George FreemanThought Leader | Author | Architect| Florida, United States
A properly regulated risk management practice will provide a stable foundation for the “project compass,” enabling the project manager to stay on the path that leads to success. However, if improperly regulated, risk management will provide a façade of stability, leading a project to a success of a different kind, that is - success redefined.
The categories of concern for risks include areas such as:
- Risks that are created to redirect an aspect of accountability from being placed on an individual or group. - A Unilateral risk which is not widely accepted, but is politically taken-in to appease. - Generic Risks that create noise that detract from those of consequence. - Path of least resistance risks that are stated to avoid tasks that are considered difficult to realize (e.g., product and technology risks or opportunity risks).
In your experience, have you seen or retrospectively recognized where established risks (such as the type stated above) affected project outcomes? The outcomes may still be that of a truly successful project; it just may (in reflection) be outcomes that could have been more substantial. To help others understand this concern, please provide examples where established risks had a “less than desired” effect on a project. Saving Changes...
Sort By:
Peter RapinSubject Matter Expect; Project Delivery| Independent ConsultantOntario, Canada
A properly formulated Risk Management Plan and Risk Register should address what you are labelling "unchallenged risks". What is the risk? Why is it a risk? What is the potential impact? How do we address it? How do we track it? Unchallenged risks become a risk.
However, the Risk Management Plan is usually developed and implemented by the project team and there can be a tendency to focus attention away from the project - identify all sorts of external risks, risks that cannot be influenced by the project team thus creating ready-made "excuses" for less than stellar project delivery. Market conditions, unavailability of resources, political influence, extreme weather conditions (acts of nature), social unrest, unpredictable competition, etc. "We would have been under budget if […...]. We initially identified it as a risk however had no opportunity to avoid or mitigate." Saving Changes...
Luis BrancoCEO| Business Insight, Consultores de Gestão, LdªCarcavelos, Lisboa, Portugal
Dear George Interesting your question Thanks for sharing
The climate (relationship) between the project manager and team members or between the team's lies (conflicts, poor help) clearly affects project deliverables and it may fall into the category ofn unchallenged Risks Saving Changes...
This is why I love Dr. Hillson's definition of risk as "uncertainty that matters". Whenever I teach risk management in my PM classes, I always emphasize that you need to make risk information matter to key stakeholders if you wish them to sit up, pay attention and implement risk responses.
A lot has to do with the risk appetite of the company and the key stakeholders. Psychological safety also plays into this.
In the same as we have watermelon reporting of actual project status, we get dilution and genericization (yes, that is a made up word) of risk information.
My favorite one is "If I don't get the resources we need, the project will be late". Great way to "pass the buck" or provide a CYA without being specific enough to shine the light on the constrained suppliers...
Kiron Saving Changes...
George FreemanThought Leader | Author | Architect| Florida, United States
Thank you @Peter for resurrecting my question from second-page oblivion.
@Kiron, @Peter and @Luis:
- Is there a practical way to prevent the risk register from being a “politically hijacked CYA” instrument?
Breaking this pattern is difficult when the prime suspects for this type of content are the [1] sponsors, [2] project manager, and the [3] leads (done explicitly or through a proxy). How do we trump this ingrained human behavior to mitigate consequences?
...
1 reply by Kiron Bondale
Dec 29, 2019 4:56 PM
Kiron Bondale
...
Educating senior stakeholders on the value of effective risk management and making sure they have "skin in the game" (as per Nassim Taleb) to incent them to make good risk decisions.
Kiron
Saving Changes...
Peter RapinSubject Matter Expect; Project Delivery| Independent ConsultantOntario, Canada
As I suggested in the first post make abuse of the risk management process, (CYA and the like) identified project risks, analyze and provide for mitigation.
Risk: sponsor will hijack risk register.
Result: waste of resources.
Probability: high.
Impact: moderate.
Mitigation: ???
Hopefully this will provide a forum to discuss, maybe avoid and as a last choice provide mitigation measures.
I try to develop and finalize the RMP and register as a collaborative effort through workshops. Hijacking becomes more difficult in that setting. Saving Changes...
Thank you @Peter for resurrecting my question from second-page oblivion.
@Kiron, @Peter and @Luis:
- Is there a practical way to prevent the risk register from being a “politically hijacked CYA” instrument?
Breaking this pattern is difficult when the prime suspects for this type of content are the [1] sponsors, [2] project manager, and the [3] leads (done explicitly or through a proxy). How do we trump this ingrained human behavior to mitigate consequences?
Educating senior stakeholders on the value of effective risk management and making sure they have "skin in the game" (as per Nassim Taleb) to incent them to make good risk decisions.
