Information

Technology Project

Management

By

Denny Ganjar Purnama, MTI

Universitas Pembangunan Jaya

Chapter 8

Learning Objectives

• _{Describe the project risk management planning}

framework introduced in this chapter.

• _{Define risk identification and the causes, effects, and}

integrative nature of project risks.

• _{Describe the various risk strategies, such as}

insurance, avoidance, or mitigation.

• _{Describe risk monitoring and control.}

• _{Describe risk evaluation in terms of how the entire}

The Baseline Project Plan

•

_{Is based on:}

– _{Our understanding of the current situation} – _{The information available}

This Leads to Uncertainty

• _Because…

– _{Estimates are really forecasts or predictions}

– _{Uncertainty is highest at the beginning of the project}

because we don’t all the information we would like to have

– _{Sometimes things happen that are out of our control}

• _{Although no one can predict the future with}

Some Common Mistakes

• _{Benefits of risk management are not}

well-understood

– _{Just do it!}

• _{Not providing adequate time for risk}

management

– _{Should be part of the ITPM}

• _{Not identifying and assessing risk using a}

standardized approach

– _{Miss threats & opportunities}

• _{Crisis management (i.e. firefighting) is “reactive”}

– _{Risk management is “proactive”}

– _{Cheaper & less embarrassing than crisis}

Effective and Successful Project

Risk Management Requires:

•

_{Commitment by all stakeholders}

•

_{Stakeholder Responsibility}

– _{each risk must have an owner}

PMBOK® Risk Management

Processes

•

_{Risk Management Planning}

•

_{Risk Identification}

•

_{Qualitative Risk Analysis}

•

_{Quantitative Risk Analysis}

•

_{Risk Response Planning}

  MIS Software

Risks

Systems Software Risks

Commercial Software Risks

Military Software Risks

Contract or Outsourced Software Risks

End-User Software Risks

Creeping User

Inadequate User Documentati

on

70 %

Excessive Paper Work

90 %

High Maintenanc

e Costs

60

Excessive Schedule

Pressure

Friction Between Contractor

& Client Personnel

50 %

Hidden

Errors 65% Low

Quality 60 %

Excessive Time to

Creeping User

Harmful Competitive

Actions

45 %

Creeping User Acceptance

Criteria Inadequate

Configurat ion Control

50

Litigation Expense

30 %

Unused or Unusable

software

45 %

Legal Ownership of Software

& Software

and Deliverab

les

20%

PMBOK® Definitions

• _Risk

– _{An uncertain event or condition that, if it occurs, has a}

positive or negative effect on the project objectives.

• _{Risk Management}

– _{The systematic process of identifying, analyzing, and}

responding to project risk. It includes maximizing the probability and consequences of positive events and minimizing the probability and consequences of

IT Project Risk Management

Processes

IT Project Risk Management

Process

•

_{Risk Planning}

– _{Requires a firm commitment to risk}

management from all project stakeholders

– _{Ensures adequate resources to plan for and}

manage risk

IT Project Risk Management

Process

•

_{Risk Identification}

– _{Identify potential risks that can impact the}

project

• _{Includes both threats and opportunities}

– _{Should include many of the project}

stakeholders

– _{The IT Project Risk Framework provides a}

Tools and Technique Risk

Identification

•

_{Learning cycles}

– _{Mengidentifikasi berdasarkan fakta, asumsi,}

penelitian

•

_{Brainstorming}

– _{Setiap orang mengusulkan resiko yang}

mungkin terjadi

•

_{Nominal Group Technique (NGT)}

– _{Mirip brainstorming, tetapi lebih terstruktur}

Tools and Technique Risk

Identification

•

_{Delphi Technique}

– _{Sekelompok ahli mengidentifikasi resiko}

•

_Interviewing

– _{Mewawancara setiap stakeholder untuk}

mendapat persepsi yang berbeda

•

_Checklist

– _{Membuat daftar resiko yang terjadi pada}

Tools and Technique Risk

Identification

•

_{SWOT (Strength, Weakness, Opportunity,}

Threat)

•

_{Cause-effect diagram}

– _{Alat untuk memberikan pemahaman}

sebab-akibat

•

_{Past Projects}

IT Project Risk Management

Process

• _{Risk Analysis}

– _{Risk = f(Probability * Impact)}

• _{What is the probability of a particular risk occurring?} • _{What is the impact on the project if it does occur?}

• _{Risk Assessment}

– _{Focuses on prioritizing risks so that an effective}

strategy can be formulated for those risks that require a response.

Qualitative Approach

•

_{Expected value}

– _{Nilai dari project ketika resiko terjadi}

•

_{Decision tree}

– _{Mempertimbangkan semua alternatif}

•

_{Risk impact Table}

– _{Melakukan skoring terhadap resiko untuk}

menentukan prioritas

Quantitative Approach

•

_{Discrete Probability Distribution}

•

_{Continuous Probability Distribution}

•

_{PERT distribution}

•

_{Triangular distribution}

•

_Simulation

– _{Bisa menggunakan teknik sebelumnya namun}

secara otomasi

IT Project Risk Management

Process

• _{Risk Strategies}

– _{Accept or ignore the risk.}

• _{Management Reserves} • _{Contingency Reserves} • _{Contingency Plans}

– _{Avoid the risk completely.}

– _{Reduce the likelihood or impact of the risk (or}

both) if the risk occurs.

– _{Transfer the risk to someone else (i.e.,}

IT Project Risk Management

Process

•

_{Risk Monitoring and Control}

– _{Tools for monitoring and controlling project}

risk

• _{Risk Audits by external people}

IT Project Risk Management

Process

• _{Risk Response Plan should include:}

– The project risk

– The trigger which flags that the risk has occurred

– The owner of the risk (i.e., the person or group responsible for monitoring the risk and ensuring that the appropriate risk response is carried out)

– A risk response based on one of the four basic risk strategies

IT Project Risk Management

Process

•

_{Risk Evaluation}

– _{How did we do?}

– _{What can we do better next time?} – _{What lessons did we learn?}

– _{What best practices can be incorporated in}