PMI-RMP Risk Management Framework Tutorial

2.1 Risk Management Framework

Hello and welcome to the Project Management Institute’s Risk Management Professional Certification Preparatory Course offered by Simplilearn. In this lesson, we are going to discuss the risk management framework. Let us begin with the objectives in the next screen.

2.2 Objectives

After completing this lesson, you will be able to: ? Describe the purposes of Practice Standard for Risk Management ? Define Project Risk Management ? List the good risk management practices ? List the different types of risks In the next screen, we will discuss the purposes of practice standard for risk management.

2.3 Purposes of Practice Standard for Risk Management

PMI does not advocate a methodology for managing risks, but it provides a standard for stakeholders, and a framework which are recognized as ideal risk management practices. So, before implementing risk management policy or governance, the team should think about setting the standards within the organization or function, using best practices, which could be applicable for all the project owners consistently and which would be recognized by stakeholders. There should also be a standard that is globally applicable and consistently applied. The so-called ‘practice standard’ emphasizes the principles that are fundamental to effective, comprehensive, and successful project risk management. The principles are expected to be agreed upon to have more stability and persistence. If you look at the image on this screen, the standard practices can be derived from the principles of the specialization. The ‘practice standard’ for Project Risk Management is the magnification of the Project Risk Management knowledge area of the fifth edition of PMBOK guide, called ‘A Guide to the Project Management Body of Knowledge'. PMBOK consists of 47 processes spread across ten knowledge areas, and five process groups. Out of these 47 processes, 6 are within risk management. The remaining 41 processes influence, or provide inputs directly or indirectly to manage these 6 risk processes. The bottom layer has a reference to the handbooks, textbooks, and courses. From this, the definitions, theory, tools, or techniques can be derived. These fundamentals are essential for frameworks such as the PMBOK framework. We will understand the definition of risk in the next screen.

2.4 Project Risk—Definition

The Standard for Project Risk Management defines project risk as, “an uncertain event or condition that, if it occurs, has a positive or a negative effect on a project’s objectives.” The negative effect is called threat and the positive effect is called opportunity. For example, consider an organization that may need to shut down due to the break-out of swine flu in the city. Due to this, there is a probable delay in delivering the project on time. This is a threat and is called negative risk. On the other hand, let us assume that you are supposed to purchase a tool. The vendor says that there is no stock of this tool which may be a risk for the project. After a quick survey, you come to know that there is an alternate tool available from a different vendor which has more functions, better performance, and can be procured at a lesser cost. This is an opportunity and is called positive risk. So it can be said that an opportunity leads to a benefit while a threat leads to an issue. We will discuss the definition of project risk management in the next screen.

2.4 Project Risk—Definition

The Standard for Project Risk Management defines project risk as, “an uncertain event or condition that, if it occurs, has a positive or a negative effect on a project’s objectives.” The negative effect is called threat and the positive effect is called opportunity. For example, consider an organization that may need to shut down due to the break-out of swine flu in the city. Due to this, there is a probable delay in delivering the project on time. This is a threat and is called negative risk. On the other hand, let us assume that you are supposed to purchase a tool. The vendor says that there is no stock of this tool which may be a risk for the project. After a quick survey, you come to know that there is an alternate tool available from a different vendor which has more functions, better performance, and can be procured at a lesser cost. This is an opportunity and is called positive risk. So it can be said that an opportunity leads to a benefit while a threat leads to an issue. We will discuss the definition of project risk management in the next screen.

2.5 Project Risk Management—Definitions

Every project encounters some risks during its lifecycle. You cannot run a project without managing the risks. Project risk management addresses these risks by planning and controlling them. The Standard for Project Risk Management defines project risk management as: Project risk management includes the processes concerned with conducting risk management planning, identification, analysis, responses, and monitoring and controlling of a project. As you know from the previous lesson, the project risk management consists of six processes. The objective of project risk management is to increase the probability and the impact of positive risks and decrease the probability and the impact of negative risks. The image on the screen illustrates the effects of Project Risk. The positive risk consists of 4 risk responses, exploit, enhance, share, and accept, the negative risk also consists of four risk responses, avoid, mitigate, transfer, and accept. The response Accept comes under both positive and negative risks. We will discuss these responses in detail in forthcoming lesson. In the next screen, let us look at the definitions which are frequently used in the course.

