Winnie LiemSenior Manager Business Experience Practice| Government of OntarioMarkham, Ontario, Canada
I was in conversation with a PM this week who had their risk list sharply criticized by a team member and told their risks were not real risks...that if the risk describes things that will be worked out in the project, they should not be listed.
I personally supported their list and spent a good hour coaching them on why risks are defined as "anything that may happen in a project".
Would like to know others opinions or experience in this area.
Joseph FernandesProject Manager| ADP CanadaToronto, Ontario, Canada
Agree that all should be considered and documented. How else would you know what to face for future similar projects if they're not part of your organizational process assets? Also, if a risk has been dealt with/mitigated, it has influenced the project outcome. It should be part of the risk list. Saving Changes...
Anonymous
We need to document all Risks expecting in order to avoid surprises and also their would be differences in team members. I am handling project come across the same situation in one of the meeting of planning team. I have spent sufficient time with the member to train and involve them in complete process. Saving Changes...
PREVOST YohannProject Manager ( Head of PMO) - PMP certified| UCBBrussels, Belgium
I already got the same issue. to my opinion, it comes from the fact that team members are not always familiar with "Risk Management". I often have to "translate" them what we should consider as a risk.
Thinks becomes more easy when Risks become true... then it's good opportunity to explain to team members .... the advantages of Risk management. They need to understand how it helps them.
To my opinion... this is the key.
regards,
Yohann Saving Changes...
Winnie LiemSenior Manager Business Experience Practice| Government of OntarioMarkham, Ontario, Canada
Risks should be accompanied by mitigation plans. So I am not sure I understand this person's statement that a risk should not be included if it can be "worked out". I assume what they mean by that is "remediated." That is the ultimate goal of risk identification-- to mitigate it so it does not materialize. Sounds like there is confusion over risk vs. issue. However, when there is reluctance to talk openly about risk, it can signify underlying cultural "challenges". Saving Changes...
Elizabeth HarrinDirector| RebelsGuideToPM.comLondon, England, United Kingdom
I agree with other posters here - the whole point of the risk list is to identify things and then add tasks to the plan to put them right. When that work is complete tasks can be closed and the risk can be closed too as it has been mitigated. But they should be on the risk log in the first place. Saving Changes...
Well, nice post.
Indeed when I write down my risks register I use the stakeholder shape tool approach. This mean that I think to all my potential stakeholders and I think what risks each stakerholders can bring into my project. I build, in this way, a risks/stakeholders matrix very useful also to prioritize my stakeholders. In this way I think that it's less probable to insert risk that are not really connected with the project. Saving Changes...
Kevin GebertDirector of Marketing| IBMS GlobalCo, United States
There will always be differences in opinion as to what items should be on the risk list. The risk manager or PM needs to establish guidelines and be the ultimate authority as to what is included in the risk list. Risks need to be specific. Saying "problems in testing may delay delivery" isn't an adequately defined risk. A risk should be defined in enough detail to be able to assess the impact and likelihood of that risk occurring and to be able to develop a mitigation plan. Frankly if there is no way to mitigate a particular risk there is really no reason to put it on the risk list, The risk list should not be just a "things to worry about" list. Saving Changes...
Winnie LiemSenior Manager Business Experience Practice| Government of OntarioMarkham, Ontario, Canada
Thanks for all the replies and insight.
If you have not read my blog...pls do so...it gives a bit more context on my answer to this PM on their dilemma and how I think some people get caught up in minutia sometimes and PMs need to have thick skin! (http://www.projectmanagement.com/blog/Proj...ernment/10770/)
Essentially, it was an issue of inexperience and a bad template that was being used to capture risks--I never asked about the specifics of what risk was deemed "wrong", but wanted instead to encourage this PM that the risk exercise is SO IMPORTANT and no one should discourage their attempt to list real risks.
Thanks all Saving Changes...
David HillsonThe Risk Doctor| The Risk Doctor PartnershipPetersfield, Hampshire, United Kingdom
Hi Winnie. Looking at your original question, I think it is right to exclude any "risk" where the response is for someone to do their job, or where we have already a standard process or activity to address the risk. I call those "business-as-usual (BAU) risks", and they don't belong in the risk register. "Real risks" are those which we haven't planned for or prepared for.
