measures.
I try to develop and finalize the RMP and register as a collaborative effort through workshops. Hijacking becomes more difficult in that setting.
Dec 29, 2019 3:38 PM
Replying to George Freeman
...
Thank you @Peter for resurrecting my question from second-page oblivion.

@Kiron, @Peter and @Luis:
- Is there a practical way to prevent the risk register from being a “politically hijacked CYA” instrument?

Breaking this pattern is difficult when the prime suspects for this type of content are the [1] sponsors, [2] project manager, and the [3] leads (done explicitly or through a proxy). How do we trump this ingrained human behavior to mitigate consequences?
Educating senior stakeholders on the value of effective risk management and making sure they have "skin in the game" (as per Nassim Taleb) to incent them to make good risk decisions.

Kiron

Please login or join to reply

Content ID:
ADVERTISEMENTS

"If you are patient in a moment of anger, you will escape a hundred days of sorrow."

- Chinese Proverb

ADVERTISEMENT

Sponsors