Wondershare EdrawMind
MindMap Gallery Chapter 11 Project Risk Management_Knowledge Points
- 10
Chapter 11 Project Risk Management_Knowledge Points
Chapter 11 Project Risk Management_Knowledge points, including implementation of qualitative risk analysis and implementation of quantitative risk analysis. Help friends quickly master the key points of project risk management!
Edited at 2023-02-10 19:37:21
- cáncer de pulmón
El cáncer de pulmón es un tumor maligno que se origina en la mucosa bronquial o las glándulas de los pulmones. Es uno de los tumores malignos con mayor morbilidad y mortalidad y mayor amenaza para la salud y la vida humana.
- diabetes
La diabetes es una enfermedad crónica con hiperglucemia como signo principal. Es causada principalmente por una disminución en la secreción de insulina causada por una disfunción de las células de los islotes pancreáticos, o porque el cuerpo es insensible a la acción de la insulina (es decir, resistencia a la insulina), o ambas cosas. la glucosa en la sangre es ineficaz para ser utilizada y almacenada.
- sistema digestivo
El sistema digestivo es uno de los nueve sistemas principales del cuerpo humano y es el principal responsable de la ingesta, digestión, absorción y excreción de los alimentos. Consta de dos partes principales: el tracto digestivo y las glándulas digestivas.
Chapter 11 Project Risk Management_Knowledge Points
- cáncer de pulmón
El cáncer de pulmón es un tumor maligno que se origina en la mucosa bronquial o las glándulas de los pulmones. Es uno de los tumores malignos con mayor morbilidad y mortalidad y mayor amenaza para la salud y la vida humana.
- diabetes
La diabetes es una enfermedad crónica con hiperglucemia como signo principal. Es causada principalmente por una disminución en la secreción de insulina causada por una disfunción de las células de los islotes pancreáticos, o porque el cuerpo es insensible a la acción de la insulina (es decir, resistencia a la insulina), o ambas cosas. la glucosa en la sangre es ineficaz para ser utilizada y almacenada.
- sistema digestivo
El sistema digestivo es uno de los nueve sistemas principales del cuerpo humano y es el principal responsable de la ingesta, digestión, absorción y excreción de los alimentos. Consta de dos partes principales: el tracto digestivo y las glándulas digestivas.
- Recommended to you
- Outline
![[Books][Project Management]⑧Project Risk Management](https://edrawcloudpublicus.s3.amazonaws.com/work/5594687/2024-5-18/1716044555/thumb.png?x-oss-process=image/resize,w_300,m_lfit)
Information Systems Project Manager Tutorial (4th Edition) Chapter 15_Project Risk Management
- 5
Chapter 11 Project Risk Management
Overview
Project risk management aims to identify and manage risks not managed by other project management processes
individual project risk
An uncertain time or condition that, if occurred, would have a positive or negative impact on one or more project objectives
overall project risk
The impact of uncertainty on the overall project is the positive project outcome and parent variation range faced by relevant parties.
from all uncertainties including individual risks
risk threshold
It reflects the risk appetite of the organization and project stakeholders and is the acceptable degree of variation in project goals.
Risk thresholds should be clearly defined and communicated to the project team
Risk threshold, risk appetite and risk tolerance
non-event risks
Variability risk: uncertainty about some key aspect of a planned time, activity, or decision
Can be processed through Monte Carlo analysis
Ambiguity risk: uncertainty about what may happen in the future
Define gaps in knowledge or understanding first, then fill the gaps through other means (expert judgment, best practices, incremental development, prototyping, simulation)
project resilience
Integrated risk management
Projects exist within an organizational context and may be part of a program or portfolio. Risk exists at the project, program, portfolio, and organizational levels
risk management process
planning risk management
Identify risks
Conduct qualitative risk analysis
Conduct quantitative risk analysis
Plan risk responses
Implement risk responses
Oversight risk
risk change process
####
11.1 Planning risk management
Definition: How to implement project risk management activities
Role: Ensure that the level, approach, and visibility of risk management are commensurate with the level of project risk and the importance of the project to the organization and other relevant parties
Conduct only once or only at predefined points in the project
enter
Project Charter: A high-level project description, boundaries, requirements, and risks
Project management plan: interaction with other sub-plans
Project documents: including stakeholder register (stakeholder roles and attitudes towards risk)
Helps set risk thresholds
Business environment factors: including overall risk thresholds set by the organization or key stakeholders
organizational process assets
Includes risk breakdown structure, common definitions of risk concepts and terms, templates, roles and responsibilities, authority levels for decision-making, etc.
