Risk Management in Agile: How To Control Risk In Agile

Risk Identification in Agile Risk Management

It is very essential to identify risk in projects in order to control them. There are different types of techniques that can be used in identifying risks. Few of the popular risk identification techniques used by agile practitioners are: exhaustive risk checklists, review of documents, analysis of assumptions and constraints and so on.  As the project manager encourages the entire agile team to identify the risks involve, he or she should also provide them the guidelines to be followed in risk identification in order to achieve the goal of controlling and minimizing risk. Below are the guidelines that need to be considered by the agile team members while identifying risk in agile risk management.

• In the initial stage of agile project development, the agile team and the product manager discusses about the requirements and the cases that might arise while delivering them. At the time of analyzing the requirements, team members should start thinking about the risks involved in implementation of the requirements.
• In the estimation process of agile project development, team should estimate the size of stories. They should consider the granularity of the stories because the larger the stories, the bigger is the risks involved.
• The process of identifying risk starts since iteration planning itself. The agile team should be accepting work that they are confident for reducing the risk of failure.
• The agile team members should bring up issues having an impact in their work process during every stand-up meeting. Thereafter they should discuss further to take appropriate mitigating actions.
• Team members working on an agile project should discuss and clarify about risks with the stakeholders during every iteration review.
• The team must reflect on the state of the project, the experiences that they had during the iteration and find tune for the assessment of the risks involved.

Risk Assessment in Agile Risk Management:

The next step that comes after identification of risk in project risk management is risk assessment. In this process of risk assessment, acknowledging the broad risk categories can be helpful. A broad categorization can be business risk, technological risks and logistical risk. One of such popular categorization is called PESTLE.

PESTLE: Political Risks – Arise of Political influences that govern a project
PESTLE: Environmental Risks
PESTLE: Social Risks
PESTLE: Risks rising our of Technology
PESTLE: Risks arising of Legal standpoint
PESTLE: Economic Risks

Here are some effective risk assessment techniques used by agile practitioners in the process of agile project management.

1. Risk Census:

A risk census is a simple framework for analyzing the risk exposure of a project. For each risk, a probability and the impact out of the risk factors is determined. The impact can be either in terms of time or cost or both. Here the delay in the project process time due to risk is counted in terms of day. The risk exposure is then calculated by multiplying the probability and the impact and the overall risk is then tracked to assess the “risk” of a project.

2. Risk Board

Risk board is an information radiator that is used to make the risks on a project transparent to the team and the stakeholders. By using risk board, the identified risks are displayed along with the probabilities and impacts. This board should be reviewed by the agile team members and project manager on stand-up meetings on daily basis.

3. Risk Burn Down Chart:

Risk burn down chart is a simple graphical indicator of the trends present in the risks of the project. This chart displays the exposure of the risk and its impact and response. Along with time progress the status of the risk factors is updated thus letting the agile team members know how much is achieved and how much is yet to achieve in controlling risks.

Risk Response in Agile Risk Management

After identifying and assessing the risks in a project, the next step is to consider the risk responses. In broad terms, there are four types of response actions that are possible on the risks.

• Avoid: In this cases, if a particular story is risky, the avoid strategy could be used to remove the story from the backlog. This is however not possible in all cases as it depends on the importance of the story in the project.
• Mitigate: Using mitigate strategy, agile team tries to reduce either the impact or probability of the risks or both. Suppose a team is aware about their “velocity”, then they can predict the amount of work that can be done in iteration. This mitigates the risk of over-committing or under-committing during the iteration planning.
• Transfer: Using transfer strategy, the risk is transferred to another party. A commonly employed transfer strategy is “outsourcing” where you assign work to a third party. However transferring risks does not completely eliminate the risk. This is called residual risk which also should be dealt with.
• Accept: Using accept strategy, one consciously accept the risk and with the risk as it arises. This strategy is usually used for risks that have either a lower probability or impact.

Risk Review in Agile Project Management

Risk review is the name of forum or meeting where risks of a project are reviewed. During the review, the probability and impact of the risks is re-assessed for better and also new risks if arising are identified. Daily standup meeting, planning meetings, Scrum-of-scrums etc too can serve a platform for risk review in agile project management. To know more about risk management and agile practices, you can join Simplilearn’s PMI-ACP online training. You can also attend PMP® Certification Training in order to expand your agile knowledge and improve your PMI-ACP exam prep towards attaining an agile certification. Know the dates of upcoming agile training dates for your city.