Project Risk Management

User Generated

FAF105

Business Finance

Description

Option #1: Risk Planning

Prepare a paper in which you address each of the following in separate, titled sections framed by an introduction and a conclusion:

  1. Select a hypothetical or real project in your personal life, such as moving from one city to another or buying a house. Describe the project specifically and measurably in terms of scope, budget, schedule, and quality.
  2. Identify 3-4 logical chronological phases that comprise the entirety of the project duration and describe these phases.
  3. Brainstorm a total of eight risks facing this project, including six negative risks and two positive risks. State each of the six negative risks concisely in the form of an undesirable event and explain each risk. State each of the two positive risks concisely in the form of a desirable event and explain each risk.
  4. Prepare a table that includes the following column headings, from left to right: Project Phase, Risk, Impact, Likelihood, Composite Risk Score, Response Type, and Response Description. Populate only the first two of these columns. Populate the first column with the names of the phases identified in (2) above. Populate the second column with the eight risks identified in (3) above in such a way that each risk appears in the same row of the table as the project phase to which it pertains. Title, but do not populate, the Impact, Likelihood, Composite Risk Score, Response Type, and Response Description columns at this time. You will populate these columns as a part of your Module 6 CT Assignment.

Your paper should be 4-5 pages in length, including the table presented in (4) above. You are required to support your paper with at least three scholarly sources from the CSU-Global Library. The paper must be formatted according to the APA Requirements

Submit only one MS Word file. You may create your table for (4) above in Excel if you would like, but you must then move it successfully to the MS Word file that you submit—and the table must be readily viewable by the reader of the MS Word document. Hyperlinks, embedded files, or any other approach to incorporating the table into the MS Word document that renders the table not immediately viewable by a reader of the document—without having to take any action—are not acceptable and will result in no credit for the table.

Simple essay format with proper introduction, body and appropriate conclusion expected.