2.5 Project Risk Management—Definitions

Every project encounters some risks during its lifecycle. You cannot run a project without managing the risks. Project risk management addresses these risks by planning and controlling them. The Standard for Project Risk Management defines project risk management as: Project risk management includes the processes concerned with conducting risk management planning, identification, analysis, responses, and monitoring and controlling of a project. As you know from the previous lesson, the project risk management consists of six processes. The objective of project risk management is to increase the probability and the impact of positive risks and decrease the probability and the impact of negative risks. The image on the screen illustrates the effects of Project Risk. The positive risk consists of 4 risk responses, exploit, enhance, share, and accept, the negative risk also consists of four risk responses, avoid, mitigate, transfer, and accept. The response Accept comes under both positive and negative risks. We will discuss these responses in detail in forthcoming lesson. In the next screen, let us look at the definitions which are frequently used in the course.

2.6 Project Risk Management—Definitions (contd.)

Following are the definitions which are frequently used in the course: Click each tab to learn more. Issue is something that is happening in the present, it is known, and is being dealt with. For example, delay in the arrival of equipment, cost overruns, or a key resource leaving the organization. Risk event is the description of a scenario that may happen if risk materializes. For example, if there is key resource attrition, it will cause delay in deliverables of the project. However, it is good to capture it in the cause-risk-effect format Risk Trigger is a warning about the occurrence of risk. It is a sign or indicator that a risk event is about to occur. For example, the weather forecast says that climate will not be good during next couple of days. As a result of this bad climate, the employees may not come to office as usual, due to which the project deliverables will suffer. Risk management plan documents how the risk management processes will be carried out. In the next screen, let us continue to look at a few other definitions.

2.6 Project Risk Management—Definitions (contd.)

Following are the definitions which are frequently used in the course: Click each tab to learn more. Issue is something that is happening in the present, it is known, and is being dealt with. For example, delay in the arrival of equipment, cost overruns, or a key resource leaving the organization. Risk event is the description of a scenario that may happen if risk materializes. For example, if there is key resource attrition, it will cause delay in deliverables of the project. However, it is good to capture it in the cause-risk-effect format Risk Trigger is a warning about the occurrence of risk. It is a sign or indicator that a risk event is about to occur. For example, the weather forecast says that climate will not be good during next couple of days. As a result of this bad climate, the employees may not come to office as usual, due to which the project deliverables will suffer. Risk management plan documents how the risk management processes will be carried out. In the next screen, let us continue to look at a few other definitions.

2.7 Project Risk Management—Definitions (contd.)

Other definitions are as follows: Click each tab to know more. The risk register details all identified risks, including description, category, cause, probability of occurring, impact(s) on objectives, proposed responses, owners, and current status. Risk Breakdown Structure or RBS shows the hierarchical breakdown of risks organized by risk categories. The risk categories can be external, internal, technology, and project management or anything specific to your industry and project. Probability defines the likelihood of the occurrence of the risk. Probability is expressed in terms of percentages. For example, there is a 50 percent chance of rain today. Impact is the result and consequence of the probability of risk occurring. For example, there is a cost overrun of about $5,000 (Read as: 5,000 Dollars), or delay in project by 1 month. In the next screen, we will discuss the roles of project risk management.

2.7 Project Risk Management—Definitions (contd.)

Other definitions are as follows: Click each tab to know more. The risk register details all identified risks, including description, category, cause, probability of occurring, impact(s) on objectives, proposed responses, owners, and current status. Risk Breakdown Structure or RBS shows the hierarchical breakdown of risks organized by risk categories. The risk categories can be external, internal, technology, and project management or anything specific to your industry and project. Probability defines the likelihood of the occurrence of the risk. Probability is expressed in terms of percentages. For example, there is a 50 percent chance of rain today. Impact is the result and consequence of the probability of risk occurring. For example, there is a cost overrun of about $5,000 (Read as: 5,000 Dollars), or delay in project by 1 month. In the next screen, we will discuss the roles of project risk management.