Tools & Techniques
expert judgment
Data analysis: including stakeholder analysis to determine stakeholder risk appetite
Meeting
The preparation of the risk management plan can be a task at the project kick-off meeting, or a dedicated planning meeting
output
risk management plan
risk management strategy
methodology
Roles and Responsibilities: Leaders, sponsors and team members for each risk management activity, clear responsibilities
Funds: funds required for risk management activities, emergency reserves and management reserve usage plans
Timing: When and how often the project risk management process will be implemented and risk management activities identified and integrated into the project schedule.
risk category
Risk Breakdown Structure (RBS)
Hierarchical display of potential risk sources
Helps to consider all possible sources of risk for a single project and is particularly useful for identifying risks or classifying identified risks
Related party risk appetite
The risk appetite of relevant parties should be expressed into measurable risk thresholds for each project objective.
These thresholds will not only jointly determine acceptable overall project risk exposure levels, but will also be used to develop probability and impact definitions
Definition of Risk Probability and Impact
######
Probability and Impact Matrix
It is a table that maps the probability of each risk occurring to the impact on the project objectives if it occurs.
Probability and impact combinations to classify individual project risks into different priority groups, rank them, and develop further response measures
######
Reporting format: Determine how the results of the project risk management process will be recorded, analyzed, and communicated.
Tracking: Determine how risk activities will be recorded and how risks will be audited
11.2 Identify risks
Definition: Identify individual project risks, sources of overall project risks, and record risk characteristics
Role: Record existing individual project risks, as well as the sources of overall project risks, and compile information for appropriate response
Need to be carried out throughout the project
Keep iterating
enter
Project management plan: requirements, schedule, cost, quality, resources, risk management plan, scope baseline, schedule baseline, cost baseline
Project documents: Assumption log, cost estimate, duration estimate, issue log, lessons learned register, requirements document, resource requirements, stakeholder register
Agreement: External procurement project resources, date, contract type, acceptance criteria, etc. in the agreement
Procurement documents
Continuous review of latest procurement documents
Business environment factors: business databases, checklists, academic research materials, benchmarking results, industry research materials on similar projects
Organizational process assets: project documentation (actual data), process control information, risk description formats, checklists from previous similar projects
Tools & Techniques
expert judgment
data collection
Brainstorm: Obtain a comprehensive list of sources of individual project risk and overall project risk
Checklist
List specific individual project risks that have arisen in the past and may be relevant to the current project. An effective way to learn lessons from similar projects that have been completed.
Develop checklists based on historical information and knowledge accumulated from similar projects and other sources of information
Simple and easy to use, but it cannot exhaust all risks and be aware of things not listed in the checklist
Continuously update, delete and archive outdated information
Interviews: conducted in an environment of trust and confidentiality
data analysis
Root cause analysis: often used to discover the underlying causes of problems and develop preventive measures
Assumptions or constraints analysis: identify risks from inaccurate, unstable, inconsistent and incomplete assumptions
SWOT analysis:
A case-by-case examination of project strengths, weaknesses, opportunities, and threats
When identifying risks, internally generated risks are included, thereby broadening the scope of risk identification
step
Focus on a project, organization, or general business area and identify the organization's strengths and weaknesses
Identify the opportunities that organizational strengths may bring to the project and the threats that organizational weaknesses may pose
To what extent can organizational strengths overcome threats? Will organizational weaknesses hinder the creation of opportunities?
Document Analysis: A structured review of project documents
Interpersonal and team skills
guide
Prompt List: A preset list of risk categories that may give rise to individual project risks and may serve as sources of overall project risk
Meeting
output
risk register
List of Identified Risks: Structured Description
Person responsible for potential risks:
If a potential risk holder is identified during risk identification, this needs to be recorded in the risk register and subsequently confirmed by a qualitative risk analysis process.
risk owner
Who will implement risk measures and how?