Unformatted Attachment Preview

Mastering Risk and Procurement in Project Management A Guide to Planning, Controlling, and Resolving Unexpected Problems Randal Wilson Associate Publisher: Amy Neidlinger Executive Editor: Jeanne Glasser Levine Development Editor: Natasha Torres Operations Specialist: Jodi Kemper Cover Designer: Chuti Prasertsith Managing Editor: Kristy Hart Project Editors: Laura Hernandez, Elaine Wiley Copy Editor: Language Logistics, LLC Proofreader: Katie Matejka Indexer: Erika Millen Compositor: Nonie Ratcliff Manufacturing Buyer: Dan Uhrig © 2015 by Randal Wilson Upper Saddle River, New Jersey 07458 For information about buying this title in bulk quantities, or for special sales opportunities (which may include electronic versions; custom cover designs; and content particular to your business, training goals, marketing focus, or branding interests), please contact our corporate sales department at corpsales@pearsoned.com or (800) 382-3419. For government sales inquiries, please contact governmentsales@pearsoned.com. For questions about sales outside the U.S., please contact international@pearsoned.com. Company and product names mentioned herein are the trademarks or registered trademarks of their respective owners. All rights reserved. No part of this book may be reproduced, in any form or by any means, without permission in writing from the publisher. Printed in the United States of America First Printing September 2014 ISBN-10: 0-13-383790-4 ISBN-13: 9-78-013383790-2 Pearson Education LTD. Pearson Education Australia PTY, Limited. Pearson Education Singapore, Pte. Ltd. Pearson Education Asia, Ltd. Pearson Education Canada, Ltd. Pearson Educación de Mexico, S.A. de C.V. Pearson Education—Japan Pearson Education Malaysia, Pte. Ltd. Library of Congress Control Number: 2014943267 I would like to dedicate this book to my wife Dusty and sons Nolan, Garrett, and Carlin for their support and patience through this project. This page intentionally left blank Contents Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 Problems Are Inevitable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 What Is Risk? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 Bad Risk Versus Good Risk . . . . . . . . . . . . . . . . . . . . . 3 Risk Versus Uncertainty . . . . . . . . . . . . . . . . . . . . . . . . 4 What Is Procurement? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 Risks and Procurement Go Hand-in-Hand . . . . . . . . . . . . . . 6 Seeing Is Believing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 Risk and Procurement—Planned?. . . . . . . . . . . . . . . . 8 Save the Project and Organization. . . . . . . . . . . . . . . . 8 Proactive Versus Reactive . . . . . . . . . . . . . . . . . . . . . . 9 Problem Management Versus Change Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10 Is the Project Manager a Risk?. . . . . . . . . . . . . . . . . . . . . . . 11 Organizational Culture of Risk Planning . . . . . . . . . . . . . . . 12 Part I: Risk and Procurement Planning Chapter 1 Risk Strategy and Planning . . . . . . . . . . . . . . . . . . . . . . . . 19 1.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Practical Application. . . . . . . . . . . . . . . . . . . . . . . . . . 1.2 Risk Strategy Versus Risk Planning . . . . . . . . . . . . . . . . Strategic Risk Planning. . . . . . . . . . . . . . . . . . . . . . . . Tactical Risk Planning . . . . . . . . . . . . . . . . . . . . . . . . 1.3 Develop Risk Management Plan (Process) . . . . . . . . . . Risk Identification. . . . . . . . . . . . . . . . . . . . . . . . . . . . Define Risk Tolerance . . . . . . . . . . . . . . . . . . . . . . . . Risk Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Contingency or Redesign Planning . . . . . . . . . . . . . . Risk Monitoring Process. . . . . . . . . . . . . . . . . . . . . . . Develop Risk Controls . . . . . . . . . . . . . . . . . . . . . . . . Change Management Process . . . . . . . . . . . . . . . . . . Closer for Risk Events . . . . . . . . . . . . . . . . . . . . . . . . Communicate Risk Event Results . . . . . . . . . . . . . . . Lessons Learned . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19 20 20 21 26 29 30 30 31 31 31 32 32 33 33 34 vi MASTERING RISK AND PROCUREMENT IN PROJECT MANAGEMENT 1.4 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1.5 Review Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1.6 Key Terms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1.7 PMBOK Connections (5th Ed.) . . . . . . . . . . . . . . . . . . . 1.8 Case Study (Use for Chapters 1, 2, 3, and 4). . . . . . . . . 1.9 Case Study Questions and Exercise . . . . . . . . . . . . . . . . Chapter 2 Identifying Risk . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39 2.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2.2 Information Gathering . . . . . . . . . . . . . . . . . . . . . . . . . . Who, What, and How . . . . . . . . . . . . . . . . . . . . . . . . . Activity Information Checklist . . . . . . . . . . . . . . . . . . 2.3 Identifying the Risks . . . . . . . . . . . . . . . . . . . . . . . . . . . . Resources to Help Identify Risks. . . . . . . . . . . . . . . . Types of Risks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2.4 Categorizing Risks. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . The Big Three (Triple Constraint). . . . . . . . . . . . . . . Change Management . . . . . . . . . . . . . . . . . . . . . . . . . 2.5 Documenting Risk Information . . . . . . . . . . . . . . . . . . . Risk Register . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Risk Management Plan. . . . . . . . . . . . . . . . . . . . . . . . 2.6 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2.7 Review Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2.8 Key Terms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2.9 PMBOK Connections (5th Ed.) . . . . . . . . . . . . . . . . . . . 2.10 Case Study Questions (Use Case Study in Chapter 1) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Chapter 3 34 35 35 36 36 37 39 40 41 45 46 47 52 60 61 65 66 66 67 67 69 69 69 70 Risk Analysis. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71 3.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Qualitative Analysis. . . . . . . . . . . . . . . . . . . . . . . . . . . Simple and Fast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Risk Assessment Matrix . . . . . . . . . . . . . . . . . . . . . . . Diagramming Methods. . . . . . . . . . . . . . . . . . . . . . . . Decision Tree Analysis (Non-numerical) . . . . . . . . . 3.2 Quantitative Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . Data Gathering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Beta and Triangular Probability Distributions . . . . . 71 74 74 75 76 78 78 79 80 CONTENTS Sensitivity Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . Monte Carlo Simulation . . . . . . . . . . . . . . . . . . . . . . . Decision Tree Analysis (Numerical) . . . . . . . . . . . . . 3.3 Risk Prioritizing. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . What Is Sensitive on the Project? . . . . . . . . . . . . . . . Separate by Probability and Severity . . . . . . . . . . . . . Category Weighting . . . . . . . . . . . . . . . . . . . . . . . . . . 3.4 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3.5 Review Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3.6 Key Terms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3.7 PMBOK Connections (5th Ed.) . . . . . . . . . . . . . . . . . . . 3.8 Case Study Questions (Use Case Study in Chapter 1) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Chapter 4 vii 83 84 84 87 87 88 89 89 90 91 91 91 Plan Procurement Strategy . . . . . . . . . . . . . . . . . . . . . . . . 93 4.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93 4.2 Project Procurement Requirements . . . . . . . . . . . . . . . 94 Procurement Information Sources . . . . . . . . . . . . . . 94 Special Customer Requirements . . . . . . . . . . . . . . . . 98 Regulatory Requirements. . . . . . . . . . . . . . . . . . . . . . 99 4.3 Procurement Decision Processes. . . . . . . . . . . . . . . . . 100 Make or Buy Analysis . . . . . . . . . . . . . . . . . . . . . . . . 101 Purchase Strategies. . . . . . . . . . . . . . . . . . . . . . . . . . 107 4.4 Contract Strategies . . . . . . . . . . . . . . . . . . . . . . . . . . . . 112 What Is a Contract? . . . . . . . . . . . . . . . . . . . . . . . . . 112 Why Are Contracts Used? . . . . . . . . . . . . . . . . . . . . 114 Contract Types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115 4.5 Risk Considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . 119 Buyer Versus Seller. . . . . . . . . . . . . . . . . . . . . . . . . . 119 Organizational Versus Project Level . . . . . . . . . . . . 120 Triple Constraint. . . . . . . . . . . . . . . . . . . . . . . . . . . . 121 4.6 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 122 4.7 Review Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 123 4.8 Key Terms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 124 4.9 PMBOK Connecvtions (5th Ed.) . . . . . . . . . . . . . . . . . 124 4.10 Case Study Questions (Use the Case Study in Chapter 1) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 124 viii MASTERING RISK AND PROCUREMENT IN PROJECT MANAGEMENT Part II: Project Execution Chapter 5 Risk Response Strategies. . . . . . . . . . . . . . . . . . . . . . . . . 127 5.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5.2 Strategy in Risk Response . . . . . . . . . . . . . . . . . . . . . . Reactive Response Mode . . . . . . . . . . . . . . . . . . . . . Proactive Response Mode . . . . . . . . . . . . . . . . . . . . Negative Risks. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Benefits, Trade-Offs, and Pitfalls. . . . . . . . . . . . . . . Positive Risks. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5.3 Contingency Response Strategy. . . . . . . . . . . . . . . . . . Contractual Response Strategy . . . . . . . . . . . . . . . . Organizational Process Response Planning . . . . . . . 5.4 Project Document Updates . . . . . . . . . . . . . . . . . . . . . 5.5 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5.6 Review Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5.7 Key Terms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5.8 PMBOK Connections (5th Ed.) . . . . . . . . . . . . . . . . . . 5.9 Case Study (Use for Chapters 5 and 6) . . . . . . . . . . . . 5.10 Case Study Questions . . . . . . . . . . . . . . . . . . . . . . . . . Chapter 6 127 128 128 129 130 131 133 133 134 135 137 137 139 139 139 139 140 Procurement Execution Strategies . . . . . . . . . . . . . . . . . 141 6.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6.2 Considerations Before Executing Procurements . . . . 6.3 Executing Purchases . . . . . . . . . . . . . . . . . . . . . . . . . . . 6.4 Executing Contracts . . . . . . . . . . . . . . . . . . . . . . . . . . . 6.5 Results of Executing Procurements . . . . . . . . . . . . . . . 6.6 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6.7 Review Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6.8 Key Terms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6.9 PMBOK Connections (5th Ed.) . . . . . . . . . . . . . . . . . . 6.10 Case Study Questions (Use Case Study in Chapter 5) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141 143 151 161 175 176 177 178 178 178 Part III: Integrated Monitoring and Control Chapter 7 Risk Monitoring and Control . . . . . . . . . . . . . . . . . . . . . 181 7.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 181 7.2 Risk Monitoring Techniques . . . . . . . . . . . . . . . . . . . . 182 CONTENTS 7.3 Risk Control Techniques . . . . . . . . . . . . . . . . . . . . . . . 7.4 Manage Change Control . . . . . . . . . . . . . . . . . . . . . . . 7.5 Project Document Updates . . . . . . . . . . . . . . . . . . . . . 7.6 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7.7 Review Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7.8 Key Terms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7.9 PMBOK Connections (5th Ed.) . . . . . . . . . . . . . . . . . . 7.10 Case Study (Use for Chapters 7 and 8) . . . . . . . . . . . 7.11 Case Study Questions . . . . . . . . . . . . . . . . . . . . . . . . . Chapter 8 ix 188 202 209 209 211 211 212 212 212 Procurement Monitoring and Control . . . . . . . . . . . . . . 213 8.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8.2 Procurement Monitoring Techniques . . . . . . . . . . . . . 8.3 Procurement Control Techniques . . . . . . . . . . . . . . . . 8.4 Integrated Procurement Change Control . . . . . . . . . . 8.5 Project Document Updates . . . . . . . . . . . . . . . . . . . . . 8.6 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8.7 Review Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8.8 Key Terms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8.9 PMBOK Connections (5th Ed.) . . . . . . . . . . . . . . . . . . 8.10 Case Study Questions (Use Case Study in Chapter 7) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 213 215 223 225 228 229 230 230 231 231 Part IV: Project Closer Chapter 9 Close Risk Events . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 235 9.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9.2 Evaluate Risks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9.3 Close Risk Responses . . . . . . . . . . . . . . . . . . . . . . . . . . 9.4 Claims and Disputes . . . . . . . . . . . . . . . . . . . . . . . . . . . 9.5 Documentation and Communication . . . . . . . . . . . . . 9.6 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9.7 Review Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9.8 Key Terms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9.9 PMBOK Connections (5th Ed.) . . . . . . . . . . . . . . . . . . 9.10 Case Study (Use for Chapters 9 and 10) . . . . . . . . . . 9.11 Case Study Questions . . . . . . . . . . . . . . . . . . . . . . . . . 235 236 238 241 243 244 245 245 246 246 247 x MASTERING RISK AND PROCUREMENT IN PROJECT MANAGEMENT Chapter 10 Close Procurements. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 249 10.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10.2 Evaluate Open Procurements . . . . . . . . . . . . . . . . . . 10.3 Close Procurements . . . . . . . . . . . . . . . . . . . . . . . . . . 10.4 Claims and Disputes . . . . . . . . . . . . . . . . . . . . . . . . . . Documentation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10.5 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10.6 Review Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10.7 Key Terms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10.8 PMBOK Connections (5th Ed.) . . . . . . . . . . . . . . . . . 10.9 Case Study Questions (Use Case Study from Chapter 9) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 249 250 252 257 259 260 261 262 262 262 Bibliography . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 263 Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 265 About the Author Randal Wilson, MBA, PMP, serves as Visiting Professor of Project Management, Keller Graduate School of Management, at the Elk Grove, CA DeVry University campus. His teaching style is one of addressing Project Management concepts using not only academic course guidelines and text, but includes in-depth discussions in lectures using practical application from industry experience. Mr. Wilson is currently Operations and Project Manager at Parker Hose and Fittings. He is responsible for five locations across Northern California and Nevada, as well as project management of redesigns/ renovation of existing facilities and construction of new facilities. Mr. Wilson was formally in the telecommunications industry as Senior New Product Introduction Engineer at REMEC, Inc., Senior New Product Introduction Engineer with Spectrian Corp., and Associate Design Engineer with American Microwave Technology. He also served as Senior Manufacturing Engineer at Hewlett Packard. He is a certified Project Management Professional (PMP) of the Project Management Institute. He acquired an MBA with a concentration in General Operations Management from Keller Graduate School of Management of DeVry University in Fremont, California, and a Bachelor of Science in Technical Management with a concentration in Project Management from DeVry University in Fremont. This page intentionally left blank Introduction Manufacturing, distribution, sales, and service organizations have one thing in common: the requirement of resources. An organization’s success, in many cases, is a direct function of how it obtains and manages resources to carry out its strategic business objectives. The organization’s first and most important task is to obtain management personnel who are skilled and experienced in acquiring and managing resources, which may include: • Human resources • Materials and supplies • Equipment and facilities • Transportation • Finances • Intellectual property In the process of obtaining resources within all organizations, either for daily operations or for special projects, there are two givens: Resources must be obtained, and they have the potential to be problematic. The challenge, then, is how to obtain the correct resources at the right time and for a cost equitable for the organization, as well as how to manage any potential problems that may occur with a given resource. Mastering Risk and Procurement in Project Management has been designed not only to explain basic concepts in risk and procurement management, but also to offer tools and techniques that can be used by a project manager, project staff, and supporting departments that would be associated with risk or procurement. 1 2 MASTERING RISK AND PROCUREMENT IN PROJECT MANAGEMENT Problems Are Inevitable As organizations utilize resources in daily operations and within projects, it becomes quickly evident that a variety of problems and issues can be associated with resources. Human resources are often the primary resources used across organizations. Given the potential of variability in skills, individualism, reliability, and work ethic, they can bring to the table an array of challenges and problems. An interesting component of human resources is that although people are often the source of a variety of problems, they also have the ability to solve them, which is typically not the case for other types of resources. Problems can also be associated with other resources, such as materials and supplies. They can be incorrect, get damaged, or fail as a result of poor quality. Equipment and facilities can develop problems that can render them less effective or inoperable altogether. Some organizations can have financial challenges that make it difficult to fund projects, constraining project managers in their need to obtain and schedule resources for work activities. Regardless of what type of resource is used, problems are inevitable, and the project manager must develop a system to deal with problems throughout the project lifecycle. As problems are not designed to happen on projects, they are typically characterized as having a potential to occur, which we commonly refer to as risk. The second component of projects that inevitably develops problems is associated with purchasing items required for project work activities and acquiring subcontractors. The purchasing aspect of a project can itself introduce several types of problems and is in many cases connected to risk management. The area of purchasing and acquiring items for the project is commonly referred to as conducting procurement. What Is Risk? Risk is generally defined within project management as a potential influence producing a positive or negative outcome. We look at the definition of risk within the context of a project as any influence to a work activity that generates an outcome that was not expected. INTRODUCTION 3 EXAMPLE A work activity is being performed outdoors, and poor weather is imminent. Rain, in and of itself, is not necessarily bad; Earth requires rain, and on some days it can actually be relaxing. Rain becomes a problem if it impacts a work activity, such as damaging materials and supplies, rendering equipment inoperable, or simply forcing a shutdown, causing a schedule delay. The rain therefore has the potential to create an influence that can alter the outcome of a work activity, thus creating a problem. The rain is not designed as a normally scheduled part of work activity, so we consider it to be a potential “risk.” Bad Risk Versus Good Risk Events or circumstances that have a potential to influence work activity can result in either a negative or a positive outcome. As we saw in the example, relative to a specific work activity, rain can present a bad risk. Another form of potential risk is the use of external human resources that have been subcontracted to perform work activity. These individuals not being a part of the organization can present issues such as difficulty in team environments, ignorance of organizational processes and culture, or personality conflict with management and staff they work with directly—all typically risks associated with a negative outcome. However, over time the same external resource might exhibit a much higher level of ability and knowledge, therefore completing the assigned task much more quickly and allowing the work activity to be ahead of schedule. So, although there is a potential risk in using subcontractors, their influence can also create a positive outcome. Project managers should always have a conceptual understanding of risk—that although risks can generate negative outcomes, there are occasions where positive things come out of what was thought to be a potential negative risk. The project manager would then seek to exploit these positive outcomes to yield the maximum benefit for the project. 4 MASTERING RISK AND PROCUREMENT IN PROJECT MANAGEMENT Risk Versus Uncertainty As the project manager plans work activities and evaluates all the resources that are required, he begins to see where potential problems might insert themselves. This is where the project manager can begin to identify risks and possibly plan responses. As we have seen, some influences can be identified as “potential” problems and therefore can be planned for and worked around, but there are also issues and influences that cannot be anticipated and were nowhere on the radar. These are called uncertainties. Risks are influences that can be identified as having a potential to create a problem, whereas uncertainties are problems that happen that could not have been identified prior to the work activity. EXAMPLE An uncertainty might be in the case of an earthquake that could potentially damage a construction project. Although rain, tornadoes, lightning, mudslides, and earthquakes are often called acts of God and are the very definition of uncertainty, they can also be considered risks because our current technology can predict the potential of inclement weather, and thus they can be planned for to some degree. Uncertainty would be an influence that cannot be foreseen and that occurs without notice. In the case of a construction project, an uncertainty could be a massive earthquake that happens without notice, resulting in a negative outcome. What Is Procurement? Most projects require resources that are obtained through purchasing or subcontracting; this is called conducting procurement. Most organizations have individuals or entire departments dedicated to the task of purchasing what the organization needs to run its daily operations. When a project manager has outlined all of the work activities and resources required to complete each activity, she submits a INTRODUCTION 5 list of all items that need to be purchased and/or contracted throughout the project lifecycle. Procurements can be classified into two general categories: items that need to be purchased and resources that must be managed through a contract agreement. • Purchases Items that need to be obtained for project activities are simply purchased through suppliers or vendors. This can be accomplished by the purchasing agent selecting items through a catalog or website, contacting the supplier/vendor, placing the order, establishing delivery requirements, and agreeing on payment terms and conditions. As soon as the item has been delivered and it is confirmed that it meets expectations, payment can be made and the transaction closed. • Contracts Another form of obtaining resources is the use of a contract agreement. In many cases, contracts are used to acquire external human resources needed for special tasks on work activities or perhaps the lease of equipment or facilities that will be used on work activities. As there is a certain amount of risk for both the buyer and seller in acquiring these type of resources, outlining the conditions of the contract is important and must cover the following: • Scope of work to be performed • Specific identification of a piece of equipment or facility • Terms of its use or environment • Duration that the buyer plans to have the resource • Agreed upon price • Special terms or conditions that would address risk for the buyer or seller An agreement signed by both parties forms a legal binding contract requiring both parties to fulfill their responsibilities identified in the document(s). 6 MASTERING RISK AND PROCUREMENT IN PROJECT MANAGEMENT Risks and Procurement Go Hand-in-Hand Risks associated with various aspects of the project might include correctly interpreting the customer’s requirements for a deliverable, selecting projects that are appropriate for the organization, and availability of resources within the organization to carry out project work activities, but there are also risks associated in the process of conducting procurement. Most projects require items to be purchased and/ or some form of contract agreement that will have the potential of introducing risk. This being the case, why are risks associated with things that have to be purchased? • Risk Is a Threshold Within Procurement—The fundamental philosophy regarding risk is the identification of a potential problem that might or might not happen. When the purchasing agent is tasked with obtaining an item from a supplier/vendor, there are three primary components that determine the transaction’s success: • Buyer’s Responsibility—To start the transaction, the purchasing agent must ensure he has all the information required to correctly identify what needs to be purchased. He must also identify a seller that can provide the item in the correct form, fit, and function; at a reasonable price; and within time constraints. If the purchasing agent has correctly identified a seller that can fulfill these requirements, the transaction can be initiated. The purchasing agent, project manager, or other staff must confirm delivery of the item and that it has met all identified requirements. The purchasing agent must then ensure that full payment has been made, and the transaction can be closed. • Seller’s Responsibility—In response to an inquiry by a purchasing agent, the seller is responsible for ensuring she understands all of the requirements of the item that is intended to be purchased. The seller must inform the buyer of any special options associated with a particular item that the company offers as well as verify her ability to get it to the buyer. The seller must be truthful that the offered item meets all requirements communicated by the buyer and not INTRODUCTION 7 mislead for purposes of making the sale. The seller must also verify pricing is correct and be upfront about any extra fees or costs applied—such as shipping and handling, and/ or tax—to give the buyer the full actual cost of the item. The seller must also be diligent in ensuring the item is delivered to the intended location by the date she committed to and packaged in such a way that the item will not be damaged during shipment. • Delivery Responsibility—As the purchased item leaves the seller’s location and is in transit to the buyer’s location, the responsibility lies with the organization contracted to deliver it. As the seller has a responsibility to correctly package an item for delivery, it is the delivery company’s responsibility to ensure the item is not damaged in transit, regardless if the item’s destination is a third party, the buyer, or the seller. As we have seen in these primary components of successfully managing the transaction of procuring an item and having it successfully delivered and being correct in form, fit, and function, we can see that risk is associated with every aspect of conducting procurement. We can look at procurement as having a level, or threshold, of risk associated with it, and this is why risk and procurement go hand-in-hand. In the case where the purchasing agent is using a contract agreement to obtain an external resource, there will also be a buyer/seller relationship, and in some cases a delivery component required. The same buyer/seller responsibilities exist within a contract and can even include the complication of special terms and conditions the can add even more risk in using contracted resources. We know procurement is part of every project to some degree, and given the nature of things that have to be purchased or contracted, procurement can introduce a large component of risk throughout the project lifecycle. The project manager must be aware that the procurement process can generate potential problems and that he must work closely with those involved in procurement to manage risks associated with it. 8 MASTERING RISK AND PROCUREMENT IN PROJECT MANAGEMENT Seeing Is Believing As the project manager begins to develop the project plan, which includes breaking down the project deliverables into their smallest components, understanding all resources that are required, estimating costs, and scheduling, she begins to see where potential problems may occur that could have impact on the project. The most important tool a project manager could have in managing projects is seeing problems ahead of time and being prepared with responses. When the project manager can see areas of potential problems and can plan for these problems, she becomes a believer that risk can be managed if planned for correctly. Risk and Procurement—Planned? Most project managers will agree that certain responses that were planned ahead of time saved or protected not only a project activity, but also the schedule or perhaps even the project’s budget. Planning for risks allows for the project manager and staff to have a response ready in case a problem occurs. This can mean the difference between having the time to design the best response possible versus having no time and making knee-jerk reactions that will simply put a Band-Aid on the problem and generally be a more expensive solution. Project managers, in planning for risk with well-designed responses, can actually be one of the project’s biggest assets in protecting not only the project but also the organization from problems that could be anywhere from minor to having a catastrophic impact. Save the Project and Organization A project manager has a responsibility to ensure the completion of all work activities that produce the project deliverable, which in turn meets the expectations of the project objective. He also has the authority to plan and manage all of the work activities, as well as the responsibility to plan for and manage risk throughout the project lifecycle. If the project manager is seen as the individual who ensures the outcome of the project deliverable, he can also be seen as the INTRODUCTION 9 individual who might ultimately save the project from its own problems through risk management. In some cases the project manager has not only saved the project budget, schedule, and quality of the deliverable, but has protected the organization from legal action that might have been a possibility through certain contract agreements but was managed in a risk response. Project managers and purchasing agents within the procurement department know that the use of contracts and how they are negotiated can be used as a risk management tool—and can accordingly mitigate or eliminate risks associated with a bigger picture regarding the entire organization in regard to potential legal actions. Proactive Versus Reactive As we’ve stated, one of the most powerful tools the project manager can have is visibility of all potential risks and a best-case-scenario risk response planned