2.8 Roles of Project Risk Management

Risk management is not an optional activity. It is essential for successful project management because of high level of uncertainties. Project risk management addresses the uncertainty in project estimates and assumptions. Please note that project risk management is not a substitute for other project management processes. It requires other processes like scheduling, budgeting, change management, quality aspects, etc. It becomes an integral part of every aspect of managing the project, in every phase and process group. The risk management outcomes act as inputs for considering the contingency reserve in case of scheduling and cost management, to meet the project objectives. Risk management should be conducted throughout the life cycle of the project. The earlier the identification of risk, higher will be the chances of project success. So, the risk management role can be utilized effectively by adapting different processes across the life cycle of the project. These processes will be explained in the future lessons. In the next screen, we will find out the good practices for risk management.

2.9 Good Risk Management Practices

To achieve risk management successfully, good practices need to be followed. Good practices may originate from the organizational culture, and/or can originate from organizational assets. Project risk management is a valuable component and it enhances the value of the other project management processes, which, in turn, helps in achieving overall project objectives. The good practices in risk management are: The risk management should be consistent; It should consider enterprise environmental factors, and organizational process assets; It should be conducted in compliance with internal and external requirements; It should be conducted in an ethical manner following code of conduct which includes honesty, realistic expectations and responses, professional, and objective way for all the projects; and There should be a periodical review conducted for effective risk management in terms of identification, analysis, and responses. Periodical review is carried out as the changes in project management plan may result in a change in project risk management processes. This results in a consideration of the external and internal factors to make it compliant in terms of standards, regulations, law, etc. Project risk management should be conducted in a way that is suitable to the project, and should recognize business challenges and multi-cultural environment including customers, suppliers, and workforces. The other good risk management process is the consultation and communication with stakeholders. Project risk management should be conducted on all projects. The level of detail, tools, time, and resources varies from project to project, depending on the expected value. In general, large projects that provide value to an important customer require more resources, time, and attention to project risk management than the mid-sized and small projects, which may work on a more flexible timeline. Let us understand the critical success factors for project risk management in the next screen.

2.10 Critical Success Factors

The image on the screen explains the critical success factors for project risk management. The criteria for success include integration with project management, consistency in terms of risk effort as per the scale to the project, organizational commitment, recognition of value of risk management, individual commitment or responsibility, and, open and honest communication. To manage the risk effectively, you need to identify the role to be played. Project risk management needs to be looked at as an integral part of project management, as there could be risks in the project estimation of time, cost, and scope. There could be risks in the plans, processes, and competencies of human resources, and so on. Therefore, PMI recommends that “integration with project management” is a critical success factor for project risk management. The scale of risk effort should be commensurate or proportionate to the size of the project, uncertainties of the project, skill set of existing human resources, etc. Also, there needs to be commitment at an organizational level, because the project manager is not the only person responsible for showing commitment. The organization also needs to recognize the value of risk management, besides their support and commitment. Any hindrances towards open and honest communication should be dealt with, as this is a critical success factor. In the next screen, we will understand the Functional organization structure.

2.11 Functional Organization

The focus of risk management is to not only identify risks within the project, but also to look for risks within the context of the organization in which the project is carried out. PMI recognizes three organizational structures such as projectized, functional, and matrix. The structures are defined based on the authority given to a project or functional manger. These organizational structures do contribute to risks on the project. In a functional organization, the control of budget and resources are with the functional managers, and the team member’s work in silos. The image on the screen is an example of a functional organization. In the next screen, we will focus on the advantages and disadvantages of Functional organization.

2.12 Functional Organization—Advantages and Disadvantages

The advantages of this organizational structure are: easier management of specialists, clear reporting structure and the employees of the same skill sets are managed as a part of a department. However, the disadvantages of this structure are team member’s loyalty and lack of project management career path. The team members would be loyal to the one who promotes them or provides them with reward or bonus, and the loyalty is not much towards the project, since the project manager has no empowerment. As a disadvantage there can be risks in terms of the attrition of resources, who are more interested to work in the project management area, than their respective functional area. Since the functional organization shows interest in their functional-related activities rather than project-related activities, the projects which are running under this functional organization may carry project-related risks like schedule delays due to lack of human resource commitment. In the next screen, we will understand the Projectized organization structure.

2.12 Functional Organization—Advantages and Disadvantages

The advantages of this organizational structure are: easier management of specialists, clear reporting structure and the employees of the same skill sets are managed as a part of a department. However, the disadvantages of this structure are team member’s loyalty and lack of project management career path. The team members would be loyal to the one who promotes them or provides them with reward or bonus, and the loyalty is not much towards the project, since the project manager has no empowerment. As a disadvantage there can be risks in terms of the attrition of resources, who are more interested to work in the project management area, than their respective functional area. Since the functional organization shows interest in their functional-related activities rather than project-related activities, the projects which are running under this functional organization may carry project-related risks like schedule delays due to lack of human resource commitment. In the next screen, we will understand the Projectized organization structure.

