Project Management Central

Please login or join to subscribe to this thread

Topics: Risk Management
How to assess and mitigate risks in IT Infrastructure Projects?

Large IT Infrastructure projects have a reputation for being risky and costly. Risk Management becomes of strategic importance here and that is why this question.
Sort By:

Stakeholder identification plays a significant role with risk identification, assessment, and planning.

Kaushik - Risks to project performance can have severe consequences on the delivery, operation, and profitability of a project. The risk mitigation strategy can include establishing the context of the risk; identifying, evaluating and treating the risk and tracking and reporting the risk plans.

IT and infraestructure projects are the project where you can identify risk and issues more easily. That is because most of the things you have to consider are tangible. If you add software component then this is the situation where your are at a cliff`s edge. I lead several projects/programs in that niche including inside my actual work place. About how to access risk nothing new than in other type of projects and the same about the action you take for each risk (avoid, mitigate, etc)

Do yo have lessons learned from previous project?
That will be a start.
Stakeholders , technical peoples, SME.

Cone of uncertainty can be interesting, even if it was develop for the software industry I find it applicable to all industry.

Large complex project =risk; what specifically is your question? What besides risk management should you be looking at?

Technology risks in IT projects are relatively straight forward to identify. Examples:-

Human Risk - What if someone gets hurt due to manual handling risk?
Equipment Risk - What if the equipment falls down or fails?
Disasters :- What if there is a catastrophe like Flood?
Technology Risk - What if the piece of software that you are upgrading doesn't upgrade due to a system limitation/defect?

Then come vendor risks :-

What if vendor time frames slip?
What if the vendor expertise is lacking?
What if the defect resolution takes too much time?
What if the quality of deliverable is sub-par?

Then come the Human Resources risk

What if the internal staff lack expertise
What if a key staff member leaves
What if the stakeholders keep changing frequently due to a changing company structure

in short, if you categorize the various risks as you will in a non -IT project and then pay specific attention to the technology risks, you would have covered a major chunk of all possible risks.

Lots of good responses here on classification and reasons behind risks of technology projects. I believe at a strategic level a discussion of ownership of the risk (Project Sponsors) in tandem with a guidelines/process for determining a risk appetite for a project is an important step strategically addressing risk in this area.

Typically I have seen this area be handled in a very informal and on a project by project basis.

The risk profile in this area, IT projects, can be high simply by the changing nature of the IT solution area alone but, a good place to start strategically is to discuss ownership/accountability at a project sponsorship level and then a discussion as to the process to set risk appetite for the project in a formal manner and for the project.

Please login or join to reply

Content ID:

A doctor can bury his mistakes but an architect can only advise his clients to plant vines.

- Frank Lloyd Wright