Presentation is loading. Please wait.

Presentation is loading. Please wait.

Plan ENTERPRISE Assess Handle Monitor RISK MANAGEMENT Communicate David Hall, SRS Technologies 11-10-03 Minimizing (Some Of) The Subjectivity in Risk Assessments.

Published byFelicia Snow Modified over 9 years ago

Similar presentations

Presentation on theme: "Plan ENTERPRISE Assess Handle Monitor RISK MANAGEMENT Communicate David Hall, SRS Technologies 11-10-03 Minimizing (Some Of) The Subjectivity in Risk Assessments."— Presentation transcript:

1 Plan ENTERPRISE Assess Handle Monitor RISK MANAGEMENT Communicate David Hall, SRS Technologies 11-10-03 Minimizing (Some Of) The Subjectivity in Risk Assessments David C. Hall Senior Risk Manager SRS Technologies – Washington Group 301-641-1530 david.hall@msd.srs.com

2 Plan ENTERPRISE Assess Handle Monitor RISK MANAGEMENT Communicate David Hall, SRS Technologies 11-10-03 How to get all (or most) risk assessments, regardless of type (software, hardware, integration, management, external, etc.) justifiable, repeatable and comparable has been one of the holy grails of Risk Management for years. Question: What is One of Our Greatest Problems?

3 Plan ENTERPRISE Assess Handle Monitor RISK MANAGEMENT Communicate David Hall, SRS Technologies 11-10-03 Objection to implementing Risk Management and acting upon risk information - risk assessments are subjective. Are the risk assessments justifiable, repeatable and comparable over an entire project? One cannot easily justify assigning a 80% likelihood to a risk occurring when others with more, the same or less experience are ascribing a 10% - 90% likelihood of occurrence to the same or a similar risk. Objection to Risk Assessments

4 Plan ENTERPRISE Assess Handle Monitor RISK MANAGEMENT Communicate David Hall, SRS Technologies 11-10-03 One possible methodology that meets at least some of this requirement. 1. Incorporate the estimated Likelihood of Occurrence into a set of specifically defined levels under a set of generic risks rather than considering it as a separate factor. Basically, the assumption behind this methodology is that the more mature the process, the more experience available, the more detailed the design, etc., the lower the likelihood of occurrence of a specific risk becomes. 2. Define specific Consequences to be used. So, How to Address This Problem?

5 Plan ENTERPRISE Assess Handle Monitor RISK MANAGEMENT Communicate David Hall, SRS Technologies 11-10-03 Generic Risk Areas Cost Development Schedule Development Requirements Definition and Stability Design and Engineering Maturity Legal Transportation Complexity History/Experience Technology Maturity Customer/User Interaction Maturity of COTS/GOTS/NDI/Reuse component Fabrication Resources Testing Required to Establish Functionality Methodology and Process Maturity Development Support Resources Personnel Hardware and Software Interface Definition and Control Hardware Product Integration Maturity Hardware and Software Integration Maturity Integration Environment and Resources Testing Required to Establish Functionality Logistics Requirement Performance Functionality Testing Support Resources Facility/Site Resources Data Requirements

6 Plan ENTERPRISE Assess Handle Monitor RISK MANAGEMENT Communicate David Hall, SRS Technologies 11-10-03 Risk Assessment Levels Technology Maturity A - Pre-Concept. Scientific research required & no supporting tech base B - Concept Development. Application concept is not complete but solid tech base C - Engineering Model/Breadboard. Functional hardware model has passed performance/functional tests for component maturation D - Prototype. Fit, form, and function have been demonstrated by a technically analogous hardware component. Prototype passed qualification & acceptance tests. E - Operational. A technically identical (but not necessarily physically identical) hardware item is currently operational and deployed in an environment similar to XXX.