2.13 Projectized Organization

This image on this screen is about a projectized organization. Projectized organizations differ from functional organizations. In a projectized organization, the project manager is in total control of resources and budget. Let us look at the advantages and disadvantages of Projectized organization structure in the next screen.

2.14 Projectized Organization—Advantages and Disadvantages

The advantages of this organizational structure are: This organization type has effective project organization, and the loyalty of the team members is towards the project. The team members know that they would not be provided with any bonus or reward if the project does not succeed, and they would try to give their best towards the success of the project. These organization types are customer centric and there is more effective communication. However, the disadvantage for the team is that they would need to search for a new job once the project is complete. Also, there is no competency in specialization and if there is no proper resource management plan, it might result in less efficient use of resources. In case of projectized environment, the risk is that, project team who want to be specialized in specific technical area may not show full interest to the project as there is no growth for them as per their expectation. This can lead to lack of motivation among the people. From the organizational point of view, the risk is in terms of the revenue loss due to lack of effective resource utilization. Let us move on to the ‘matrix organization’ in the following screen.

2.14 Projectized Organization—Advantages and Disadvantages

The advantages of this organizational structure are: This organization type has effective project organization, and the loyalty of the team members is towards the project. The team members know that they would not be provided with any bonus or reward if the project does not succeed, and they would try to give their best towards the success of the project. These organization types are customer centric and there is more effective communication. However, the disadvantage for the team is that they would need to search for a new job once the project is complete. Also, there is no competency in specialization and if there is no proper resource management plan, it might result in less efficient use of resources. In case of projectized environment, the risk is that, project team who want to be specialized in specific technical area may not show full interest to the project as there is no growth for them as per their expectation. This can lead to lack of motivation among the people. From the organizational point of view, the risk is in terms of the revenue loss due to lack of effective resource utilization. Let us move on to the ‘matrix organization’ in the following screen.

2.15 Matrix Organization

The image on this screen shows the matrix environment and risks associated with it. The matrix organizations combine the aspects of functional and projectized structures. In the next screen, we will look at the advantages and disadvantages of matrix organization structure.

2.16 Matrix Organization—Advantages and Disadvantages

The advantages of this structure are that there is a high visibility of project objectives and there is an improved control over resources. In terms of communication, there is a better horizontal and vertical dissemination of information than functional organizations. Even after the completion of the projects, the team members have a home department to go to. There is a maximum utilization of scarce resources. Challenges are the dual reporting structures, which might foster conflicts. Therefore, there is a need of extra administrative resources to resolve these conflicts, which is not cost effective. Due to different priorities of managers, there are greater problems with resource allocation. In the matrix organization, there is a higher potential for conflicts and effort duplication. The conflict arises due to the scheduling, prioritization, administration, and personality issues between the project and functional managers. These conflicts can be negative in nature, and can result in overall project objective risks. By understanding the type of organization where one is working, he or she can anticipate the kind of risks discussed, and should be able to plan the risk management methodology in a proactive way. Let us understand the types of risks in the following screen.

2.16 Matrix Organization—Advantages and Disadvantages

The advantages of this structure are that there is a high visibility of project objectives and there is an improved control over resources. In terms of communication, there is a better horizontal and vertical dissemination of information than functional organizations. Even after the completion of the projects, the team members have a home department to go to. There is a maximum utilization of scarce resources. Challenges are the dual reporting structures, which might foster conflicts. Therefore, there is a need of extra administrative resources to resolve these conflicts, which is not cost effective. Due to different priorities of managers, there are greater problems with resource allocation. In the matrix organization, there is a higher potential for conflicts and effort duplication. The conflict arises due to the scheduling, prioritization, administration, and personality issues between the project and functional managers. These conflicts can be negative in nature, and can result in overall project objective risks. By understanding the type of organization where one is working, he or she can anticipate the kind of risks discussed, and should be able to plan the risk management methodology in a proactive way. Let us understand the types of risks in the following screen.

