Rubaiyyaat AakbarHead of IT and Cybersecurity| DocDocSingapore, Singapore
What are the common approaches taken to identify risks at initial stage of a project and which one do you think is most effective? Saving Changes...
Sort By:
arlene trimbleAssistant IT Director| Local GovernmentAlamo, Ca, United States
Risk identification is a collaborative effort throughout the project lifecycle. Yes, it is very important to identify risk and develop a plan to manage it during project initiation. Everyone's input needs to be considered in risk identification - core team members' input, project stakeholders, project sponsor, business owner, vendor input, and others. Look at the lessons learned and best practices of similar projects also in your organization for additional material. Saving Changes...
Rubaiyyaat AakbarHead of IT and Cybersecurity| DocDocSingapore, Singapore
Absolutely right. So engagement with stake-holder seems the best way to identify the risks. But internal stake-holder may not be the best source always .. when it comes to engage external stake-holders or consult market survey, review report from industry, historical incident from similar project in other organization etc .. how it all can be incorporated formally by PM? Saving Changes...
Sergio Luis ConteHelping to create solutions for everyone| Worldwide based OrganizationsBuenos Aires, Argentina
I think that because the environment you are working you have a lot of external sources on hand to get information about risks. So, you do not need external people. What you need is searching for external information like PESTLE analysis or PorterĀ“s five forces analysis. Saving Changes...
PM leads a risk management. As project leader I am rarely a risk owner. My approach is to agree with a project team on meeting frequency and tools to be used. In long running projects (several years) I try to keep monthly risk review. I start with brainstorming – all functional leads contribute risk identification, scoring and mitigation actions. As tool I use combined risk matrix and FMEA. Again, all team leaders agree on specifications how to score and use tools. Risk review meeting frequency and tools used is explained in PMP (Project Management Plan). You can consider to document how you are going to measure specific risks, how you will ensure that risks did not come an issue. Meeting agenda, attendees list, outcome are documented separately.
Brainstorming is very informal meeting and usually works fine. I keep doors open and project team can send me new risks at any time. We use fishbone diagram but I do not like it. I prefer something similar to kanban. I ask team members to identify risks on sticky notes and, as team we categorize them. I leave scoring to risk owner as (s)he is SME (subject matter expert). I contribute to assign risk owners and support with preventive and mitigation actions.
There are few common challenges, so be ready to train your team first. Sometimes they struggle difference between risk prevention and risk mitigation. Team mixes a risk and an issue. Inconsistent risk scoring. Mitigation, prevention strategies are not followed. Additional actions required to mitigate risks are not included in a project scope (this leads scope creep). Actions, decisions are not documented.
Summary: work with your team, assign stakeholders as risk owners, regularly control risk management, document decisions made. Train your team, including a sponsor. Saving Changes...