7 Plan ENTERPRISE Assess Handle Monitor RISK MANAGEMENT Communicate David Hall, SRS Technologies 11-10-03 Design and Engineering Maturity A - New or breakthrough advance in design capability is required (e.g., concept design not formulated or modeled). B - Moderate engineering development is required using published design knowledge (e.g., preliminary design not completed). C - Design effort required using standard, existing components beyond their original accepted specifications levels (e.g., simple packaging changes, minor configuration changes, and tailored component changes). D - Design effort required using standard, existing components within their original specification levels (e.g., design effort and drawings completed). E - Designed or off-the-shelf item meets XXX performance requirements, but needs qualification. Risk Assessment Levels

8 Plan ENTERPRISE Assess Handle Monitor RISK MANAGEMENT Communicate David Hall, SRS Technologies 11-10-03 Risk Assessment Levels Fabrication Process A - No comparable process exists and one or more key attributes are expected to exceed the state-of-the-art. B - Integrated process is a combination of demonstrated processes and all relevant attributes are within the state-of-the-art, but are not within the norm demonstrated by the XXX team. C - Integrated process is a combination of demonstrated processes and two or more key attributes exceed the norm demonstrated by the XXX team. D - Integrated process is a combination of demonstrated processes and one key attribute exceeds the norm demonstrated by the XXX team. E - Modification of an existing XXX integrated process to meet key attributes.

9 Plan ENTERPRISE Assess Handle Monitor RISK MANAGEMENT Communicate David Hall, SRS Technologies 11-10-03 Personnel A - No approved plan to staff the development activities. B - An approved plan exists to staff the development activities, but sufficient personnel are not available. C - Sufficient personnel exist, but have less than one year average experience. D - Sufficient personnel are available with average experience exceeding one year and are functioning as a team. E - Sufficient personnel are available and have created similar validated XXX hardware items. Risk Assessment Levels

10 Plan ENTERPRISE Assess Handle Monitor RISK MANAGEMENT Communicate David Hall, SRS Technologies 11-10-03 How About Importance of the Risk Likelihood Level? Once the risk likelihood level definitions are agreed on – a Project can then establish a weighing factor for each level, And determine if they will consider any dependencies between risks.

11 Plan ENTERPRISE Assess Handle Monitor RISK MANAGEMENT Communicate David Hall, SRS Technologies 11-10-03 Consequence (Co) Definitions Catastrophic - Failure to meet the objectives would result in significant non-achievement of Key Performance Parameters, or Program derivatives of them. The failure could not be recovered in subsequent project phases without significant cost (>20% of Program budget, or $5M, whichever is greater) or schedule impact (> 10 months to critical path), or equivalent combination thereof. Major - Failure to meet the objectives would degrade the system below the Key Performance Parameters, or project derivatives of them. The failure could be recovered in subsequent project phases with moderate cost (10-20% of Program budget, or $1-5M, whichever is greater) or schedule impact (6-10 months to critical path), or equivalent combination thereof. Significant - Failure to meet the objectives would result in degradation of secondary performance requirements or a minimal to small reduction in performance. The failure could be recovered in subsequent project phases with minimal cost (5-10% of Program budget, or $500K – $1M, whichever is greater) or schedule impact (3-6 months to critical path), or equivalent combination thereof. Minor - Failure to meet the objectives would result in minimal degradation of secondary requirements. No reduction in performance. Impact to cost (<5% of Program budget or < $500K, whichever is greater) and schedule is minimal (< 3 months), or equivalent combination thereof. Negligible - Failure to meet the objectives would create insignificant impact on secondary performance requirements. No cost or schedule impact. 5 0.95 4 0.75 3 0.55 2 0.35 1 0.15

12 Plan ENTERPRISE Assess Handle Monitor RISK MANAGEMENT Communicate David Hall, SRS Technologies 11-10-03 Risk Analysis Consequence (Impact) 4 3 2 1 Likelihood 543 2 1 Level of Risk 17106 3 1 2013942 221511 7 5 241914128 2523211816 5 Low Moderate High XX ZZ EE CC YY

13 Plan ENTERPRISE Assess Handle Monitor RISK MANAGEMENT Communicate David Hall, SRS Technologies 11-10-03 COMPARE THE RELATIVE IMPORTANCE WITH RESPECT TO: GOAL 1=EQUAL 3=MODERATE 5=STRONG 7=VERY STRONG 9=EXTREME 1Technology98765432123456789Design Engr 2Technology98765432123456789Fab Process 3Technology98765432123456789Fab Reqmts 4Design Engr98765432123456789Fab Process 5Design Engr98765432123456789Fab Reqmts 6Fab Process98765432123456789Fab Reqmts AbbreviationDefinition GoalHardware Risk Assessment - Meeting PD/RR Exit Criteria TechnologyThe uncertainty in... availability and promise of technology Design EngineeringThe uncertainty... due applying technology to meet the requirements Fabrication ProcessThe uncertainty associated with the fabrication process Fabrication Resources The uncertainty with the...fabrication elements used to build... Technology.212 Design Engr.196 Fab Process.518 Fab Resources.074 Inconsistency Ratio =0.14

