Is Your Lack of Risk Management Hurting You?
Risk management is, essentially, the process by which you identify and analyze the various risks that are associated with any project, no matter how large or small. This is important because it gives you the chance, during the planning process, to figure out what risks might end up affecting your project. That way, you can take steps to avoid those potential risks becoming a real problem. And, if those risks do become reality, you can immediately take action.
Despite the benefits that can be derived from the implementation of risk management, many businesses still have huge misconceptions about the risk management process, as well as what risk is. As a result, they waste time, money, and resources, and run into problems that could have been avoided.
Let’s make sure this doesn’t happen to you!
First, Consider Whether You’re Making the Most of Risk Management
To figure out if your lack of risk management is a problem that needs to be addressed, ask yourself the following questions:
- Do you want to control your project or have your project control you?
- Can you imagine going on vacation at the beginning of the execution of your project because everything is under control?
- Would you like to prevent 45-90% of the problems on your project?
You can do all of these things, as long as you know and implement risk management. It starts with understanding some of the biggest misconceptions about risk, along with some of the major mistakes that people make in risk management.
Clearing Up What Risks Really Are
Because misconceptions about risk can do a lot of damage and hinder your ability to take full advantage of the benefits that come with a strong risk management approach, here are some of the things that you should know about risk and risk management.
With this knowledge, you’ll be able to implement risk management into any project you lead, and you can boost the odds of successfully completing projects without hitting snags along the way.
- Risk identification cannot begin without inputs to the process.
Those inputs include identifying, or creating, the project scope, a WBS, the project team and other stakeholders, a network diagram, and a project budget and schedule. Therefore, risk management isn’t completed using only a checklist or a Monte Carlo simulation. It involves identifying risks for the project and by work package.
- Risk identification cannot stop after only a brief effort that results in a short list of risks.
By “short,” we mean 20 or fewer. Rather than putting in minimal effort in identifying potential problems and their odds of arising during a project, it’s important to really take your time, and it is best to involve the project’s stakeholders. By the time you’re done, you shouldn’t be surprised to find that you have identified hundreds of risks.
- Risks should not be evaluated as they are identified.
Instead, qualitative and quantitative risk analysis should be done later in the process. Evaluating risks at the wrong time decreases the number of total risks identified. Focus on one step at a time, and the first step is to simply identify risks.
- Remember: the risks that are identified are not really risks.
To clarify, a risk is an event that is uncertain, and it is something that might end up negatively impacting anything from your budget to your team’s ability to complete their tasks. So, as an example, if your project has too few resources, this is not a risk; rather, it is a fact that must be addressed in the project management plan.
- Risks need to be clearly and properly stated.
For example, a risk of “poor communication” is too nondescript to be useful in the risk management process. Risks should be described fully. So, in this example, the risk would be identified as such: “poor communication of customers’ needs regarding installation of system XYZ will cause two weeks of rework.”
Beware: whole categories and methods of risks are sometimes missed!
Some project managers and their teams focus only on technology risks, cost risks, etc. However, the truth is that there are also risks related to project management and the various departments involved in the project. Other issues can arise because of lack of knowledge, the marketplace, and any number of other things.
Also, you shouldn’t use just one method, such as a checklist, to identify risk. It’s best to use a combination of methods, as this helps ensure that more risks are identified.
Other Common Mistakes Made When Trying to Manage Risk
Here are some mistakes to avoid:
- The first risk response strategy identified is selected without looking at other options to find the best option or combination of options.
- Team meetings address everything except what they should be addressing: risks!
- Contracts must not be created or signed until the project manager is assigned and a risk analysis is complete. Remember, contracts are risk mitigation tools.
- Companies forget that risks can be good or bad, though they are sometimes called threats and opportunities. Keep in mind that the positive risks must be enhanced and the negative risks must be diminished.
- Due to lack of knowledge, some businesses equate risk management with adding a pad to the project schedule and cost. Proper risk management will result in a “reserve,” but it is not a pad because it can be based on analysis and calculation, and it can be justified.
Take Advantage of Risk Management in Every Project!
Having the right risk management strategy in place, and being aware of the common risk mistakes to avoid, will allow you to move through projects from start to finish while remaining on schedule and budget. We hope the information above has helped clarify some of the common errors and misconceptions that can hold you back.
If you have discovered that a lack of risk management is hurting you, and you want to improve your skills in this area, check out RMC’s online course, Risk Management Tricks of the Trade for Project Managers.