for each of them ahead of time. Unfortunately, as projects are developed, project managers can find themselves very busy, and identifying and planning risk responses will either be a lesser priority or will not be completed at all. This is unfortunate, as we can see in Figure I.1. Failing to plan for risks can ultimately have an impact on the project deliverable, budget, and schedule. Project Life Cycle - Impact of Risks Based on Response Planning Conceptual Planning Execution Closure Identifying Risks Planning Responses Executing Responses Closing Responses Effects to Budget and Schedule Degregation in Qualtiy to Deliverable Knowledge of Risks Impact of Risks without Planned Responses Impact of Risks with Planned Responses Figure I.1 Impact to Project with and without Risk Planning 10 MASTERING RISK AND PROCUREMENT IN PROJECT MANAGEMENT When project managers are trying to manage work activities, issues arise on a regular basis that he must deal with. Some are minor, simply just making the decision of one thing over another, while in other cases a problem has actually occurred and needs a response and corrective action. When the project manager has no time to think of a best-case scenario response, “reacting” to a problem indicates the problem has already occurred and the project manager is simply performing damage control. Project managers discipline themselves to allocate time before a project starts to identify potential problems, predict the probability of occurrence, analyze potential impact to the project, and use resources available to identify best case scenario responses. This is an example of working in a “proactive” response mode. When project managers are proactive in response planning, they have a roadmap of potential problems and are almost waiting for them to occur. From this position, in some cases the project manager and project staff can actually make alterations to a work activity prior to a potential risk to simply eliminate it. Being proactive in risk identification and response planning gives the project manager confidence throughout the project lifecycle that they can not only see problems before they happen, but they have an opportunity to eliminate them, or, at worst, have a response for a best-case scenario outcome that is in the best interest of the project in the organization. Problem Management Versus Change Management Although project managers do the best they can in identifying potential “problems” that may occur throughout the project lifecycle, the one uncertainty project managers cannot plan for are any changes that will be required throughout the project lifecycle. As we have seen, when the project manager operates in a proactive mode, it is because she has developed a process that outlines steps to take in certain scenarios. As we have seen, developing a risk management plan is a process the project manager can follow to consistently deal with potential problems. Another process the project manager can use is to address changes required throughout the project lifecycle. INTRODUCTION 11 Some project managers view change as a problem—and therefore a risk—that should be mitigated or eliminated. A customer might make a request to alter something on the project deliverable before it is completed so it will meet newly discovered conditions. As much as we would love to have the customer understand “all” specifications required for their deliverable at the beginning of a project, in some situations the customer may be working within a developing environment, and alterations to the deliverable might have to be made in order for it to work correctly in what the customer is developing. In this case, allowing for a project deliverable to be changed on the fly would be seen as good customer service. In other cases, items that are procured might have to be altered slightly depending on availability or work required by an externally subcontracted resource. These types of changes are also inevitable but should be seen as opportunities to perfect what the project is trying to accomplish, rather than as an obstacle. Like any other aspect of the project, the project manager should develop a change management process to ensure changes are conducted correctly and efficiently and are implemented with minimal impact to the project. A detailed change management process is introduced later in this book. Project managers can use this powerful tool to control how change is managed on projects. Is the Project Manager a Risk? As we have seen throughout this introduction, there are several aspects regarding the management of project risk and procurement that the project manager either has direct responsibility for or will be involved in to some degree. Because the project manager has several responsibilities, such as the development of the project work breakdown structure, estimating a budget, and developing a project schedule, we can see that the project manager can pose a risk to the project based on his own knowledge, experience, and skill set—yes, a project manager himself can be a risk! In some cases, the organization does not employ professional project managers to oversee projects but simply chooses a functional 12 MASTERING RISK AND PROCUREMENT IN PROJECT MANAGEMENT manager or someone else within the organization to oversee project activities. In this condition, the manager selected to oversee a project can cause several problems as a result of mismanagement. Even professional project managers hired within the organization to officially develop and manage projects have a wide variety of experience and skill sets, and they can introduce potential problems throughout the project lifecycle. As more organizations see how the benefits of properly managed projects far outweighs the damage control resulting from projects with budget overruns, delayed schedules, and incorrectly developed project deliverables, they realize how important it is to select a project manager with the skills and experience to properly develop and manage a project. And when an organization understands that successes and failures on a project are not only the result of the project manager’s abilities and work ethic, but is a result of everyone’s efforts, including the project staff and supporting departments, a culture of effective risk management can be felt throughout the organization. This culture of risk awareness, with everyone considering risk management a part of his or her job, can be one of the strongest assets the project can have. Organizational Culture of Risk Planning Organizations in which projects are a large component of the business strategy have an understanding of the potential impact risks can have on not only projects, but throughout the organization—and so they often have a strong risk awareness culture. Organizations that are structured with functional departments that carry out dayto-day operations that do not necessarily function on a project basis and are not intimately associated with the organization’s business on the whole, can struggle with the concept of risk management in how problems on a project can affect an organization. Regardless of the organization structure, a project manager assigned to oversee a project must ensure certain project processes are developed and will be used throughout the project lifecycle. This is important, as processes are used to outline what is required as well INTRODUCTION 13 as to ensure consistency in the process. As the project manager is addressing the area of risk and procurement on a project, she must also ensure processes are in place to manage these items. • Risk and Procurement as a Process—As an organization matures with the use of projects, hopefully staff within the organization is also seeing the benefit of processes used to manage risk and procurement throughout a project lifecycle. The benefit of developing a process is it provides a step-by-step instruction to conduct items, which is important to effectively manage what the process is developed for. This book includes processes that can be used in managing all aspects of risk, as well as procurement on most types of projects. Although these can be simple processes, they can be used on complex projects and in their simplicity can be easily understood by not only a project manager but by other project staff that may be assisting with project tasks. It is important that the development of a process remain simple, as the fundamental steps can be used on either simple projects or complex projects, but those using the process will not lose sight of the overall concept of what the process is trying to accomplish. • PMBOK Processes—The Project Management Institute (PMI) has published a book called A Guide to the Project Management Body of Knowledge (PMBOK Guide) that is used worldwide as a standard project managers can follow that will assist in the understanding of processes used throughout all aspects of managing projects. Several processes regarding risk and procurement management called out in the PMBOK are used in this text for general conceptual understanding of risk and procurement management and, in many cases, are explained in further detail and with the use of examples in regard to specific applications. • Documentation—As the project manager develops the overall project management plan, there are several individual plans included that outline all of the process steps required for each aspect of the overall project. Other documents used in the organization that will house information regarding project activities 14 MASTERING RISK AND PROCUREMENT IN PROJECT MANAGEMENT may include documents within the Accounting department, Procurement department, Project Management Office (PMO), and Human Resources, as well as general documents such as a Lessons Learned document included with the completion of each project. With regard to risk management and procurement management, there are two primary documents used in the project management plan that outline all specific steps required for each of these two areas, which include: • Risk Management Plan—Houses all of the information regarding how risk is to be managed throughout the project lifecycle. This includes identification of risk, analysis of risk, response plans, documentation of risk and responses, and any staff identified to assist in managing risk throughout the project lifecycle. The risk management plan also includes all of the processes used and specific steps required to correctly and effectively carry out each aspect of managing risk. The project manager is typically the owner and manager of the risk management plan for each project and would be the individual responsible for developing the plan and/or any modifications or additions to the plan throughout the project lifecycle. • Procurement Management Plan—Houses all of the information regarding how procurement should be conducted throughout the project lifecycle. This plan is typically developed as a joint effort between the project manager, the Procurement department, and sometimes the Accounting department. It houses all of the processes required to correctly and effectively carry out procurement throughout the project lifecycle. This can include conducting purchases, negotiating contracts, any specific pricing schedules that might be required, as well as roles and responsibilities required to negotiate contracts and effectively conduct procurement. This document can be developed by either the project manager or the procurement manager, and both of these individuals will need to have a clear understanding of the development of processes within the procurement management plan; roles and responsibilities of management overseeing aspects of procurement; and the management of INTRODUCTION 15 human resources that will be conducting procurement and accounting functions. The important aspect here is that all processes required are included in the procurement management plan, and that everyone involved in this plan is on the same page as to the understanding of the processes included. • Lessons Learned—Another important document that is used throughout project management is the Lessons Learned document used to record not only problems relative to risk management and/or procurement, but successes due to processes that were designed and implemented, resulting in a positive outcome. The Lessons Learned document is typically regarded as an important document within project management, as project managers use this document at the beginning stages of developing a project to avoid problems that have occurred on prior projects. Project managers can use valuable information from prior projects in the development of the risk management plan in identifying potential problems and successful responses of problems that occurred on prior projects. This can save the project manager a great deal of time (and in some cases, guesswork) as to what a successful response to a particular risk might be. Project managers can also use the Lessons Learned document to gain valuable information on prior purchases or the use of subcontractors to avoid problems or issues seen on past projects. This can, in some cases, save the organization a great deal of money and time in selecting a more appropriate response to a risk over a response that might have made more sense if other details of the risk had been unknown. Lessons Learned documents have proven to be a valuable source of information for the project manager in developing the project management plan and should always be a document every project manager develops and uses throughout the project lifecycle to record information that would be valuable for later use. In many ways, the success of a project manager can be boiled down to the simple fact of how much information he has and how 16 MASTERING RISK AND PROCUREMENT IN PROJECT MANAGEMENT he uses that information to develop and manage a project. Project managers are the first to admit that knowledge is power, and the more they know about their projects at the beginning stages, the better they can plan. The two key components in planning are to correctly identify what has to be accomplished in work activities to complete a project deliverable, and how to effectively address and manage problems that occur throughout the project lifecycle that could impact budget and schedule. Project managers are generally tasked with the development of a project management plan, and how the project manager develops this plan largely dictates its success. It is incumbent on the project manager to view the project in a best-case scenario where simply planning all of the activities and resources required to accomplish an objective should be sufficient, but planning for problems is equally as important, given their potential to destroy or delay a project. All too often the project manager gets wrapped up at the beginning of the project in ensuring that all of the normal activities, resources, and purchases are in place but does not leave time to identify and plan responses for potential problems. If the project manager has allocated time to design a project that will be conducted correctly, ensuring a project deliverable is completed on budget and on schedule, it is also the project manager’s responsibility to plan for risks and responses that will also ensure the project deliverable is completed on schedule and on budget. The project manager, in planning risk responses and procurement in advance of the project, is actually being proactive in protecting the project from its own resources and activities. Part I Risk and Procurement Planning Chapter 1 Risk Strategy and Planning . . . . . . . . . . . . . . . . . . . 19 Chapter 2 Identifying Risk . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39 Chapter 3 Risk Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71 Chapter 4 Plan Procurement Strategy . . . . . . . . . . . . . . . . . . . 