Every project is subject to a number of variables that can affect its progress and outcome, both internally and externally, and both very localized and very global in scope. By implementing project risk management from the beginning, organizations can react logically and with built-in contingency plans rather than engaging in 'firefighting” or falling into crisis management mode.
One doesn't have to look far to identify what could go wrong in the case of poor project risk management—think of the 2010 BP oil spill, or Volkswagen's recent fuel economy fiasco. Instead, ample planning and collaboration ensure that the project and its key members realize the end goal faster, with lower cost, and with none of the brand-destroying—and costly—faults.
Keeping an eye on a few key areas can make all the difference.
Most project managers will immediately start listing risks on paper (or, these days, electronic documents), but existing documentation can also be a useful place to start. Look to project plans or resource planning documents. Don't forget about your people—each member of the team brings in a certain type of expertise, and can help identify risks you alone might not have thought of. One-on-one and group interviews can help bring new risks to light.
Who owns a risk?
The head of project risk management needs to remember that identifying all the possible risks is only the first step—they also need to identify who is responsible for fully understanding and acting on each of them. Assigning owners for individual risks, and giving them the responsibility for optimizing business processes around it, can unlock huge potential and ensure that a worst-case scenario is handled with grace.
Don't forget about the opportunities
Many projects suffer from a certain degree of cynicism, in that people are only responding to negative risk—again, that firefighting mentality. In project risk management, risk doesn't have to be defined as an action with a negative impact. Sometimes, unexpected events add motivation, reduce costs, or increase the speed of work. Pulling the team together to investigate potential new opportunities, or at least acknowledging ones that have already occurred, can boost confidence and push the project along.
Analyze risks for prioritization
If project managers are diligent about identifying all the possible risks, there will likely be more than can be successfully managed, even after delegating and creating ownership. There just isn't enough time in the day. Prioritizing risks based on potential high impact and high probability of occurrence ensures that focus is placed in the right direction throughout the project lifecycle. More sophisticated risk analysis includes both causes and effects and can expand into an examination of effects on lead time, product quality, or overall costs.
Risk response is more than contingency
After prioritizing the risks, project managers should seek to understand what plans can be developed to mitigate the damage each present. While it might make the most sense to develop contingency plans for high-value risks, a lot of value can be derived from creating plans around avoiding risk altogether. Could the project use a different supply chain, or build on top of a different database, to minimize risk? That said, it's important to also create plans that deal with supply chain issues, for example, in case they do occur.
Make sure risk monitoring is continuous
Just as a project manager would keep tabs, on a daily basis, on how tasks are progressing, they should remain aware of how risks and their challenges change throughout the entire project lifecycle. Oftentimes, prioritizing needs to change between the beginning, middle, and end of a particular project. This includes tracking some of those contingency plans and how effective they are at actually reducing risk. If a plan isn't working, the project manager should redistribute efforts or instruct those who own a task to re-evaluate the necessary response.
Risk management software is here to help
All of these steps can be made more efficient and effective with the accompaniment of agile risk management platforms that help automate much of the risk identification and assessment work that should be done for every project. These tools aid in increasing collaboration by assigning risk surveys and encouraging key players to build documentation and help populate dashboards with analytics. From there, risk management software can easily create audit findings from the data that's gathered through those built-in processes, which are then assigned to the right employee with continuous monitoring. Truly, it makes sense, in today's complex environments, with denser regulatory policies and faster project lifecycles, to take advantage of intelligent, collaboration-driving software.
Early planning and steadfast monitoring, along with continuous communication, keep most risks at bay. Using risk management software helps make every part of the process easier, all along the entire project lifecycle. Don't allow risk management to remain a reactive, behind-the-times process. Instead, take control and take advantage of the unforeseen gains.
Jon Siegler is a co-founder of LogicGate and has a decade of experience helping some of the largest enterprises overcome challenges in governance, risk, and compliance. LogicGate empowers businesses to automate risk and compliance operations by visually designing their end-to-end workflows and deploying them as highly controlled process applications - reducing compliance violations and eliminating mission critical