14 Plan ENTERPRISE Assess Handle Monitor RISK MANAGEMENT Communicate David Hall, SRS Technologies 11-10-03 Technology Maturity 50 40 30 20 10 0 5 4 1 2 3

15 Plan ENTERPRISE Assess Handle Monitor RISK MANAGEMENT Communicate David Hall, SRS Technologies 11-10-03 Quantitative Risk Scoring Technology Maturity 48 - Pre-Concept. Scientific research required & no supporting tech base 24 - Concept. Documented design meeting functional requirements is complete 16 - Engineering Model/Breadboard. Functional hardware model has passed performance/functional tests for component maturation 9 - Prototype. Fit, form, and function have been demonstrated by a technically analogous hardware component. Prototype passed qualification & acceptance tests. 4 - Operational. A technically identical (but not necessarily physically identical) hardware item is currently operational and deployed in an environment similar to XXX. Base - 100

16 Plan ENTERPRISE Assess Handle Monitor RISK MANAGEMENT Communicate David Hall, SRS Technologies 11-10-03 Risk Assessment Method HardwareSoftware Technical MaturityDesign and Engineering Maturity Design and Engineering MaturityMethodology and Process Maturity Fabrication ProcessDevelopment and Support Resources Fabrication ResourcesPersonnel Personnel COTS vs Developed Integration Hardware/Software Interface Definition and Control Hardware Product Integration Maturity Hardware/Software Integration Maturity Integration Environment and Resources Personnel Risk Score= Lo * Co Where Lo = Likelihood Level and Co = Consequence

17 Plan ENTERPRISE Assess Handle Monitor RISK MANAGEMENT Communicate David Hall, SRS Technologies 11-10-03 Consequence of Failure : 0.7 ( Degradation of Performance) Risk FactorsLo Level #1 Design & Engineering Maturity 0.240 Engineering development is required using proven design knowledge & similar products exist #2 Methodology & Process Maturity 0.200 XXX process defined, but not in place for the CSCI or documented for design applications #3 Development Support Resources0.010 Three or more required XXX software Development support resources are not in use. Those available are proven to work together #4 Personnel 0.018 Sufficient personnel are available with average Experience exceeding one year and are Functioning as a team Example: Software WBS XX Risk Assessment Other programs have similar Software – YYYY, BBBB and MM26 XXX processes are defined, but only a portion of the total development process has been utilized. Processes may change prior to June 2003 Currently host equipment and test tools are in use. Not all automated support tools are in use At or above Phase II staffing profile. Average experience is greater than one year. Comments 0.353 0.240 0.125 0.032 0.024 0.234 0.200 0.092 0.068 0.026 0.031 0.021 0.010 0.006 0.005 0.148 0.093 0.033 0.018 0.012

18 Plan ENTERPRISE Assess Handle Monitor RISK MANAGEMENT Communicate David Hall, SRS Technologies 11-10-03 WBS Elements Example: WBS Element Risk Scores Risk Scores Software ElementsHardware ElementsIntegration Elements

19 Plan ENTERPRISE Assess Handle Monitor RISK MANAGEMENT Communicate David Hall, SRS Technologies 11-10-03 Towards Better Methods Risk Management poses difficult quantitative problems. Much of conventional statistics has to do with the “average” or the “norm” or the “expected”. Risk Management has more to do with the unplanned and the “unexpected”. Three Technical Issues: 1.How do you model volatility? 2.How do you model extremes and stress events? (highly Optimized Tolerance) 3.How do you model correlation and concentration risks? “Extremes occur together”.

