(Project) RISK MANAGEMENT PROCESS SEPTEMBER 5, 2008
212/24/2015 Purpose and Definition a structured approach for the documentation and review and risks throughout the project an approach for identification and management of mitigation strategies that can be put in place to reduce the probability of occurrence identification of those risks with the highest probability of occurrence and impact to the project for communication to and involvement of the Steering Committee for action The Risk Management Process ensures:
312/24/2015 Definitions Risks are also categorized into the following project impact categories: UnlikelyModerateLikely % chance of occurrence The risk is unlikely to occur even if no steps are taken to manage this risk. 25% - 75% chance of occurrence The potential impacts are moderately likely to occur if no steps are taken to manage this risk. > 75% chance of occurrence The potential impacts are likely to occur if no steps are taken to manage this risk. A risk is a possible future event which, if it occurs, is expected to have an undesirable impact on the project. Risks will be categorized into these probabilities of occurrence: Low Impact on schedule for a limited number of tasks, but no delay to key dates. Minor increase to project expenditures, but no noticeable degradation in quality Medium Impact on schedule for many tasks and minor delays on key dates. Major increase in project expenditures, Noticeable, but acceptable, degradation in quality, additional but acceptable risk exposure High Major impact on key dates requiring a new overall schedule. Unacceptable increase in project expenditures, Unacceptable degradation in quality and risk exposure Critical Complete project failure
412/24/2015 Guiding Principles 1)Risks should be proactively reviewed and managed by the Project Manager at lease once per month 2)The Risk Owners will be responsible for management and update of their risk mitigation plans 3)Risks should not be closed. They should live throughout the project with ongoing update to their mitigation plans and status To ensure efficiency in the process, the following will serve as guiding principles:
512/24/2015 Risk Resolution Process
612/24/2015 Process Steps Ref IDProcess StepDescriptionInput/OutputTime HorizonOwner 1Identify the RiskA risk is an element that may cause uncertain danger to the RP&A project. When a risk is discovered, a team member must contact his/her lead with all the pertinent information regarding the risk Input: Risk discovery Output: Detailed information about the Risk As necessaryProject Team 2Log the RiskThe lead must meet with the Project Manager to approve the risk and log it into the Risk log (Excel – short term or Document Repository Tool – long term). To minimize access to the log, only the Project Manager will have access to the log. Input: Detailed information about the Risk Output: Risk Management entry As necessaryProject Manager 3Communicate detail to Assignee with Risk Number If the Risk is to be assigned to a team other than the original team reporting the risk, Project Manager must communicate the Risk information to the Assigned Team Lead Input: Risk logged Output: Reassignment of Risk to different team As necessaryProject Manager 4Qualify the RiskThe Project Manager must review the Risk and detail all the relevant problems that can occur from the Risk. They must identify all the teams impacted if the Risk were to occur, and all potential loss Input: Risk logged Output: Updated Risk As necessaryProject Manager 5Track As Task, Action Item, or Issue and Update Risk Mitigation During Risk Qualification, the Project Manager may identify a Risk as being a Task, Action Item, and Issue in addition to being a Risk. If this occurs, a Task, Action Item, or Issue will be logged in Document Repository Tool, and the Risk Mitigation must contain the Task, Action Item, or Issue information. A Risk is NEVER closed Input: Updated Risk Output: Task, Action Item, and/or Issue resulting from Risk As necessaryProject Manager 6Manage the RiskThe “Assigned to Team” listed on the Risk will evaluate the Risk for a mitigation plan. This will involve proactively working with impacted teams and reporting out the mitigation plan tasks at least once per month. Risks will be reviewed within the Project Managers meeting at the first week of the month at a minimum but more frequently if warranted Input: Updated Risk Output: Possible escalation of Risk At least once/ month Project Team
712/24/2015 Process Steps Ref IDProcess StepDescriptionInput/OutputTime HorizonOwner 7Risk DispositionIf the Risk does not require any more escalation, the Project Manager will evaluate the continuing disposition of the Risk. If they feel it is still a Risk that requires a Mitigation Plan, they will choose to Mitigate the Risk. If the Risk Mitigation requires additional monies be spent, they will choose to Track the Risk as a Change Request. If the Risk should be tracked as an Issue, they will choose to Track the Risk as an Issue Input: Updated Risk Output: Decision on course of action (Create Mitigation Plan, Create Change Request, Create Issue) As necessaryProject Manager 8Propose Mitigation Plan The Project Team will update the Risk in Document Repository Tool with a detailed plan to mitigate the risk. If the Project Manager does not approve of the mitigation, the Project Team must work with the Project Manager to create an acceptable mitigation plan Input: Updated Risk Output: Detailed Mitigation Plan Immediately upon identification Project Team 9Update Risk and Log Issue If the Risk is actually an Issue, the Project Team must log an Issue in Document Repository Tool, update the Risk with the relevant information, and follow the Issue Management Process. The Risk should not be closed, but the Issue information listed as mitigation Input: Updated Risk Output: Logged Issue and Updated Risk As necessaryProject Team 10Execute Mitigation Action Items Once the Mitigation Plan is accepted, the Project Team must carry out the Action Items listed in their detailed Mitigation Plan. Input: Detailed Mitigation Plan Output: Action taken as directed by Mitigation Plan for Risk As necessaryProject Team
812/24/2015 Key Roles & Responsibilities RoleResponsibility Project Manager Communicate with Project Teams regarding current and future potential Risks Accurately track the Risk with the appropriate process (Issue, Action Item) Continuously review the Risk with the Project Team to ensure the Mitigation Plan Action Items are completed Project TeamCommunicate Risks to Project Manager in a timely manner Detail all possible problems that may result from this Risk Complete the Mitigation Plan Action Items in a timely manner to minimize the impact of the Risk on the RP&A Project There are several key roles and responsibilities necessary to ensure effectiveness of the Risk Resolution Process:
912/24/2015 Contact Information For additional information on this process, please contact… Contact Name Phone PrimarySteve SecondaryDeneeta