Abdulrahman AbuhayahP.M.O Director| Adaptive TechSoftRiyadh, Riyadh, Saudi Arabia
Hellow everyone, I had the following discussion with my colleague:
Friend: "what is the relationship between risk and issue?"
me: "what do you mean? they are two different things?"
My Friend repeated his question...
Me: "an issue is an existing problem recorded in the issue log and must be followed out by the project manager. a risk is an anticipated uncertainty that has a response plan associated with it, once a risk occurs, it can be mitigated, accepted, avoided...etc."
Friend: "when the risk occurs, it becomes an issue and it can be registered in the issue log"
Me: "No, when the risk occurs, it will be handled (supposedly) differently, there is a risk response plan in place, why it is needed to put it in an issue log, moreover, risks are handled differently than issues. I don't agree that risks can be input to the issue log, I don't see why."
If a negative risk is realized, it should be tracked and resolved as an issue. If there's the potential for it to be re-realized later in the life of the project, it would still remain as an open risk but you would now have some actual data to enable updating the quantitative analysis and risk response.
Kiron
...
2 replies by Abdulrahman Abuhayah
Mar 06, 2018 7:28 AM
Abdulrahman Abuhayah
...
Dear Kiron,
Thanks for your prompt replay. However, what do you mean by "realized" do you mean to know that's it's going to happen, or it started already?
Can you please be more specific
Mar 06, 2018 7:30 AM
Abdulrahman Abuhayah
...
Another question is that, why you have to track and resolve a risk as an issue? there are a complete risk management processes to handle risks? why treat it as an issue?
Saving Changes...
Pawan RaiSenior Project Manager| Axtrics Solution Pvt. Ltd.Ambala, Haryana, India
An issue has to be handled by implementing a work around.
A negative risk that was accepted with a contingency reserve of amount x will become an issue if the actual reserve that is now required to handle the risk is more than x. In such a case team needs to look for a workaround and implement it.
The same logic applies to risks where avoidance strategy was implemented but still the risk arose and became an issue. Similarly for risks for with mitigation plan that resulted in ineffective mitigation. All such scenarios would ask risk audit to identify the strong and weak areas of risk management.
On the other hand an issue can occur that was never identified as a risk in risk register. But once an issue arises then it becomes imminent to identify whether the same situations can arise again in order to document them under risk register and find a suitable response strategy. Saving Changes...
Abdulrahman AbuhayahP.M.O Director| Adaptive TechSoftRiyadh, Riyadh, Saudi Arabia
Mar 06, 2018 6:41 AM
Replying to Kiron Bondale
...
Abdulrahman -
If a negative risk is realized, it should be tracked and resolved as an issue. If there's the potential for it to be re-realized later in the life of the project, it would still remain as an open risk but you would now have some actual data to enable updating the quantitative analysis and risk response.
Kiron
Dear Kiron,
Thanks for your prompt replay. However, what do you mean by "realized" do you mean to know that's it's going to happen, or it started already?
Can you please be more specific
...
1 reply by Kiron Bondale
Mar 06, 2018 9:06 AM
Kiron Bondale
...
The term "realized" is used when a previously identified risk has occurred.
As Andrew mentioned, they are likely a different set of processes for managing issues (e.g. updating issue logs, informing certain stakeholders) but some of the resolution activity might have been already planned as part of your risk management activities.
Kiron
Saving Changes...
Abdulrahman AbuhayahP.M.O Director| Adaptive TechSoftRiyadh, Riyadh, Saudi Arabia
Mar 06, 2018 6:41 AM
Replying to Kiron Bondale
...
Abdulrahman -
If a negative risk is realized, it should be tracked and resolved as an issue. If there's the potential for it to be re-realized later in the life of the project, it would still remain as an open risk but you would now have some actual data to enable updating the quantitative analysis and risk response.
Kiron
Another question is that, why you have to track and resolve a risk as an issue? there are a complete risk management processes to handle risks? why treat it as an issue? Saving Changes...
Drew CraigSr. Agile & Product Coach| VanguardPhiladelphia, Pa, United States
A risk that has occurred is an issue. Not all issues were once risks, though. Once a risk occurs, it becomes an issue, it can be tracked and responded to accordingly. When you identify potential risks, you are planning ahead to prepare for resolution. You can apply the mitigation/response to the issue accordingly. Issues in the log are prioritized based on criticality, severity,
...
1 reply by Abdulrahman Abuhayah
Mar 06, 2018 8:00 AM
Abdulrahman Abuhayah
...
thank you andrew, but my question is: why do I have to consider and treat a risk as an issue while I have a complete process to handle the risk?
Saving Changes...
Abdulrahman AbuhayahP.M.O Director| Adaptive TechSoftRiyadh, Riyadh, Saudi Arabia
Mar 06, 2018 7:49 AM
Replying to Drew Craig
...
A risk that has occurred is an issue. Not all issues were once risks, though. Once a risk occurs, it becomes an issue, it can be tracked and responded to accordingly. When you identify potential risks, you are planning ahead to prepare for resolution. You can apply the mitigation/response to the issue accordingly. Issues in the log are prioritized based on criticality, severity,
thank you andrew, but my question is: why do I have to consider and treat a risk as an issue while I have a complete process to handle the risk?
...
1 reply by Drew Craig
Mar 06, 2018 8:16 AM
Drew Craig
...
Right, and those will be utilized, but it is an issue once it occurs. There are different ways to proceed on the issue based on its origin. If identified as a risk, you proceed as planned as you mentioned.
Saving Changes...
Guilherme CalobaProduction Engineer| PETROBRASRio De Janeiro, Rio De Janeiro, Brazil
I agree with most of you guys. I think whenever a risk occurs, it becomes an issue and we must deal with it. A continuous monitoring of the risks can help prevent and also keep track of how risks evolve throughout the project. Sometimes there is a trigger for the risk and if it is not set off, we can simply close the risk. But as risks have multiple causes, we should track them all down and only close the risk when all causes are gone. That is what I think. Saving Changes...
Abdulrahman AbuhayahP.M.O Director| Adaptive TechSoftRiyadh, Riyadh, Saudi Arabia
Thank you, everyone, for your responses, but my question: why do I have to consider and treat a risk as an issue while I have a complete more-mature process that manages risks? Saving Changes...
Drew CraigSr. Agile & Product Coach| VanguardPhiladelphia, Pa, United States
Mar 06, 2018 8:00 AM
Replying to Abdulrahman Abuhayah
...
thank you andrew, but my question is: why do I have to consider and treat a risk as an issue while I have a complete process to handle the risk?
Right, and those will be utilized, but it is an issue once it occurs. There are different ways to proceed on the issue based on its origin. If identified as a risk, you proceed as planned as you mentioned. Saving Changes...
Anonymous
Notice what you said "... once a risk occurs, it can be mitigated, accepted, avoided...etc."
If the risk occurs, how it can be mitigated or avoided - it happened.
The point of discussion is what do you a call a risk that has occurred?
Some people call it "an occurred risk" to emphasize that it was a risk that was identified and should on your risk log (or watch list). Then, you should respond to it base on your risk response plan; if you have one.
Other people, call it an "issue" because it already happened.
I prefer to call it occurred risk and issue only for things that happen and were not identified as risks. I do this for lessons learned and PM maturity reasons. Saving Changes...
