Risk Management – What, Why, How?
Investments 3 February 2017 Krzysztof Sadecki
Risk comes from not knowing what you are really doing
Steve Blank
Proper risk management assumes control of possible future events and is a proactive not reactive process. This means that you should prepare for and respond to risk from the moment of its first symptoms, having previously prepared a contingency plan.
Risk comes from not knowing what you are really doing “ – Warren Buffet said, and there is much truth in that.
What is Risk Management?
Risk management is the process of identifying, analyzing and responding to risk factors for the duration of each project in the organization, so as to best accomplish the goals. Proper risk management assumes control of possible future events and is a proactive not reactive process. This means that you should prepare for and respond to risk from the moment of its first symptoms, having previously prepared a contingency plan. Reactive management causes reckless action and is based on much more costly crisis management. Proper risk management not only reduces the likelihood of an event, but also the scale of its impact.
Risk Management Systems
Risk management systems are designed to do more than just identify the risks. The enterprise should also assess the risk and predict its impact on the project. This action will allow us to assess whether the risk is acceptable or unacceptable. Acceptance or non-acceptance of risk is usually dependent on the level of tolerance of the project manager on the risk itself. If risk management is set as a continuous, disciplined process for identifying and solving problems, the system easily adapts to other systems in the organization and should include the organization, planning, budgeting, and cost control. The number of unforeseen events will be much smaller as a result of the introduction of proactive instead of reactive action.
Risk management as a continuous process
The risk management process should start with the project team to identify all possible threats that could affect the success of the project and to select those that are most likely to occur. The team should base its assessment on past experience in terms of the probability of occurrence of certain events, as well as your feelings and intuition, conclusions and historical data.
Let us remember – If you do not actively attack risks, risks actively attack us!
At the beginning of the project, risk is always greater than during its implementation or its final phase. Therefore, risk management should be introduced from the beginning of the life cycle of the project and its further course should be monitored.
What is important is that ignorance and the probability of risk is generally relatively high at the beginning of the project and during planning, but due to the relatively low level on investment, the value of risk is low. On the contrary, in the course of the project, the risk gradually decreases since earlier uncertainties are beginning to be known, but at the same time the value of risk is constantly growing because the necessary resources are invested to implement the next phases of the project.
The critical point is that risk management should be a continuous process and be implemented both at the very beginning of the project and during the whole period of its implementation. For example, if the duration of the project was estimated at 3 months, risk assessment should be carried at least at the end of month 1 and month 2. At each stage of the project life new risks are identified, assessed and managed appropriately.
Reacting to Risk
Reacting to risk typically involves: – Avoidance – elimination of specific threats, usually by eliminating the cause, – Restriction – reducing the expected value of the risk by reducing the probability of its occurrence, – Acceptance – accepting the consequences of risk. Often this can be achieved by developing a contingency plan in the event of a risk.
During the development of contingency plans, the project team is involved in the troubleshooting process. The end result will be a plan that you can implement immediately. Contingency plans will contribute to a rapid response to emerging problems and the successful completion of the project.
Why is it worth managing risk?
The objective of risk management is: – Identifying possible threats, – Reducing or displacing risk, – Providing a basis for better decision-making in respect of all risks, – Planning.
Risk assessment and management is the best weapon against a catastrophic project. By assessing your plan regarding the potential problems and developing strategies to address them, we can increase your chances of success of the project. In addition, continuous risk management will: – Ensure that the weight of high-risk is aggressively managed and eliminated, – Provide management at all levels, taking into account the key issues for the success of the project.
Sources of Risks related to Project Management
• Top management does not specify the activities as ‘a project’
• Too many projects are ongoing at any one time
• Lack of planning phase
• Lack of one person responsible for the whole project
• Poor control of project changes
• Problems with team members
• Poor customer change control
• The wrong person assigned as the project manager
• Lack of integrated planning and control
• Too many tasks assigned to the organization’s resources
• Unrealistic planning and scheduling
• Conflicting priorities of the project
• Poorly organized project office
External Sources of Risk
• Unpredictable (unexpected regulatory requirements, natural disasters, vandalism, sabotage or unexpected side effects),
• Predictable (market risk and operational, social, environmental, inflation, currency fluctuations, the media),
• Technical (technological changes, risks arising from the project process),
• Legal (violation of trademarks and licenses, suing for breach of contract, the problem of labour and employment, litigation due tort law, legislation).
How to conduct Risk Management
First we have to look at the different sources of the formation of risk. There are many factors, and the list should not be restricted, but rather a guide to start brainstorming to identify all sources of danger. Various sources of risk may include:
The process of Risk Analysis
The risk analysis process is essentially the process of solving the problem of quality. Quality and evaluation tools are used to identify and prioritize risks to assess their magnitude and impact. The process of risk analysis is relatively simple to introduce to the organization and consists of four steps:
1. Risk identification – identifying potential sources of risks, their assessment of the distribution and priorities
2. Risk assessment – identifying the causes and possible effects of risks
3. Developing Responses to Risk – identifying possible ways to eliminate and manage risk
4. Developing contingency plans and preventive measures of risk
Risk cannot be avoided
Risk exists in all aspects of business and is a fact of life. Therefore, the activities are often chaotic, variable and uncertain, and it is worth introducing systematic approaches to risk management.
Przeczytaj ten artykuł w wersji polskiej: http://www.businessmantoday.org/zarzadzanie-ryzykiem-organizacji/
Krzysztof Sadecki
Dobry lider, to otwarty lider
Bez kategorii Nov 15, 2024