93 Project managers spend a great deal of time at the beginning of a project planning various components of a project. This can include the assessment of risk and everything that will need to be purchased, which is called procurement. As the project manager prepares to evaluate risk throughout the project lifecycle, she must plan the details of all the activities to be carried out. This allows her to correctly evaluate and effectively plan for risks on her project, creating what is called the risk management plan. One of the most powerful tools a project manager can have is a plan for problems that could potentially cause a negative effect on work activity. If the project manager is aware of potential problems at the beginning of a project, he can analyze the probability of the problem occurring and its potential impact on a project deliverable, budget, or schedule, and then he can develop a response intended to reduce or eliminate the risk. If the project manager has a list of potential risks for each work activity and a response for each risk prepared, he can anticipate problems before they happen and reduce or eliminate the impact the risk could have on the work activity. This is like giving the project manager a crystal ball and having the answers to problems before they happen. 18 MASTERING RISK AND PROCUREMENT IN PROJECT MANAGEMENT The key elements in developing a risk management plan are identifying risks, analyzing risks for their probability of occurrence and potential impact to the project, and planning a response that would be most effective in reducing or eliminating the risk. Developing this plan puts the project manager in a proactive response mode to effectively manage the development of the project deliverable and keep the project on budget and on schedule. Another important component required on projects is the acquisition of all human resources, materials and supplies, equipment and facilities, and funding necessary to carry out work activities required to accomplish a project objective; this is called procurement. As you will discover throughout this book, there are multiple ways to purchase items and negotiate contracts that can actually be used as a strategy by both the project manager and purchasing agents. As relationships are developed with suppliers, vendors, and subcontractors, there also is risk in conducting transactions. Developing a strategy for procurement can help in reducing risk. Although project managers typically have the bigger picture in mind and can see where items will need to be purchased throughout the project lifecycle, they can also work with the procurement department to make volume purchases or deals at strategic times throughout the project lifecycle in order to, for example, take advantage of special pricing or delivery conditions that can save either time or money. Procurement presents opportunities for both the project manager and purchasing agents to use strategy to ensure items purchased are correct, are purchased at or below budget, and are delivered on or before they are scheduled. Project managers should allocate time at the beginning of a project to develop the risk management plan, and time should also be invested in developing a procurement management plan. With regard to planning risk, quality time spent at the beginning of the project is a valuable investment—problems are inevitable throughout the project lifecycle, and being prepared for problems puts the project manager a step ahead in proactively managing the project. 1 Risk Strategy and Planning 1.1 Introduction All projects, large or small, simple or complex, have the potential for project activities to face changes due to the reality of risk events and their influence. There are two types of events—risks and uncertainties. The project manager must develop a plan to address these types of issues. The first step in addressing risk on projects is to understand that risk events will likely happen to some degree on every project, and a plan for dealing with risk should be developed. The best way the project manager can accomplish this is to change the mindset from worrying about problems that might occur to designing a risk management plan as a process that’s carried out on every project. As with many things that need to happen in the development of a project, such as developing plans for managing schedules, cost, human resources, scope, and stakeholders, a plan for risk should be developed along with all of these. One of the best things a project manager can do to improve his effectiveness is to develop processes for all of the things that must be managed and use these processes as tools on every project, like a project management template. The more these tools (processes) are used, they can be improved and made more effective, allowing the project manager to have more control over how the project is designed and carried out. When the project manager includes risk management as a process in the development of a project, she changes her way of evaluating risk from that of designing reactive responses to developing a 19 20 MASTERING RISK AND PROCUREMENT IN PROJECT MANAGEMENT proactive mitigation or elimination plan. The primary difference with this line of thought is to expect risk events to happen and therefore design the project to best mitigate or eliminate risks in the planning stages of the project development. Practical Application The concept of proactive planning was developed in the manufacturing environment. During the design review process, manufacturing engineers develop processes for manufacturing a prototype product. Design engineers typically design products for best performance, whereas manufacturing engineers look at the product in terms of potential problems that might occur in the manufacturing of the product or in longevity as a result of design flaws in the functional assembly of the prototype that may result in failures. This created the concept of Design for Manufacturing (DFM). When project managers evaluate the design (development) of a project and look at each activity from a functionality standpoint as a process step, in many cases design flaws can be found, and opportunities to improve an activity can mitigate or even eliminate risk events before the activity starts. This type of thinking requires the project manager to look at the project through different eyes and think outside the box of how things can go wrong on a project. Proactive risk planning requires understanding the processes within the project well enough to understand how they can go wrong in order to evaluate how they can be modified to mitigate or eliminate risk events. This chapter explores the concept of planning a risk strategy or process, as well as tools and techniques the project manager can employ to not only plan for risk, but also to actually design projects to eliminate risk. 1.2 Risk Strategy Versus Risk Planning Projects, given their structure of organized activities, have a propensity to attract problems and to change; therefore, project managers need to have a way to address how they will deal with problems on a project. This can sometimes be a confusing phase of project CHAPTER 1 • RISK STRATEGY AND PLANNING 21 development, as the project manager has to decipher what can be several levels of information that can be used in developing an approach to addressing potential risks. To help avoid confusion, we must first separate and define two major levels of how the project manager approaches problems within a given organizational structure for a specific project—Risk Strategy and Risk Planning. In the role of project manager, an individual is in a position to be involved with management level decisions and organizational strategy in addition to working closely with those involved in project work activities. Depending on how the organization is structured, this can put the project manager in a confusing dilemma of what true responsibilities they have within the organization and the importance of understanding what managerial level the position actually holds. In most organizations, higher levels of management focus more on organizational strategy—a global approach to address processes throughout the organization. Lower levels of management deal more in the tactical areas of day-to-day activities and the responsibility of dealing with issues specific to those activities. The project manager must understand what level he is operating at to avoid confusion in understanding his responsibility and whether he is in strategic planning or in a more tactical level of planning for a specific project. The primary difference between risk and strategic planning is that risk planning has a smaller scope and is used more as a tactical tool for addressing specific types of risks relative to specific project activities. Risk strategy has a larger scope and addresses how the organization is structured and the philosophy of how the organization is designed to address problems and change. Most organizations have some form of strategic plan for risk and change management, and it may be a structured, well thought-out plan or just simply common knowledge passed down through the years. Following are some of the common general areas that might be included at each level. Later in this chapter we cover developing a risk management plan at the tactical level in more detail. Strategic Risk Planning Organizations, whether they have projects or not, have to address the reality of risk events happening that will have an impact on the 22 MASTERING RISK AND PROCUREMENT IN PROJECT MANAGEMENT operation in some way, shape, or form. This can be risks seen within the accounting department, engineering department, executive management decisions, as well as manufacturing, shipping and receiving, and sales. Once organizations are established and have been in operation, they have to address risk events and ultimately must decide how to deal with the outcomes. Most organizations do this with a reactive approach, where they will not necessarily have planned for risk events specifically but simply respond to them as they occur. Senior and executive management ultimately make decisions as to the success of various responses to risk within the organization to assess their position for future risk events. This could be in the form of establishing who in executive level is responsible for managing the response to risk events, what level of risk tolerance the organization is willing to accept, and how risk management is designed and controlled on projects conducted within the organization. This is an important step for executive management, as this does not state how to specifically address a particular risk event, but more the philosophy and how the organization deals with risk events in general. Following are examples of some of the general areas that can be addressed by the organization on more of a strategic level. • Organizational structure—Relative to project management and depending on the size and type of business they are engaged in, organizations align their operation in one of three types of structures: • Functional—This structure is used to manage projects within functional departments of the organization. Functional managers have authority over resources within the department to be used on departmental activities and special projects. In most cases, functional managers might also assume the role of project manager within their departments. If a project manager is assigned to a special project within a department, he may have little or no authority and is used more as an expediter. In most cases, projects conducted within functional or departmental structures use a “respond as needed” or “reactive” approach to managing risk events because the functional manager does not have time to outline risk planning for projects conducted within his department. CHAPTER 1 • RISK STRATEGY AND PLANNING 23 This is unfortunate, as risk events, depending on their severity and impact to a project or department, can have a variety of results in financial loss, time lost by human resources, as well as any impact to equipment or materials that were damaged or must be replaced. This is largely due to the strategic plan of projects being used internally in the form of process development or improvements, or some other function needed within a specific department, and does not require a full scale formalized project management approach. • Projectized—This structure is used in organizations that have projects as their primary business model. This is seen in large-scale manufacturing such as aircraft, large ground transportation, and construction that builds buildings and bridges. These organizations are accustomed to assigning project managers or program managers to oversee these large endeavors, and solid risk planning is commonplace. The project manager commands a high level of authority and responsibility within this structure. In most cases, human resources report directly to the project manager, and he has full control over the development of the project. The culture of projectized organizations takes the potential of risk events very seriously and “designs in risk mitigation and elimination” as much as possible to project activities. In some cases specialized risk managers are assigned to projects with the responsibility of risk identification, analysis, and preplanning prior to a project starting, which puts this type of structure into a “proactive planning” mode for optimum effectiveness. This type of organization also realizes maximized profits are a direct result of controlling supply chain, work activity efficiency, and the reduction or elimination of risk events. • Matrix—This type of organization is a hybrid or blend of both the functional and the projectized types of structures, using the strengths of each to improve the use of projects within the organization. This structure still utilizes functional departments but has major projects working independently and utilizing resources from departments for specific 24 MASTERING RISK AND PROCUREMENT IN PROJECT MANAGEMENT activities on the project. The project manager has authority over the project itself and the scheduling of resources required for project activities, but in most cases, human resources still reports directly to their functional managers. The project manager typically has the responsibility of developing the entire project plan, which includes a risk management plan but does not have the added responsibility of the human resources piece. In most cases, the project manager has the opportunity to perform risk assessment prior to the start of the project, allowing her the benefits of managing risk in a “proactive planning” mode. • Risk tolerance—This is the fundamental philosophy of how to view a potential risk with regard to the threshold of impact that is deemed acceptable. Depending on the type of organizational structure (functional, projectized, or matrix), project managers usually have a rough order of magnitude idea from senior and executive management as to the general approach to taking risks within an organization. This might be a philosophy passed down through the ranks of management, or this might be from lessons learned and a general agreed upon threshold of risk that can be accepted on any given project. The term philosophy of risk tolerance stems from one of three basic human responses given the potential of risk: • Averse—Generally classified as conservative and would have a low tolerance for risk impact, this type of person does not want to take risks, but plans risk responses accepting outcomes that are more certain and predictable. This person also avoids taking risks for potential advantage or gain, preferring the status quo over potential loss. • Neutral—Classified as neutral or nominal, this individual has a moderate tolerance for risk impact. This person might accept small levels of risk but will generally avoid larger risks with greater impact. • Seeker—With a more liberal approach, allowing for risks and having a high tolerance for risk impact, this person does not have a problem taking risks even with uncertain outcomes and is more inclined to take a risk for a particular advantage or gain. CHAPTER 1 • RISK STRATEGY AND PLANNING 25 Because these types of responses are more a function of the personality of a particular manager or executive, most organizations determine the level of risk tolerance to be used on projects based on the types of projects and the impact of certain risks. The strategic level of risk tolerance is usually the overall approach of upper management