Responsible persons in each process
List of potential risk responses: If potential risk responses are identified when identifying risks, they need to be recorded in the risk register and subsequently confirmed by the Plan Risk Response process
Risk name, category, current status, one or more causes, one or more impacts on the target, risk trigger conditions, affected WBS components, time information
risk report
Sources of overall project risk, the most important driver of overall risk exposure
Overview information on identified individual project risks
Project document updates: Assumption log, Issue log, Lessons learned register
11.3 Conduct Qualitative Risk Analysis
Definition: Evaluate the probability of occurrence, impact and other characteristics of individual project risks, and prioritize risks
Role: Prioritize individual project risks, focusing on high-priority risks
Need to be carried out throughout the project
enter
Project Management Plan: Includes Risk Management Plan
Roles and responsibilities for risk management, budgeting and scheduling activities, as well as risk categories (usually defined in a risk breakdown structure), probability and impact definitions, probability and impact matrices and risk thresholds for interested parties -
If the above content is not completed in planning risk management, it can be prepared in the qualitative analysis and used in this process after approval by the sponsor.
Project documents: Assumption log, risk register, stakeholder register
Business environment factors: industry research materials on similar projects, published materials, including business risk databases or checklists
Organizational process assets: information such as completed similar projects
Tools & Techniques
Expert judgment: previous similar projects, qualitative risk analysis
Data collection: interviews (pay attention to the confidential interview environment)
data analysis:
Risk data quality assessment
Risk data is the basis for qualitative risk analysis
Designed to evaluate the accuracy and reliability of data regarding individual project risks
Risk probability and impact assessment
Risk probability assessment considers the likelihood that a specific risk will occur
A risk impact assessment considers the potential impact of a risk on one or more project objectives, such as schedule, cost, quality, or performance
Assessment of other risk parameters
Urgency, proximity, latency, manageability, controllability, detectability, connectivity, strategic influence, closeness
Interpersonal and team skills
guide
Risk classification
Basis: Risk sources (risk breakdown structure may be used), affected project areas (e.g. WBS), other practical categories, common root causes
Data performance
Probability and Impact Matrix
It is a table that maps the probability of each risk occurring to the impact on the project objectives if it occurs.
Probability and impact combinations to classify individual project risks into different priority groups, rank them, and develop further response measures
######
Differences from risk management plans
hierarchy diagram
two or more parameters
Bubble Chart: 3D Data
Meeting
Risk Workshop: Discussion of identified individual project risks
Objectives: Review identified risks, assess probability and impact, classify and prioritize risks
output
Project document updates: Assumption log, Issue log, Risk register, Risk report (records the most important single analysis and priority of all identified analyses)
11.4 Implement quantitative risk analysis
Definition: A quantitative analysis of the combined impact of identified project risks and other sources of uncertainty on the overall project objectives.
Role: Quantify overall project risk exposure and provide additional quantitative risk information to support risk response planning
Not required for every project, but if used, it will continue throughout the project
Depends on whether high-quality data on risk, scope, schedule, cost baseline allow
enter
Project management plan: risk management plan, scope baseline, schedule baseline, cost baseline
Project documents: Assumption log, basis of estimate (estimate purpose, classification, accuracy, methodology, sources), cost estimate, cost forecast, duration estimate, milestone list, resource requirements, risk register, risk report, schedule forecast
Business environment factors: industry research materials on similar projects, published materials, including business risk databases or checklists
Organizational process assets: information such as completed similar projects
Tools & Techniques
expert judgment
Data collection: such as interviews
Interpersonal and team skills: such as facilitation
How uncertainty manifests
Risk risk model: reflects the relationship between individual project risks and other sources of uncertainty
Probability distribution: represents the possible interval of an estimate
Triangular distribution, normal distribution, lognormal distribution, beta distribution, uniform distribution, discrete distribution
Probability distribution plot or probability branch
data analysis
simulation
Monte Carlo analysis
enter
output
step
critical analysis
Schedule Cost Analysis: Determine which activities of the risk model have the greatest impact on the project critical path
Method: Through simulation, calculate the frequency of the activity appearing on the critical path, expressed as a percentage
Role: Focus on those activities that have the greatest potential impact on the overall schedule performance of the project to plan risk response measures
sensitivity analysis
Role: Determine which individual project risks or other sources of uncertainty have the greatest potential impact on project outcomes
Method: Establish a link between project outcome variability and element variability in a quantitative risk analysis model
Output: tornado plot
Method: Mark the correlation coefficient between each element in the quantitative risk analysis model and the project results it can affect
Each element is arranged in descending order of correlation strength, forming a typical tornado shape.
