Risk Management to Prepare for Risk Situations
This post was written on June 26, 2019.
Purpose of the post
It is important to perform risk identification activities at the beginning of the project. Risk identification activities are to identify obstacles and prepare countermeasures through planning document review. And risks discovered during project progress should be reported quickly and decision making is needed. The faster the decision making is, the less cost it takes to solve the risk.
This risk management is important not only for the leader who leads the project, but also for the members of the project. This is a post that summarizes what risk management is and how to do it.
Table of contents
- What is risk management?
- Why there are not many organizations that perform risk management
- How to do risk management
What is risk management?
Risk is a potential possibility that can be a defect, but has not yet occurred as a defect. A defect is a mistake made by a person that has been transferred to the software, and it does not conform to the requirements regardless of whether it works or not.
Risk management is to predict and prepare for problems that will occur in the future. It consists of detection activities to find defects early, correction activities to remove detected defects, prediction activities through defect database construction and analysis, and prevention activities to prevent defects from occurring.
Why there are not many organizations that perform risk management
Despite the fact that risk can be a problem, there are not many organizations that manage risk properly. There are three reasons for this.
The first reason is the cynical view of risk management. Passive managers think that risks or problems should not be disclosed and do not inform customers or even team members. They think that they can't accept that there is a risk right now.
The second reason is the reality that prioritizes problem solving over risk. If you neglect risk management, you will only try to solve the problem that happened right now. They keep making the mistake of fixing the barn after losing the cow. We have witnessed too many cases where meetings are held frequently and end without a conclusion when unexpected problems arise.
Risk and problem have the same attributes. Risk is a problem that will occur in the future, and problem is a risk that has become reality. There is no essential difference, and there is only a difference in the time of occurrence.
The third reason is that they do not recognize that risk management is related to cost. They usually leave the risk alone with baseless optimism that "it will be fine" and try to solve it urgently when the risk finally becomes reality and reaches its peak. A situation that can be blocked with a hoe can't be blocked with an excavator. It leads to a huge waste of cost. Risk management is an economic activity.
How to do risk management
There are five important things for risk management. It is an explanation of the specific method of how to do risk management.
1. Identify risks at the beginning of the project
Risks should be identified at the beginning of the project. The sooner you identify and manage them, the safer the project becomes. So if you identify the risk at the beginning, the probability of problems that will occur later will decrease.
2. Secure similar project performance cases
The project's risk has many common elements. The project level should manage the risk list. Use the management list for risk identification. Also, organize and share the risks and solutions that occurred with the members. In other words, it becomes easier to identify and solve risk factors by reusing the risk resolution history.
3. Add buffer to schedule estimation
You need to prepare for the risk that will occur during the project progress. Preparation is important to secure a buffer schedule when estimating the schedule. You need to estimate the buffer when estimating the project schedule to prepare for the risk that you don't know when it will occur.
4. Keep tracking the identified risks
The discovered risks should be tracked continuously. You need to assign a person in charge and a target date for resolving the risk. And you need to monitor the risk status and solutions regularly through weekly meetings, etc.
5. Quickly disclose the identified risks
The identified risks should be disclosed to the stakeholders. You can easily solve it with the stakeholders. If a risk occurs at the project level, it should be reported to the manager quickly. The manager judges the situation and decides to postpone the deployment schedule or spec out through the reported risk.
End
References
- Oh Byung-gon. 『Pragmatic Software Development』. Roadbook, 2017.