There is a saying in armed force: ‘More you sweat in peace, less you bleed in war.’ A corollary to project management probably would be, ‘more you sweat during the planning phase, less you bleed during the execution phase.’
Risks are a part of any project. A project in mobile domain has certain additional challenges as they are executed at a higher pace and are time critical. Any delay due to an unforeseen risk can jeopardize the relevance of the project itself. It, also, needs extra focus in areas such as performance and security, as these are important success criteria for any mobile applications, for today’s smart phone holding, technical savvy end-users.
The risk could be technical, people, constraints or any change in the project’s objectives. If a Project Manager is alert, to notice the risk on time, and handle it to eliminate or reduce the impact, he/she has done his/her job diligently.
The article provides an introduction to Risk Management (RM) to enable a project manager to be prepared for any risk; they may face during the life cycle of project.
Project risk is defined by PMI as an uncertain event or condition that, if it occurs, has a positive or negative effect on a project’s objectives. A good Risk Management (RM) prepares a project manager to anticipate any possible risk, for the project, and handle it in a way to minimize the impact. Risk management can be split into the following parts:
- Risk Management Planning
- Risk Identification and Prioritization
- Risk Analysis and Response
- Risk Monitoring and Control
Risk Management Planning is the activity to define various steps, a Project Manager (PM) or team would take for identifying, analyzing and monitoring risks. A Project Manager would define the process to identify the various risks, define the probability of risks and impact scale for various types of risks. The sample table below shows the probability definition and impact scale
Risk Identification and Prioritization is the activity to identify the risks at various stages of the project and prioritize them, based on the risk exposure (probability x impact). A risk can be identified by some of the following:
- Organization risk repository (if available), for similar projects, can be used to identify the risks at the beginning of the project. This could include risks at various stages of the project
- Discussion with Project Managers of similar projects
- Any change in effort, scope or schedule
- Any change in available resources (both living and non-living)
Risk prioritization is generally based on ‘Risk Exposure’, which is generally a combination of risk probability and risk impact. For a simple calculation, we can calculate it as:
Risk Analysis and Response are the set of activities to log, analyze and document the trigger point and mitigation plan. Once a risk is identified and prioritized, it is further analyzed to identify and document the trigger point and mitigation strategies. Any of the following risk mitigation strategy can be followed:
- Accept – Accept the risk without taking any special effort to control it with the approval from the relevant authority
- Avoid – Eliminate the threat, posed by the risk, with the execution of an action plan
- Mitigate – Implement actions to minimize the impact or likelihood of the risk
- Transfer – Assign the responsibility to any other willing stake holder
Once a risk is analyzed and a mitigation plan, response plan is identified, it is logged in a Risk log / register. A typical risk log will have the following information: Risk definition, probability, impact, exposure, trigger point, mitigation plan, response plan and contingency plan.
Risk Monitoring and Control are a set of activities conducted to monitor and control the identified risks.
The process of Risk Monitoring and Control could be carried out in the internal periodical project meeting and / or through the regular meeting with the customer. In the internal project meetings, the following is on the agenda among other things.
- Identify new risks at the current stage of the project
- Monitor the existing risks for current exposure, which necessitate the initiation of mitigation plan or response plan
This addresses the basic introduction of Risk management for IT projects in mobile domain. There are more detailed definition and structured approach to Risk management, however this article makes a good starting point and a food for thought. If you’d like more information on how to ensure risk management in your mobility projects, write to firstname.lastname@example.org
Delivery Manager, RapidValue Solutions