Decision tree analysis
Function: Choose the best one among several alternative courses of action
method:
Use different branches to represent different decisions or events, that is, alternative paths for the project.
Each decision or event has associated costs and individual project risks (including threats and opportunities).
The end point of a decision tree branch represents the final outcome along a specific path, which can be a negative or positive outcome.
By calculating the expected monetary value of each branch, the optimal path can be selected
Example
influence diagram
Usage scenario: Graphical aid for decision-making under uncertainty
Method: express the project or a situation in the project as a series of entities, results and impacts, as well as the relationships and interactions between them
Form: interval or probability distribution Simulation technology->factors with the greatest influence
Output: S-curve chart, tornado chart, etc.
output
Project Documentation Update: Includes Risk Report
Evaluation of overall project risk exposure: likelihood of success, inherent project variability
Results of a detailed probabilistic analysis of the project: contingency reserves, a list of individual risks or other sources of uncertainty that have the greatest impact on the critical path, the main drivers of overall project risk
Individual project risk priority list: individual risks with the greatest threats and opportunities
Trends in Quantitative Risk Analysis Results
Risk response suggestions
11.5 Planning risk responses
Definition: Developing options, selecting response strategies, and agreeing on response actions to address overall project risk exposure, as well as individual project risks
Role: Develop appropriate approaches to overall project risks and individual project risks, allocate resources, add relevant activities to project documents and project management safeguards as needed
Implement agreed risk response strategies, including primary strategies and backup strategies (if necessary), and develop specific response actions
If the chosen strategy is not entirely effective, or if an accepted risk occurs, a contingency plan (or rebound plan) will be needed
Secondary risks: These are risks directly caused by the implementation of risk response measures. Secondary risks also need to be identified.
###
Need to be carried out throughout the project
enter
Project management plan: resources, risk management plan, cost baseline
Project documents: lessons learned register, project schedule, project team work order, resource calendar, risk register (project priority helps select response measures and risk owners), risk report, stakeholder register
Business environment factors: risk preferences and risk thresholds of relevant parties
Organizational process assets: templates, historical databases, lessons learned knowledge base
Tools & Techniques
expert judgment
Data collection: interviews
Interpersonal and Team Skills: Interview
Threat response strategy
Report
Not within the scope of the project and beyond the authority of the project manager
avoid
High-priority threats with high incidence and severe negative impact
The project team takes action to eliminate the threat and reduce the probability of occurrence to 0
Eliminate the cause of the threat, extend schedule, change project strategy, reduce scope
transfer
Shift responsibility for responding to threats to third parties
Buy insurance, use performance bonds, letters of guarantee, letters of guarantee, sign agreements, etc.
alleviate
Take steps to reduce the probability or impact of threats
Buying a home with a simpler process, multiple tests, and more reliability
Mitigate the impact of risk occurrence, such as including spare parts
accept
Acknowledge that threats exist but do not take proactive measures
Low priority threats, or threats that cannot be effectively dealt with
Take the initiative: Build a contingency reserve
Passive acceptance: taking no proactive action and regularly reviewing threats to ensure no significant changes have occurred
Strategies are based on what the current risk event/state indicates, regardless of whether the risk will occur later.
Accept: the risk occurs and do nothing
Avoidance: Do something, and then the original risk disappears
Mitigation: After doing something, the original risk probability becomes smaller, or the impact becomes smaller.