2.17 Types of Risk

The two types of risks are business, and pure risks. Business risks have a possibility of gain or loss, and may either be a threat or an opportunity; but the only outcome of pure risk is loss. Let us take an example of business risk; that is, raw material price fluctuation. If the price of raw material goes up in a long-term-fixed-term contract project, it can lead to a negative risk for the seller, and if the price falls below the estimated threshold, seller can be at the opportunity or gain side. Examples of pure risks include direct property damage, fire, flood, windstorm, accidents, damage to equipment in transit, theft, legal liabilities like lawsuits, work-related injuries, and so on. Think of a firecracker manufacturing company where there may be no proper safety measures; it can lead to serious accidents caused by fire at any point of time, and create injuries to people. Depending on the business or pure risk, one has to utilize the appropriate response for the overall project risk management. In the next screen, we will understand a few other types of risks with reference to the knowledge of risk level.

2.18 Types of Risk—Knowledge of Risk Level

Risks can be defined in terms of its impact on the project objectives such as scope, quality, schedule, and cost. For an instance, impact of loss of $10,000 delay of project by 1 month, etc. Risks are also defined in terms of uncertainty. A known risk is a risk that is clearly identified and its impact is clear. For example, you know that a colleague of yours is resigning and this will impact your project, and you have a resignation date, which is known. A known-unknown risk is a risk in which though there is knowledge of risk, and the impact is uncertain. For example, you know that there is a threat of strong storms but you cannot predict how bad they will be. Finally, an unknown-unknown risk is a risk which has not yet been identified and there is no clarity of the impact. Examples can be fire, theft, flood, and earthquake. Let us move on to the quiz questions to check your understanding of the concepts covered in this lesson.

2.18 Types of Risk—Knowledge of Risk Level

Risks can be defined in terms of its impact on the project objectives such as scope, quality, schedule, and cost. For an instance, impact of loss of $10,000 delay of project by 1 month, etc. Risks are also defined in terms of uncertainty. A known risk is a risk that is clearly identified and its impact is clear. For example, you know that a colleague of yours is resigning and this will impact your project, and you have a resignation date, which is known. A known-unknown risk is a risk in which though there is knowledge of risk, and the impact is uncertain. For example, you know that there is a threat of strong storms but you cannot predict how bad they will be. Finally, an unknown-unknown risk is a risk which has not yet been identified and there is no clarity of the impact. Examples can be fire, theft, flood, and earthquake. Let us move on to the quiz questions to check your understanding of the concepts covered in this lesson.

2.20 Summary

Here is a quick recap of what was covered in this lesson: ? Purpose of the practice standard for project risk management is to provide a standard for stakeholders that is globally applicable and consistently applied. ? Project Risk Management includes the processes concerned with conducting risk management planning, identification, analysis, responses, and monitoring and controlling of a project. ? Good risk management practice is to keep it consistent, consider enterprise environmental factors, organizational process assets, and so on. ? The two types of risks are business risks and pure risks.

2.21 Conclusion

This concludes the Risk Management Framework. The next lesson covers Principles and Concepts.

2.1 Risk Management Framework

Hello and welcome to the Project Management Institute’s Risk Management Professional Certification Preparatory Course offered by Simplilearn. In this lesson, we are going to discuss the risk management framework. Let us begin with the objectives in the next screen.

2.2 Objectives

After completing this lesson, you will be able to: ? Describe the purposes of Practice Standard for Risk Management ? Define Project Risk Management ? List the good risk management practices ? List the different types of risks In the next screen, we will discuss the purposes of practice standard for risk management.

2.3 Purposes of Practice Standard for Risk Management

PMI does not advocate a methodology for managing risks, but it provides a standard for stakeholders, and a framework which are recognized as ideal risk management practices. So, before implementing risk management policy or governance, the team should think about setting the standards within the organization or function, using best practices, which could be applicable for all the project owners consistently and which would be recognized by stakeholders. There should also be a standard that is globally applicable and consistently applied. The so-called ‘practice standard’ emphasizes the principles that are fundamental to effective, comprehensive, and successful project risk management. The principles are expected to be agreed upon to have more stability and persistence. If you look at the image on this screen, the standard practices can be derived from the principles of the specialization. The ‘practice standard’ for Project Risk Management is the magnification of the Project Risk Management knowledge area of the fifth edition of PMBOK guide, called ‘A Guide to the Project Management Body of Knowledge'. PMBOK consists of 47 processes spread across ten knowledge areas, and five process groups. Out of these 47 processes, 6 are within risk management. The remaining 41 processes influence, or provide inputs directly or indirectly to manage these 6 risk processes. The bottom layer has a reference to the handbooks, textbooks, and courses. From this, the definitions, theory, tools, or techniques can be derived. These fundamentals are essential for frameworks such as the PMBOK framework. We will understand the definition of risk in the next screen.