or the owners of an organization. The tactical tolerance is that of the project manager, given the type of projects and potential risks. • Mitigation or elimination—This is a higher, more strategiclevel approach to how the project manager plans responses to risks on a project. Although some of this approach stems from the risk tolerance type of the project manager, most of this approach is dictated by the type of project. This can be a formal approach dictated by an organization (such as a Project Management Office [PMO]) and encompasses the general philosophy of how the project manager should address planning risks within a particular project and thus be a strategic risk plan. Because a project is a unique endeavor to produce an output deliverable and risk events are imminent, the project manager can in general terms make a decision to simply design mitigation for risks identified throughout the project or identify as many redesign opportunities that result in eliminating risks completely. Risk mitigation is a higher tolerance approach of acceptance and simply requires the identification of risk and a plan or contingency for how to deal with the risk. Risk elimination requires the project manager not only to identify risk, but to drive the identified risk elements back to redesigning project activities to eliminate risk. Depending on the type of deliverable, this can be an effective plan to proactively eliminate as many risks in the design of the product and not so much the design of the risk management plan. This is a more conservative, low tolerance approach for the project manager to take to attempt to eliminate as many risks as possible. • Develop risk management plans for projects—Another important component in the strategic plan is to ensure that all projects conducted in the organization have a risk management plan associated with them. If an organization has a culture of risk management, then risk management plans will already 26 MASTERING RISK AND PROCUREMENT IN PROJECT MANAGEMENT be a component of projects no matter what type of structure the organization is operating with. Having a risk management plan may be dependent on the type of organizational structure given it may be difficult for functional managers to produce risk management plans, as this is not a normal component of their responsibility. Projectized and matrix organizations should have risk management plans as part of the overall project management plan process, as risk management will typically be a part of the culture of that structure. If the organization has a PMO, risk management plans are usually a requirement of the project manager; if the organization does not have a PMO, this needs to be a requirement of upper- or executive-level management for project managers. Tactical Risk Planning Tactical risk planning is more at the project level and specific to work activities on a particular project. The project manager usually has the responsibility of developing the tactical plan for managing risks. At this level of risk planning, the project manager will take into consideration things like the type of project, identification of specific risks, triggers that may indicate an imminent risk, analysis of specific risks, and response planning. It is appropriate for the project manager to develop the tactical risk plan because he has knowledge of specific work activities and can derive accurate data that will not only help identify potential risks, but how to plan for a specific risk. The elements of risk planning are common on most projects and are general areas of risk planning at the tactical level. • Risk for different types of projects—Two of the biggest concerns in managing risk for any project is the severity of the risk and the potential impact to the project and/or organization. Some of the factors that influence the severity and impact risk can have are the general type of project as well as its size and complexity. From a strategic standpoint, organizations structured for projects might be in a better position to identify and manage risk on projects as a normal part of their business over those that are not structured for projects or do not carry CHAPTER 1 • RISK STRATEGY AND PLANNING 27 out projects as a normal part of their business. From a tactical standpoint, the type of project can play a role in projects having the probability of a greater number of risks versus an inherently smaller number of risks. Some projects may be characterized as having a larger number of less severe risks that are easier to manage versus other projects that may have fewer risks with greater severity and potential impact to the project. The size, duration, and complexity of the project can also play an important role in the types of risks and the severity and impact they can have. Large-scale projects might have different risks than small-scale projects, longer duration projects have risks that shorter projects do not have, and simple projects are not subject to some of the risks complex projects can potentially have. All of these factors can influence what information the project manager needs to look for in understanding potential risks and how to plan for risks on a given project. • Risk identification—Another area of planning at the tactical level is the identification of risks. As the project manager gathers specific information on each work activity, this information should yield initial indicators of possible risks. The project manager should also seek advice from subject matter experts as well as previous projects to understand what risks may have a potential of occurring for each specific activity. The project manager then needs to categorize risks and use tools to organize information for each risk event such as a probability of occurrence, impact, and severity as well as contingency planning and assigning owners responsible for the risk event. This again is the job of the project manager to understand this level of detail using tools and techniques that are covered later in this book to help the project manager identify risks, given all the information available for a work activity. • Risk trigger planning—After the project manager has identified risks for a given work activity, he also needs to analyze the information for signs or triggers that he can key in on that will indicate a risk event is eminent. Triggers are an important planning tool, as the project manager can in many cases mitigate 28 MASTERING RISK AND PROCUREMENT IN PROJECT MANAGEMENT and usually eliminate a risk event before it happens. Trigger planning is typically underestimated or not even used at all in most risk management planning, but it can be one of the most powerful tools a project manager can have in a risk management plan. • Risk response planning—The next area the project manager must address is how to respond to each potential risk event. The risk tolerance of the organization and project manager has an influence on how risk response planning is carried out. Depending on whether the risk tolerance is conservative or more liberal (and allowing risk events) determines the approach the project manager will take on any given response and can be classified into four types of responses: • Avoidance—Identifies the root cause of a risk event and eliminates or alters the conditions of the activity to create a new scenario without the potential risk. This is simply eliminating the risk before it happens and should be the first choice in response to a risk. • Mitigation—Similar to avoidance in altering the conditions of a work activity such that although it may not be able to completely eliminate the potential risk, it can reduce the impact or probability of its occurrence. • Transference—Requires the reassignment of responsibility such that the impact of the risk is absorbed by an alternate party. In many cases, a strategic use of a contract can transfer risk and liability to another party. • Acceptance—The last course of action the project manager should use in planning a response for a potential risk event is simply accepting the outcome of the risk. There may be some conditions given a specific work activity where specifications will not allow any alteration of the conditions to eliminate, mitigate, or transfer the impact of a risk event, and the project must bear the full brunt of the impact from a risk event. This response might be acceptable as a function of risk tolerance, as the specific risk event may have a minimal impact to the project. CHAPTER 1 • RISK STRATEGY AND PLANNING 29 • Risk communication—Another important general area of tactical planning is developing the process for how information regarding risk events are to be communicated to project staff, management, and others that will need this information. It’s the responsibility of the project manager to develop an effective and efficient communication system for managing risk events, as in many cases there may be limited time to conduct planned responses. Information will need to be documented in a form that is clear, concise, and easily understood to conduct risk responses correctly and efficiently. Much of the success of the risk response plan falls on the effective communication of the plan. 1.3 Develop Risk Management Plan (Process) Project managers can improve their success in managing projects when they develop processes that are carried out on each project. Developing a process requires understanding what goal is to be accomplished, the steps required to complete the goal, and any specialized details that may be required in accomplishing a specific goal. In project management, some of the more commonly used processes or goals would be resource management, schedule management, budget management, risk management, and procurement. The project manager can look at the various aspects of what needs to be managed on a project as goals and develop a process that can be used as a template every time that goal is required. The advantage of designing a process to manage something is it can be used as a template and every time it is used can be improved on, making the process progressively better. Another advantage to developing a project management process is that it can be used to standardize processes throughout an organization, which then can lead to the creation of a Project Management Office (PMO). This chapter focuses on developing a process to manage risk called the risk management plan. This section outlines some of the more commonly used elements of risk management that can be used as a template in developing a risk management plan. 30 MASTERING RISK AND PROCUREMENT IN PROJECT MANAGEMENT Risk Identification One of the foremost areas in the risk management plan is developing a process to accurately identify potential risks within work activities on a project. This is a vital step and should not be taken lightly. This is covered in more detail in Chapter 2, “Identifying Risk.” Although the project manager is responsible for developing a risk management plan, she doesn’t always have to perform all the actions required within the plan, and she can solicit help from others, such as subject matter experts and those qualified to perform risk identification and analysis. The project manager should prepare a complete and accurate assessment of risk, so it’s in the best interest of the project to seek out as many expert individuals as possible to assist in risk identification and analysis. It’s important that the project manager and others who assist in information gathering for identifying risks know the primary goal is to identify as many risks as possible, which includes the smallest impact risk to the obvious larger, more severe risks. The second goal of risk identification is categorizing risks to organize them based on probability of occurrence, severity, and impact to the project. The details of how this is performed and tools and techniques to perform these functions are covered in more detail in Chapter 2. Define Risk Tolerance After the project manager has compiled a list and categorized all risks that will need to be evaluated on each work activity, the level of risk tolerance helps determine what course of action the project manager and/or the organization might take. It’s important the project manager understand the general level of risk tolerance of the organization so responses can be developed that are consistent with the organization’s threshold for risk management. Depending on the size and complexity of a project, this can play an important factor in the success of an organization’s managing opportunities in allowing certain risks while protecting organizational interests in mitigating or eliminating other risks. If the project manager is uncertain as to the level of risk tolerance, he should seek out the advice of upper management for the recommended approach. CHAPTER 1 • RISK STRATEGY AND PLANNING 31 Risk Analysis After risks have been identified and categorized, the next major component in developing a risk management plan is to analyze each risk to determine the probability of occurrence and the level of severity or impact the risk could have on the project. The analysis of risks is another very important element in the overall risk plan, and because there is a great deal of information regarding analysis tools and techniques, this is covered in great depth in Chapter 3, “Risk Analysis.” Contingency or Redesign Planning When risks have been identified and analyzed, a response plan needs to be developed for each potential risk event. There are two general ways to approach risk: developing contingency plans, which include responses such as mitigation, transference, and acceptance; and the redesign approach, which is the avoidance response in eliminating a potential risk. Depending on the type, size, and complexity of a project and the type of potential risk, there is usually a combination of these response plans. This is where the project manager has the opportunity to design risk responses or redesign the conditions of a work activity before the project begins. This section is another very important component of risk planning and is covered in Chapter 5, “Risk Response Strategies.” Risk Monitoring Process Another step in developing processes within the risk management plan is designing a monitoring system to capture real-time information on project work activities that might indicate a risk event is imminent or, unfortunately, has already begun. The general idea in risk monitoring is to have tools in place that give the project manager realtime data that can be analyzed to ensure work activities are being performed correctly and to assess any initial signs of problems or risk events beginning to happen. Because the project manager will have real-time information to analyze, it is advantageous to determine if certain initial signs could be identified that would indicate a risk event is imminent, called triggers. Triggers should be identified for as many 32 MASTERING RISK AND PROCUREMENT IN PROJECT MANAGEMENT risk events as possible, and in the monitoring process, the project manager would then be looking for these initial signs or triggers as a first indicator a risk is imminent, and they would be in position to initiate a risk response as a proactive tool rather than the normal reactive response. This section is covered in further detail in Chapter 7, “Risk Monitoring and Control.” Develop Risk Controls When processes are developed in the organization, process engineers usually design in some form of controls to ensure the process is carried out correctly. The project manager in developing the risk management process needs to design controls that affect how risk responses in the risk management plan are to be carried out. One example of a risk management control is the development of the risk register, covered in more detail in Chapter 2. The risk register is a document that organizes all the risks by category and includes information critical to each risk event, such as the probability of occurrence, impact, response, and ownership of the risk. This can be communicated to project staff and used to control how risks are to be managed. Another important tool is a change management plan, which can also serve as a risk management