Opportunity coping strategies
Report
Not within the scope of the project and beyond the authority of the project manager
open up
Secure high-priority opportunities
The probability of occurrence increases to 100%
Allocate the organization's most capable resources to the project to shorten completion time, or adopt new technology or technology upgrades to save project costs and shorten project duration
share
Transfer responsibility for responding to opportunities to a third party
New risk holders must be able to seize opportunities
Establish partnerships, collaborative teams, special companies or joint ventures
improve
Increase the probability or impact of an opportunity
Pay attention to the reasons and increase the probability of occurrence
Focus on impacts, such as increased resources to complete activities sooner
accept
Acknowledge that opportunities exist and do not take proactive measures
Low priority, unable to respond effectively
Take the initiative: Build a contingency reserve
Passive acceptance: taking no proactive action and regularly reviewing opportunities to ensure no major changes have occurred
#####
emergency response strategies
A response that is only used when a specific event occurs
######
Contingency plan (plan B)
Provide early warnings for identified risks and respond when early warnings occur.
Belongs to a special response plan
Bounce back plan (guaranteed plan)
Contains a backup set of actions and tasks that can be used if the main plan is abandoned due to problems, risks, or other reasons
Will not exist independently: only a certain risk has a contingency or response plan, and the plan is developed considering the failure of the contingency or response plan
Changes that are not part of the original plan require a change control process when using the bounce plan.
contingency measures
Find a way at the last minute
Overall project risk response measures: avoid, exploit, transfer or share, mitigate or improve, accept
positive
negative
Data analysis: alternative analysis, cost-benefit analysis
Decision-making: multi-criteria decision-making
output
change request
Project management plan updates: schedule, cost, quality, resources, procurement management plan, scope, schedule, cost baseline
Project document updates: Assumption log, cost forecast, lessons learned register, project schedule, project team work order, risk register, risk report
11.6 Implement risk responses
Definition: Execution of an agreed risk response plan
Role: Ensure agreed-upon risk responses are executed as planned to manage overall project risk exposure, minimize individual project threats, and maximize individual project opportunities
Need to be carried out throughout the project
enter
Project Management Plan: Risk Management Plan
Project documents: lessons learned register, risk register, risk report
organizational process assets
Tools & Techniques
expert judgment
Interpersonal and team skills
Project Management Information System (PMIS)
output
change request
Project document updates: problem log, lessons learned register, project team work order, risk register, risk report
11.7 Supervision risks
Definition: Oversee the implementation of agreed risk response plans, track identified risks, identify and analyze risks, and evaluate risk management effectiveness
Role: Base project decisions on current information about overall project risk exposure and individual project risks
Need to be carried out throughout the project
Purpose
enter
Project Management Plan: Risk Management Plan
project files
Problem log
Lessons Learned Register
risk register
Individual project risks identified · Risk owners · Agreed risk response strategies · And specific response measures
Controls used to evaluate response plan effectiveness
Symptoms and warning signs of risk
Residual and secondary risks
risk report
job performance data
job performance report
Tools & Techniques
data analysis
Technical performance analysis
Compare technical results achieved during project execution with plans to achieve relevant technical results
Weight, processing time, number of defects, storage capacity, etc., how far the actual results deviate from the plan
Reserve analysis
Compare the remaining contingency reserve and the amount of remaining risk to determine whether the remaining reserve is reasonable
burn down chart
audit
risk audit
Used to evaluate the effectiveness of risk management processes
The PM ensures that risk audits are conducted regularly as required by the project risk management plan.
Before conducting an audit, the procedures and objectives of the audit must be clearly defined
The difference between procurement audit, quality audit and risk audit
######
Meeting
Risk review meeting (risk reassessment)
Check effectiveness of risk responses: Schedule regular risk reviews to check and document the effectiveness of risk responses in addressing overall project risks and identified individual project risks
Risk reassessment: Reassess current risks, close outdated risks, and discuss issues arising from risk occurrences
Summarize experience and lessons
Identification of new individual risks and secondary risks resulting from agreed responses
The risk management plan stipulates that risk reviews can be an agenda item during regular project status meetings, or a dedicated risk review meeting can be held
output
job performance information
change request
Project Management Plan Update
Project file updates
Assumption log, problem log, lessons learned register, risk register, risk report
Organizational process asset updates: templates, risk breakdown structures
###