2.4 Project Risk—Definition

The Standard for Project Risk Management defines project risk as, “an uncertain event or condition that, if it occurs, has a positive or a negative effect on a project’s objectives.” The negative effect is called threat and the positive effect is called opportunity. For example, consider an organization that may need to shut down due to the break-out of swine flu in the city. Due to this, there is a probable delay in delivering the project on time. This is a threat and is called negative risk. On the other hand, let us assume that you are supposed to purchase a tool. The vendor says that there is no stock of this tool which may be a risk for the project. After a quick survey, you come to know that there is an alternate tool available from a different vendor which has more functions, better performance, and can be procured at a lesser cost. This is an opportunity and is called positive risk. So it can be said that an opportunity leads to a benefit while a threat leads to an issue. We will discuss the definition of project risk management in the next screen.

2.5 Project Risk Management—Definitions

Every project encounters some risks during its lifecycle. You cannot run a project without managing the risks. Project risk management addresses these risks by planning and controlling them. The Standard for Project Risk Management defines project risk management as: Project risk management includes the processes concerned with conducting risk management planning, identification, analysis, responses, and monitoring and controlling of a project. As you know from the previous lesson, the project risk management consists of six processes. The objective of project risk management is to increase the probability and the impact of positive risks and decrease the probability and the impact of negative risks. The image on the screen illustrates the effects of Project Risk. The positive risk consists of 4 risk responses, exploit, enhance, share, and accept, the negative risk also consists of four risk responses, avoid, mitigate, transfer, and accept. The response Accept comes under both positive and negative risks. We will discuss these responses in detail in forthcoming lesson. In the next screen, let us look at the definitions which are frequently used in the course.

2.6 Project Risk Management—Definitions (contd.)

Following are the definitions which are frequently used in the course: Click each tab to learn more. Issue is something that is happening in the present, it is known, and is being dealt with. For example, delay in the arrival of equipment, cost overruns, or a key resource leaving the organization. Risk event is the description of a scenario that may happen if risk materializes. For example, if there is key resource attrition, it will cause delay in deliverables of the project. However, it is good to capture it in the cause-risk-effect format Risk Trigger is a warning about the occurrence of risk. It is a sign or indicator that a risk event is about to occur. For example, the weather forecast says that climate will not be good during next couple of days. As a result of this bad climate, the employees may not come to office as usual, due to which the project deliverables will suffer. Risk management plan documents how the risk management processes will be carried out. In the next screen, let us continue to look at a few other definitions.

2.7 Project Risk Management—Definitions (contd.)

Other definitions are as follows: Click each tab to know more. The risk register details all identified risks, including description, category, cause, probability of occurring, impact(s) on objectives, proposed responses, owners, and current status. Risk Breakdown Structure or RBS shows the hierarchical breakdown of risks organized by risk categories. The risk categories can be external, internal, technology, and project management or anything specific to your industry and project. Probability defines the likelihood of the occurrence of the risk. Probability is expressed in terms of percentages. For example, there is a 50 percent chance of rain today. Impact is the result and consequence of the probability of risk occurring. For example, there is a cost overrun of about $5,000 (Read as: 5,000 Dollars), or delay in project by 1 month. In the next screen, we will discuss the roles of project risk management.

2.8 Roles of Project Risk Management

Risk management is not an optional activity. It is essential for successful project management because of high level of uncertainties. Project risk management addresses the uncertainty in project estimates and assumptions. Please note that project risk management is not a substitute for other project management processes. It requires other processes like scheduling, budgeting, change management, quality aspects, etc. It becomes an integral part of every aspect of managing the project, in every phase and process group. The risk management outcomes act as inputs for considering the contingency reserve in case of scheduling and cost management, to meet the project objectives. Risk management should be conducted throughout the life cycle of the project. The earlier the identification of risk, higher will be the chances of project success. So, the risk management role can be utilized effectively by adapting different processes across the life cycle of the project. These processes will be explained in the future lessons. In the next screen, we will find out the good practices for risk management.