20 Plan ENTERPRISE Assess Handle Monitor RISK MANAGEMENT Communicate David Hall, SRS Technologies 11-10-03 Summary/Conclusions We will never get absolute results. Risk Management mainly deals with people’s actions, perceptions, feelings and concerns. Very few of our risks are “Acts of God”. This technique aids in reducing subjectivity and demands evaluation and justification for decisions about risks and reduces the objections to using risk information. It provides a technique to get all (or most) risk assessments, regardless of type (software, hardware, integration, management, external, etc.) justifiable, repeatable and comparable.

Download ppt "Plan ENTERPRISE Assess Handle Monitor RISK MANAGEMENT Communicate David Hall, SRS Technologies 11-10-03 Minimizing (Some Of) The Subjectivity in Risk Assessments."

Similar presentations

Project management.

Project management.
1 INCOSE HRA Advanced Risk Management Conference 2007 Courtney Lane INCOSE HRA Risk Management Conference November 9, 2007 Its More Than Just Numbers:

1 INCOSE HRA Advanced Risk Management Conference 2007 Courtney Lane INCOSE HRA Risk Management Conference November 9, 2007 Its More Than Just Numbers:
The Department of Energy Enterprise Risk Management Model

The Department of Energy Enterprise Risk Management Model
PROJECT RISK MANAGEMENT

PROJECT RISK MANAGEMENT
Project Cost Management Estimation Budget Cost Control

Project Cost Management Estimation Budget Cost Control
Projmgmt-1/33 DePaul University Project Management I - Risk Management Instructor: David A. Lash.

Projmgmt-1/33 DePaul University Project Management I - Risk Management Instructor: David A. Lash.
©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 1 Slide 1 Project management.

©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 1 Slide 1 Project management.
R R R CSE870: Advanced Software Engineering (Cheng): Intro to Software Engineering1 Advanced Software Engineering Dr. Cheng Overview of Software Engineering.

R R R CSE870: Advanced Software Engineering (Cheng): Intro to Software Engineering1 Advanced Software Engineering Dr. Cheng Overview of Software Engineering.
Implementation Plans and Teams IACT424/924 Corporate Network Design and Implementation.

Implementation Plans and Teams IACT424/924 Corporate Network Design and Implementation.
©Ian Sommerville 2000Software Engineering, 6th edition. Chapter 4 Slide 1 COMP201 Project Management.

©Ian Sommerville 2000Software Engineering, 6th edition. Chapter 4 Slide 1 COMP201 Project Management.
Software project management (intro)

Software project management (intro)
©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 5 Slide 1 Project management.

©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 5 Slide 1 Project management.
SQM - 1DCS - ANULECTURE 11-2005 Software Quality Management Software Quality Management Processes V & V of Critical Software & Systems Ian Hirst.

SQM - 1DCS - ANULECTURE Software Quality Management Software Quality Management Processes V & V of Critical Software & Systems Ian Hirst.
1 SOFTWARE PRODUCTION. 2 DEVELOPMENT Product Creation Means: Methods & Heuristics Measure of Success: Quality f(Fitness of Use) MANAGEMENT Efficient &

1 SOFTWARE PRODUCTION. 2 DEVELOPMENT Product Creation Means: Methods & Heuristics Measure of Success: Quality f(Fitness of Use) MANAGEMENT Efficient &
Objectives Explain the purpose and various phases of the traditional systems development life cycle (SDLC) Explain when to use an adaptive approach to.

Objectives Explain the purpose and various phases of the traditional systems development life cycle (SDLC) Explain when to use an adaptive approach to.
Systems Engineering Management

Systems Engineering Management
COMP8130 and 4130Adrian Marshall 8130 and 4130 Test Management Adrian Marshall.

COMP8130 and 4130Adrian Marshall 8130 and 4130 Test Management Adrian Marshall.
Project Management Hoang Huu Hanh, Hue University hanh-at-hueuni.edu.vn.

Project Management Hoang Huu Hanh, Hue University hanh-at-hueuni.edu.vn.
Development and Quality Plans

Development and Quality Plans
Defining the Activities. Documents  Goal Statement defines why helps manage expectations  Statement of Work what gets delivered defines scope  Software.

Defining the Activities. Documents  Goal Statement defines why helps manage expectations  Statement of Work what gets delivered defines scope  Software.

Similar presentations

Ads by Google