The Society for Risk Analysis (www.sra.org) defines risk analysis to include risk assessment, risk characterization, risk communication, risk management, and policy relating to risk, in the context of risks of concern to individuals, to public and private sector organizations, and
to society at a local, regional, national, or global level. It publishes a journal on risk analysis and provides resources and information on the topic.
Risk
179 Self-check
Check how you are doing in managing your project risks by answer- ing the questions below. If you can answer ‘yes’ to the majority of them you are doing a good job. Give yourself a pat on the back, but remember to revisit this aspect of your project regularly.
■ Is there a shared understanding of the business environment? Aim to get as complete a picture as possible of your internal and exter- nal business environment. Keep your eyes and ears open for signs of big changes on the horizon (internally or externally) that you must consider. Ensure your stakeholders share your understanding of the context. If they do not, your assessments of the risks your project faces will be different.
■ Are the business objectives clear? Frame your business objectives SMARTly. This way you get a good grip on the risks associated with each other. If your objectives are woolly or open to miscom- munication the risks will be equally difficult to handle.
■ How were the risks identified and assessed? Make certain that you have a range of input to the generation of your risk list. People have very different attitudes and responses to risk. Recognize these but also get a shared view of which risks are most significant.
■ Does the risk profile seem to make sense, in the context of the business environment? Get clarity on the relationship between the risks and the business objectives. Make sure your stakeholders are aware of and agree the biggest risks.
■ Is there clear ownership of each risk? Every risk must have an owner who is accountable for taking the mitigating action. Risks sometimes fall between the cracks if owners are unassigned or if they do not take accountability. If this happens, you are adding another risk to project success.
■ Have the risks been communicated? Everyone in your organiza- tion should know what risks the project presents and understand
the implications of this. People involved either directly or indir- ectly with the project must be alert to new risks arising and present these to you in a timely fashion.
■ Is there evidence you are managing them effectively? Ensure you have sensible but not over the top management processes. Aim to satisfy audit requirement in your monitoring and look for evi- dence that the mitigation action is reducing the risk by tracking its movement on your graphic or risk matrix.
■ Is there a clear understanding of what risk responses are in place, and who is responsible for what? Give your project teams sight of the risk log. If team members are not familiar with risk manage- ment approaches make sure you train them to the level they need.
Where risk is accepted or taken in your project make sure the ‘net’
level of risk is consistent with the risk appetite of the business as a whole.
■ Are risk responses monitored? Make sure people in the business can answer the ‘how do I know it is working?’ question. This means communicating effectively, monitoring appropriately, acting in accordance with the plan, and adapting as circumstances change.
■ Are there instances of too much risk response – controls seem
‘over the top’ given the level of risk? Listen out for signs of manipu- lation or ignoring of your risk management processes. Look at the risk management method as a whole, and confirm that it is fit-for- purpose, operating effectively, and embedded in the project plan and implementation.
Do’s and Don’ts
■ Do take a common sense approach to risk management
■ Do involve a diversity of people in helping you identify risks
■ Do keep risk thinking in the front of people’s minds
■ Don’t go overboard on bureaucratic monitoring processes
■ Don’t neglect to review all the risks at regular intervals during the project life span
■ Don’t be afraid to adapt your risk management process if it is not working effectively
References/Useful Reading
Lewis, J. P. (1998). Mastering Project Management. McGraw Hill Professional Book Group.
Marks & Spencer (2001). Change Handbook. Marks & Spencer.
Shell International Limited (2000). Risk Policy and Guidelines. Shell International Limited.
The Economist(24 January 2004). Be prepared: what companies must do to face a much-increased range of risks.
Young, P. C. and Tippins, S. C. (2001). Managing Business Risk.
Amacom.
Risk
181 Summary – The Bare Bones
■ The risk management cycle has six steps: understanding the busi- ness context, clarifying the objectives, identifying risks, assessing risks, responding to risks, and sustaining risk control
■ Develop as comprehensive a list of risks as you can
■ Assess them using an appropriate assessment method, two- or three-factor rankings work well
■ Present the risk landscape preferably graphically so you can see each risk in relation to the other
■ Prepare and implement plans to mitigate the risks
■ Monitor progress continuously, re-assess risk list periodically, and respond to context changes as they occur
10
Project Management
‘A project is a unique set of coordinated activities, with definite starting and finishing points, undertaken by an individual or organisation to meet specific objectives within defined time, cost, and performance parameters.’
BS 6079 – 2:2000. Project Management. Vocabulary.
Overview
In relation to project management, you have learned so far that:
■ Appointing a project manager at the start of your project is almost essential.
■ You must produce certain documents and reports within each organ- ization design phase.
■ The project manager acts to link the work of the teams and presents an overall status report to you at regular intervals.
This chapter looks in more detail at project management as it applies to an OD project and considers the role of the project manager in successful delivery of this. The chapter starts with a definition of project management.
What is Project Management?
A simple definition of a project is that it is a series of interdependent activ- ities aimed at meeting a common, agreed objective within an agreed time and cost. (A more complex definition appears at the head of this chapter.)