tool in controlling how changes are carried out on the project. Change Management Process An underestimated area of risk planning within the overall project management plan is addressing change management. Much like planning for risks, changes are inevitable, and when managed correctly have little impact to the overall project, as the change is a formal agreement in the conditions of the project schedule, cost, and the output deliverable. The problem with change is there are certain risks associated with change, and it’s vital the project manager understand the importance of following a structured change management plan to avoid costly errors and creating risk events. Change management should be a well-defined process that is healthy. If managed correctly and controlled, this allows the project manager to accommodate customer requests and/or project needs for change. CHAPTER 1 • RISK STRATEGY AND PLANNING 33 Closer for Risk Events Another important area of a risk management plan is to ensure actions carried out with regards to a risk event have been completed correctly and the risk event has closure. No matter what type of risk event has occurred, it is important that all response actions have been carried out, the risk event has run its course, whatever impact to the work activity has been realized, and no further action is required. Even the smallest risk events, if left incomplete, can continue to impact a project work activity and, in some cases, cause more damage than was originally assessed. Unfortunately, closure for risk events is an underestimated component within the risk management plan and can be the reason why some work activities are not as successful as originally planned. Communicate Risk Event Results Project managers must understand the importance of effective and efficient communication within all aspects of the project, and this is especially important in communicating the results of risk events. There are two levels of risk event communication: • Real-time risk information—Communicating results of initial impact to project activities as risk events are unfolding. • Post risk results—Communicating the overall outcome of a risk event after it has closed. Communication protocols for risk event status can also be included in the risk register as to who is to get communication and under what circumstances and in which format the information need to be sent. In some cases, communication is vital during a risk event when individuals identified to assist in the response need information quickly and efficiently to effectively respond to a risk event. In other cases, at the closure of a risk event, the overall impact that was realized needs to be evaluated and communicated to other project staff and/or management. The project manager needs to take communicating risk information seriously, as the reality of how a risk event impacts the project can ultimately affect other areas of the project and the organization. 34 MASTERING RISK AND PROCUREMENT IN PROJECT MANAGEMENT Lessons Learned As part of the closure for each risk event, the project manager should try to accurately and completely record all information of each risk event to capture critical data that would be valuable in addressing risk events in the future. Having this information available is how a project manager can design risk responses at the beginning of the project, because she can see how effective responses were carried out with similar risks on other projects. This also serves as a permanent record that shows how the risk was identified, analyzed, and how successful that response was in addressing the actual risk event. This information can also be used if an organization has to deal with legal ramifications of the impact of a risk event, and this information can clarify what actions were taken. Regardless of what the information is used for, ultimately it is valuable for future projects where project managers can reference this information to help in developing future risk management plans. 1.4 Summary Problems are an inevitable part of project activities, so project managers need to have a plan as to how to address these problems to reduce or eliminate any negative impact they might have on the overall project. Project managers should think of aspects within project management, such as risk management, as processes and therefore not design a unique risk management plan for every project, but simply utilize a risk management plan as a template that can be implemented on every project. The process can also be refined and improved every time it is used, thus making it a progressively more powerful and effective tool. One important element in developing a risk management plan is that the project manager must understand the overall philosophy the organization has, at a strategic level, for addressing problems. It’s important the project manager understand his role at both a strategic level as well as a tactical level in developing a risk management plan. The following areas are some of the key points required at the tactical CHAPTER 1 • RISK STRATEGY AND PLANNING 35 level in developing a risk management plan and are covered in more detail throughout this book: • Risk identification • Risk analysis • Categorizing risks • Developing risk responses or contingency plans • Develop risk monitoring • Communicate risk results • Manage closure of risk events 1.5 Review Questions 1. Discuss what is meant by risk strategy. 2. Explain what is meant by risk tolerance. 3. Discuss the difference between strategic and tactical risk planning. 4. Explain the difference between mitigation and elimination of risk. 1.6 Key Terms Risk strategy Risk tolerance Risk management plan Change control process Risk planning Strategic risk planning Risk mitigation, elimination Tactical risk planning Risk identification Risk communication 36 MASTERING RISK AND PROCUREMENT IN PROJECT MANAGEMENT 1.7 PMBOK Connections (5th Ed.) 11.1 Plan Risk Management 1.8 Case Study (Use for Chapters 1, 2, 3, and 4) RPO Construction has been hired to build a custom-made executive home in Vancouver, Washington. Two acres of property have been purchased on the banks of the Vancouver Harbor by a retired executive and his wife for the location of their new custom home. The single-family residence will be an 8,500 square feet, two-story structure consisting of wood frame, cement slab foundation, and tile roof. There will be a three-car garage attached, fully landscaped front yard with circle-around driveway, patio, and deck off the rear of the house overlooking the harbor. The deck will include an infinity pool and oversized spa with outdoor kitchen appliances. A dock with a boathouse will be constructed at the water’s edge with the patio decking connected by a wood staircase. Concerns in the house construction consist of pouring the slab foundation during the winter season, difficulty in location of the septic sewer system, and obtaining permits that allow for the creation of a dock and boathouse. The owners of the house have sold their current home and will be closing escrow shortly, requiring them to stay in a hotel temporarily. They have given the construction company the completion date so they can minimize the cost of their hotel stay. The construction company has told the homeowners it will take six months to finish their home if there are no delays due to poor weather, resolving the location of the septic system, and possible delays in obtaining permits. The homeowners have agreed to the schedule. If everything goes as scheduled, the house will be finished on time for the homeowners to move in. Details of cost are as follows: slab floor $32,000, total risk $9,000; septic sewer system cost $18,800, total risk $5,100; dock and boathouse cost $82,000, total risk is $11,000. Contractor agreed to a late completion penalty of $2,500 per day each day the project extends beyond the completion due date. CHAPTER 1 • RISK STRATEGY AND PLANNING 37 1.9 Case Study Questions and Exercise 1. Based on the case study, assess the risk tolerance of the homeowners. 2. Explain how the contractor might plan a risk strategy that would address the potential risks identified in the case study. This page intentionally left blank 2 Identifying Risk 2.1 Introduction One of the most important components in developing a project plan is the identification of potential problems or risks that could have a negative impact on project work activities. Project managers are usually busy developing the project schedule, working on the budget, and trying to allocate appropriate resources, but in the pressure of trying to accomplish those tasks, project risk is usually put as a lower priority—or due to a lack of time, simply not performed at all. This is unfortunate, as problems occur on all projects, and project managers usually find themselves in reactive response mode, performing damage control—rather than being in control mode, having proactively planned for problems and almost expecting them to occur. The project manager has the capability to plan all of the things that need to be accomplished in developing a project management plan and can utilize other resources to help accomplish some of these planning tasks such as risk management planning. Depending on the size and complexity of a project, project managers can find themselves doing a larger portion of the initial planning work themselves on smaller projects, while on larger projects they may have staff to assist in information gathering and analysis. Project managers also know they are going to be very busy in the development stages of a project, and in many cases, if time is not allocated for even a minimal amount of risk assessment, it is not completed at all. When little or no risk assessment has been completed on a project, problems must be addressed after the fact, and solutions that 39 40 MASTERING RISK AND PROCUREMENT IN PROJECT MANAGEMENT might have been available to eliminate or mitigate a problem are no longer available once the project is under way, often resulting in more costly responses and fixes. This is unfortunate for the project, as damage control measures are usually more costly and have a greater impact on the project schedule and potentially the quality of the project deliverable. Project managers and upper management who are responsible for establishing some of the project timelines should realize the importance of designing at least a small portion of time for risk identification, analysis, and response planning; it pays off in the long run! Primary components in the identification of risk that are covered in this chapter include • Information gathering • Risk identification • Categorizing risks • Documenting risk In the risk identification process, a great deal of time is spent simply gathering information on work activities to understand if potential risks are evident. This is an area where project managers might be able to delegate some of the information gathering to other resources if they are available. On small projects, the project manager might be very busy performing several tasks, and information gathering for risks would be valuable if another resource could perform that task and the project manager could ascertain potential risks and do some basic analysis on the risks that were identified. No matter how large or complex a project is, the project manager must allocate some time or resources in risk identification to be better prepared to control risk. 2.2 Information Gathering The first step in the identification of risks is the process of gathering and reviewing information of project work activities. At this point, the project manager is not necessarily identifying risks, per se, but rather gathering all the information of a work activity so a complete evaluation of what will be performed might yield areas where potential problems could be evident. CHAPTER 2 • IDENTIFYING RISK 41 EXAMPLE In the case where a project manager oversees the construction of a single-family home, he might review the work breakdown structure that takes the primary deliverable and breaks it down into its smallest components, yielding the most detailed information to review. In this case, one of the first steps would be to review the site survey and ground preparation task where the project manager might identify potential problems regarding the company performing the survey, such as their reputation or having adequate experience at identifying boundaries and ground elevation. Other elements might be in relation to the excavation of the ground and problems that might have to be addressed. One area would be the availability of excavation equipment and backup plans if a piece of equipment onsite were to develop a problem and need to be replaced. Weather can also play a role in this initial stage, as well as the availability of human resources qualified to operate the equipment. This example shows how the project manager, in gathering and reviewing information on the first activity, has already identified several areas where potential problems could arise. It’s important the project manager understand that quality time spent reviewing work activity information can yield a surprisingly greater number of potential risk events and probably more than if the project manager simply assumed the obvious risks without looking at the actual activity information. Who, What, and How During the information gathering phase in risk planning, there are three important components the project manager must consider: Who will be gathering the information? What information should be gathered? And what sources of information are available and reliable? • Resources for gathering information—One of the most underestimated but vital components of information gathering for project work activities is who will be gathering the information. Depending on the type of organizational structure and the 42 MASTERING RISK AND PROCUREMENT IN PROJECT MANAGEMENT size and type of a project, project managers will have to address who will gather the information that will be vital in determining if risks might be evident. In some cases, the project manager performs this function alone due to the lack of resources or the type of organizational structure where the project manager assumes a great deal of responsibility and is tasked with much of the initial work himself. In other cases the project manager might have the ability to utilize other resources but must understand who these resources are and if they are qualified to correctly gather work activity information. The project manager might have the opportunity to train a resource on how to gather information, but that resource must understand the level of detail that is required to derive not only the large and more obvious risks, but the medium and even small risks that can still have a potential impact on the project. The person gathering information needs to be looking at mid-level areas of information—not so much the lowest level of detail, but critical areas that may need further evaluation, which might include the examples here: • Were specifications interpreted correctly, maybe misinterpreted? • Have critical resources been correctly identified (capabilities, skillsets, and so on)? • Are there enough resources to complete the activity in the estimated time duration? • Will critical equipment and facilities be available when needed? • Does the organization have the technology to complete the project objective? • Can critical shipments be delayed and for what variety of reasons? • Are there any critical material requirements that could be at risk? • Is weather going to be a consideration? CHAPTER 2 • IDENTIFYING RISK 43 • Information that needs to be collected—The next component of gathering information is to understand what type of information is relevant and needs to be collected for review. The best approach is to take a mid-level view of general components of work activity. The reason being is this puts the emphasis on categories of information that will be under a larger component of work but also p...
Purchase answer to see full attachment
User generated content is uploaded by users for the purposes of learning and should be used following Studypool's honor code & terms of service.