2.9 Good Risk Management Practices

To achieve risk management successfully, good practices need to be followed. Good practices may originate from the organizational culture, and/or can originate from organizational assets. Project risk management is a valuable component and it enhances the value of the other project management processes, which, in turn, helps in achieving overall project objectives. The good practices in risk management are: The risk management should be consistent; It should consider enterprise environmental factors, and organizational process assets; It should be conducted in compliance with internal and external requirements; It should be conducted in an ethical manner following code of conduct which includes honesty, realistic expectations and responses, professional, and objective way for all the projects; and There should be a periodical review conducted for effective risk management in terms of identification, analysis, and responses. Periodical review is carried out as the changes in project management plan may result in a change in project risk management processes. This results in a consideration of the external and internal factors to make it compliant in terms of standards, regulations, law, etc. Project risk management should be conducted in a way that is suitable to the project, and should recognize business challenges and multi-cultural environment including customers, suppliers, and workforces. The other good risk management process is the consultation and communication with stakeholders. Project risk management should be conducted on all projects. The level of detail, tools, time, and resources varies from project to project, depending on the expected value. In general, large projects that provide value to an important customer require more resources, time, and attention to project risk management than the mid-sized and small projects, which may work on a more flexible timeline. Let us understand the critical success factors for project risk management in the next screen.

2.10 Critical Success Factors

The image on the screen explains the critical success factors for project risk management. The criteria for success include integration with project management, consistency in terms of risk effort as per the scale to the project, organizational commitment, recognition of value of risk management, individual commitment or responsibility, and, open and honest communication. To manage the risk effectively, you need to identify the role to be played. Project risk management needs to be looked at as an integral part of project management, as there could be risks in the project estimation of time, cost, and scope. There could be risks in the plans, processes, and competencies of human resources, and so on. Therefore, PMI recommends that “integration with project management” is a critical success factor for project risk management. The scale of risk effort should be commensurate or proportionate to the size of the project, uncertainties of the project, skill set of existing human resources, etc. Also, there needs to be commitment at an organizational level, because the project manager is not the only person responsible for showing commitment. The organization also needs to recognize the value of risk management, besides their support and commitment. Any hindrances towards open and honest communication should be dealt with, as this is a critical success factor. In the next screen, we will understand the Functional organization structure.

2.11 Functional Organization

The focus of risk management is to not only identify risks within the project, but also to look for risks within the context of the organization in which the project is carried out. PMI recognizes three organizational structures such as projectized, functional, and matrix. The structures are defined based on the authority given to a project or functional manger. These organizational structures do contribute to risks on the project. In a functional organization, the control of budget and resources are with the functional managers, and the team member’s work in silos. The image on the screen is an example of a functional organization. In the next screen, we will focus on the advantages and disadvantages of Functional organization.

2.12 Functional Organization—Advantages and Disadvantages

The advantages of this organizational structure are: easier management of specialists, clear reporting structure and the employees of the same skill sets are managed as a part of a department. However, the disadvantages of this structure are team member’s loyalty and lack of project management career path. The team members would be loyal to the one who promotes them or provides them with reward or bonus, and the loyalty is not much towards the project, since the project manager has no empowerment. As a disadvantage there can be risks in terms of the attrition of resources, who are more interested to work in the project management area, than their respective functional area. Since the functional organization shows interest in their functional-related activities rather than project-related activities, the projects which are running under this functional organization may carry project-related risks like schedule delays due to lack of human resource commitment. In the next screen, we will understand the Projectized organization structure.

2.13 Projectized Organization

This image on this screen is about a projectized organization. Projectized organizations differ from functional organizations. In a projectized organization, the project manager is in total control of resources and budget. Let us look at the advantages and disadvantages of Projectized organization structure in the next screen.

