What is the Risk Management Process And It's Importance in Project Management?
By Nidhi ParikhOct 13, 2019
We make so many plans for things in our lives. But how many of them actually work accordingly?
And even if they do, how many times do we have to make modifications or corrections to it?
As much as we want, nothing in life works the way we want it to.
I wanted to be a chef and here I am writing. (It’s a blessing, believe me. Turns out, nobody likes to eat burnt things)
So, does that mean we should stop planning altogether and let things come to us whenever and wherever they wish to?
We need to make plans but we also need to estimate risks that might crop up. And then the action plans to manage those risks. The same goes for project management. If you’re a project manager, you know that only 2.5% of organizations manage to complete 100% of their projects.
To be in the list of one of those rare organizations, it’s important to understand what risks can plague your projects and how to keep track of them and tackle them, if at all they arise.
But, before we move on, let’s understand what risks actually are.
What Are The Risks In Project Management?
Risks are those events that may crop up unexpectedly during the life of a project. Pay close attention to the word unexpectedly.
Risks are not events that you know would happen at a particular stage or time. (Sick leaves during monsoon, slowdown during an office renovation, etc.)
A better example of a risk would be your construction workers deciding to go on strike, faulty product components, delay in design approvals, etc.
These risks could be minor and not affect the project so much. Or they could threaten the project schedule, project milestones, budget or even its chances of success.
A major misconception of risks are that they are always negative in nature. But, in reality, risks could be positive too. Positive risks come in the form of opportunities that may help you complete the project early, achieve more business growth, etc.
What Is Risk Management?
It’s a process that helps you identify, evaluate and make action plans to tackle the risks. Risk management is proactive in nature. It ensures that the project stays on track and achieves its goal.
Risk management also involves prioritizing. Not all risks should be addressed. There’s a risk that a comet may strike and blow up your construction site. But should we plan for those risks? Definitely not. It just means you need to stop watching too many sci-fi movies.
Risk management differs for different projects. For small projects, project managers just make a plan prioritizing risks and devise action plans based on historical records.
For large-scale projects, they would need to conduct a detailed study, noting down the probabilities, impacts and certain trigger events. In some organizations, they already have a risk management template (based on historical projects) saved in their project management software that they duplicate for every other project.
What Are The Steps Involved In Risk Management Process?
The reason an organization needs to have a risk management process is simple - everyone is aware of it and knows how to handle risks, if and when they arise.
While you can tweak the process according to your projects and working style, below are four steps you can follow.
1. Identify Risks:
You can’t fight a problem if you don’t know what it is. So, sit with a pen and paper or with your laptop and jot down all the risks that could threaten the project.
You could even make use of historical projects to see what went wrong, what delayed the project or budget. It could be useful to talk to the people that were working on those projects or the project lead itself.
Another way to identify potential risks is to gather your stakeholders and brainstorm. This will help you look at things from different perspectives. For example, a developer could go into the technicalities and identify risks that you wouldn’t be able to.
If you don’t have the time for a meeting, you could just create a Google document and share it with your team using project management software.
Once you have noted down all your risks, take some time before you move on to the next step. Taking a break will help you come up with different ideas or even strike off some risks that aren’t worth considering.
2. Evaluate Risks:
You can’t deal with all the risks in the same way, especially when you have a list of hundreds of them.
When you are evaluating risks, you don’t just evaluate the likelihood of it happening, you also figure out if it will have a major impact on the project or not and vice versa.
For example, if there’s a flood in your city, work will come to a standstill. Your project will be badly affected because of this. But if your city hasn’t faced such a situation in nearly a decade, is this risk worth giving so much effort to?
Evaluating all risks in such a manner is not easy, especially when the information is so complex and hard to gather. So, what you can do is talk to stakeholders, look at historical records, look at the current scenario and try your best to prioritize these risks.
By evaluating and categorizing these risks as high, low or medium, you’ll get an idea of how to manage them, if they occur. If a risk will need your immediate attention or you can let go of it.
For example, a client asked you to put in a new feature. Due to client management rules, you think you’ll have to agree to the request. It will further add $100 to the cost. The cost of the entire project is $1 million. You can choose to let it go if it doesn’t impact the schedule of the project
3. Devise A Risk Response Strategy:
Make sure you have appointed someone to keep track of every individual risk. If the risk is related to the development area, assign it to someone who is working in that area and has certain experience working on similar projects.
This makes sure your efforts in identifying and evaluating risks are not wasted. It also makes people accountable which leads to less conflicts and misunderstandings.
Next, devise an action plan for all your high priority risks. Ask yourself: if this risk occurs, what can I do to lessen its impact or to eliminate it altogether?
For example, if the risk is a key teammate leaving the organization. A possible action plan could be to have that teammate mentor someone else in the team or to define workloads in such a manner that even if someone leaves, the project would not be jeopardized.
You can store all the action plans in task management software so that everyone can access it and even duplicate it, if needed.
Depending on the scale and importance of the project, you might come up with many action plans or just one or two. It’s important to figure out which of the options is most suitable for your project.
Once the project is completed, you will have to review if the steps in planning for the risk-management process was successful or not.
Were the priorities correctly set or did a risk that you thought would be low-impact affected your project budget?
Were the action plans properly implemented? If not, was it because of an individual’s fault or because of a fault in the strategy?
Did you successfully eliminate or lessen a risk?
What can you do to improve risk management for future projects?
These questions will help you evaluate whether the process was successful or not and whether to modify it for further projects or not.
It doesn’t matter if you follow the same process or come up with a completely different one. But it’s a must to have a detailed process to fight against risks that might endanger your project.
It also assures your team and helps them keep motivated during tough times. Because they know, they have already planned for such events and everything is under control. While you can’t estimate and manage every uncertainty, it does good to be proactive and have preventive measures in place for the things you can control.
As J.R.R. Tolkein says, “It does not do to leave a live dragon out of your calculations, if you live near one.”