Explanation & Answer

Attached.

Running head: E-COMMERCE SITE DEVELOPMENT PROJECT

E-Commerce Site Development PROJECT
Names:
Institution

1

E-COMMERCE SITE DEVELOPMENT PROJECT
E-commerce site development project
The project involves building an e-commerce website where the client can shop for
products and have them delivered to the via courier services. The website will feature a
shopping homepage where clients will shop for their favorite items and each item selected
will be added to a cart and after clients are satisfied with items selected he is taken to paying
interface where he pays and proceeds to select the means of delivery. The website must have
strong security features and also have state of the art design. The budget of the project will be
limited to fees paid to computer programmers, hosting and security costs, five workers and
renting a single warehouse. The time expected for the whole project to take place in six
months where the first four months will involve development and the last two months will be
used specifically for testing the e-commerce system.
The stakeholders of the project are the coders, user interface designers, testers, hosting
company, payment gateway provides, couriers and finally the employees. There will be set
limitations of what one can do on the system example a worker will add products and client
can only buy added products. The project is expected to utilize quality development plan
always since it is quality that will determine the buying activity of customers and safety of
their payments.
Logical chronological phases of the project.
Initiating phase
This phase will involve finding a market gap and developing the need for the project
and identifying who the project serves. This project will serve as a marketplace for designer
made customer clothes...


Anonymous
Really useful study material!

Studypool
4.7
Trustpilot
4.5
Sitejabber
4.4
Similar Content
Related Tags