2.14 Projectized Organization—Advantages and Disadvantages

The advantages of this organizational structure are: This organization type has effective project organization, and the loyalty of the team members is towards the project. The team members know that they would not be provided with any bonus or reward if the project does not succeed, and they would try to give their best towards the success of the project. These organization types are customer centric and there is more effective communication. However, the disadvantage for the team is that they would need to search for a new job once the project is complete. Also, there is no competency in specialization and if there is no proper resource management plan, it might result in less efficient use of resources. In case of projectized environment, the risk is that, project team who want to be specialized in specific technical area may not show full interest to the project as there is no growth for them as per their expectation. This can lead to lack of motivation among the people. From the organizational point of view, the risk is in terms of the revenue loss due to lack of effective resource utilization. Let us move on to the ‘matrix organization’ in the following screen.

2.15 Matrix Organization

The image on this screen shows the matrix environment and risks associated with it. The matrix organizations combine the aspects of functional and projectized structures. In the next screen, we will look at the advantages and disadvantages of matrix organization structure.

2.16 Matrix Organization—Advantages and Disadvantages

The advantages of this structure are that there is a high visibility of project objectives and there is an improved control over resources. In terms of communication, there is a better horizontal and vertical dissemination of information than functional organizations. Even after the completion of the projects, the team members have a home department to go to. There is a maximum utilization of scarce resources. Challenges are the dual reporting structures, which might foster conflicts. Therefore, there is a need of extra administrative resources to resolve these conflicts, which is not cost effective. Due to different priorities of managers, there are greater problems with resource allocation. In the matrix organization, there is a higher potential for conflicts and effort duplication. The conflict arises due to the scheduling, prioritization, administration, and personality issues between the project and functional managers. These conflicts can be negative in nature, and can result in overall project objective risks. By understanding the type of organization where one is working, he or she can anticipate the kind of risks discussed, and should be able to plan the risk management methodology in a proactive way. Let us understand the types of risks in the following screen.

2.17 Types of Risk

The two types of risks are business, and pure risks. Business risks have a possibility of gain or loss, and may either be a threat or an opportunity; but the only outcome of pure risk is loss. Let us take an example of business risk; that is, raw material price fluctuation. If the price of raw material goes up in a long-term-fixed-term contract project, it can lead to a negative risk for the seller, and if the price falls below the estimated threshold, seller can be at the opportunity or gain side. Examples of pure risks include direct property damage, fire, flood, windstorm, accidents, damage to equipment in transit, theft, legal liabilities like lawsuits, work-related injuries, and so on. Think of a firecracker manufacturing company where there may be no proper safety measures; it can lead to serious accidents caused by fire at any point of time, and create injuries to people. Depending on the business or pure risk, one has to utilize the appropriate response for the overall project risk management. In the next screen, we will understand a few other types of risks with reference to the knowledge of risk level.

2.18 Types of Risk—Knowledge of Risk Level

Risks can be defined in terms of its impact on the project objectives such as scope, quality, schedule, and cost. For an instance, impact of loss of $10,000 delay of project by 1 month, etc. Risks are also defined in terms of uncertainty. A known risk is a risk that is clearly identified and its impact is clear. For example, you know that a colleague of yours is resigning and this will impact your project, and you have a resignation date, which is known. A known-unknown risk is a risk in which though there is knowledge of risk, and the impact is uncertain. For example, you know that there is a threat of strong storms but you cannot predict how bad they will be. Finally, an unknown-unknown risk is a risk which has not yet been identified and there is no clarity of the impact. Examples can be fire, theft, flood, and earthquake. Let us move on to the quiz questions to check your understanding of the concepts covered in this lesson.

2.20 Summary

Here is a quick recap of what was covered in this lesson: ? Purpose of the practice standard for project risk management is to provide a standard for stakeholders that is globally applicable and consistently applied. ? Project Risk Management includes the processes concerned with conducting risk management planning, identification, analysis, responses, and monitoring and controlling of a project. ? Good risk management practice is to keep it consistent, consider enterprise environmental factors, organizational process assets, and so on. ? The two types of risks are business risks and pure risks.

2.21 Conclusion

This concludes the Risk Management Framework. The next lesson covers Principles and Concepts.

  • Disclaimer
  • PMP, PMI, PMBOK, CAPM, PgMP, PfMP, ACP, PBA, RMP, SP, and OPM3 are registered marks of the Project Management Institute, Inc.

Request more information

For individuals
For business
Name*
Email*
Phone Number*
Your Message (Optional)
We are looking into your query.
Our consultants will get in touch with you soon.

A Simplilearn representative will get back to you in one business day.

First Name*
Last Name*
Email*
Phone Number*
Company*
Job Title*