Description: it is a process of defining how to conduct risk management activities for a project.
Key benefit: it ensures that the degree, type, and visibility of risk management are proportionate to both risks and the importance of the project to the organization and other stakeholders.
Frequency: once or at predefined points in the project. It should begin when a project is conceived and should be completed early in the project. It may be necessary to revisit this process later in the project life cycle.
The high-level project description and boundaries, high-level requirements, and risks.
All approved subsidiary management plans should be taken into consideration in order to make the risk management plan consistent with them.
Stakeholder register: details of the project's stakeholders and provides an overview of their project roles and their attitude toward risk on this project -> determining roles and responsibilities for managing risk on the project, as well as setting risk thresholds for the project.
Overall risk thresholds set by the organization or key stakeholders.
Stakeholder analysis to determine the risk appetite of project stakeholders.
It is a component of the project management plan that describes how risk management activities will be structured and performed.
Key benefit: it ensures that the degree, type, and visibility of risk management are proportionate to both risks and the importance of the project to the organization and other stakeholders.
Frequency: once or at predefined points in the project. It should begin when a project is conceived and should be completed early in the project. It may be necessary to revisit this process later in the project life cycle.
| Process / Asset Group | Input | The Process | Output | Process / Asset Group |
|---|---|---|---|---|
| 4.1 Develop Project Charter | Project charter | 11.1 Plan Risk Management | Risk management plan | Project Management Plan |
| Project Management Plan | All components of the Project Management Plan | |||
| Project Documents | Stakeholder Register | |||
| Enterprise / Organization | Enterprise environment factors | |||
| Organizational Process Assets |
11.1.1 Inputs
11.1.1.1 Project Charter
The high-level project description and boundaries, high-level requirements, and risks.
11.1.1.2 Project Management Plan
All approved subsidiary management plans should be taken into consideration in order to make the risk management plan consistent with them.
11.1.1.3 Project Documents
Stakeholder register: details of the project's stakeholders and provides an overview of their project roles and their attitude toward risk on this project -> determining roles and responsibilities for managing risk on the project, as well as setting risk thresholds for the project.
11.1.1.4 Enterprise Environment Factors
Overall risk thresholds set by the organization or key stakeholders.
11.1.1.5 Organizational Process Assets
- Organizational risk policy;
- Risk categories, possibly organized into a risk breakdown structure;
- Common definitions of risk concepts and terms;
- Risk statement formats;
- Templates for the risk management plan, risk register, and risk report;
- Roles and responsibilities;
- Authority levels for decision making; and
- Lessons learned repository from previous similar projects.
11.1.2 Tools and Techniques
11.1.2.1 Expert Judgment
- Familiarity with the organization's approach to managing risk, including enterprise risk management where this is performed;
- Tailoring risk management to the specific needs of a project; and
- Types of risk that are likely to be encountered on projects in the same area.
11.1.2.2 Data Analysis
Stakeholder analysis to determine the risk appetite of project stakeholders.
11.1.2.3 Meetings
11.1.3 Outputs
11.1.3.1 Risk Management Plan
It is a component of the project management plan that describes how risk management activities will be structured and performed.
- Risk strategy. Describes the general approach to managing risk on this project.
- Methodology. Defines the specific approaches, tools, and data sources that will be used to perform risk management on the project.
- Roles and responsibilities. Defines the lead, support, and risk management team members for each type of activity described in the risk management plan, and clarifies their responsibilities.
- Funding. Identifies the funds needed to perform activities related to Project Risk Management. Establishes protocols for the application of contingency and management reserves.
- Timing. Defines when and how often the Project Risk Management processes will be performed throughout the project life cycle, and establishes risk management activities for inclusion into the project schedule.
- Risk categories. Provide a means for grouping individual project risks. A common way to structure risk categories is with a risk breakdown structure (RBS), which is a hierarchical representation of potential sources of risk.
- Stakeholder risk appetite. The risk appetites of key stakeholders on the project are recorded in the risk management plan, as they inform the details of the Plan Risk Management process. In particular, stakeholder risk appetite should be expressed as measurable risk thresholds around each project objective. These thresholds will determine the acceptable level of overall project risk exposure, and they are also used to inform the definitions of probability and impacts to be used when assessing and prioritizing individual project risks.
- Definitions of risk probability and impacts. Definitions of risk probability and impact levels are specific to the project context and reflect the risk appetite and thresholds of the organization and key stakeholders. The project may generate specific definitions of probability and impact levels or it may start with general definitions provided by the organization. The number of levels reflects the degree of detail required for the Project Risk Management process, with more levels used for a more detailed risk approach (typically five levels), and fewer for a simple process (usually three). An example of definitions of probability and impacts against three project objectives. These scales can be used to evaluate both threats and opportunities by interpreting the impact definitions as negative for threats (delay, additional cost, and performance shortfall) and positive for opportunities (reduced time or cost, and performance enhancement).
- Probability and impact matrix. Prioritization rules may be specified by the organization in advance of the project and be included in organizational process assets, or they may be tailored to the specific project. Opportunities and threats are represented in a common probability and impact matrix using positive definitions of impact for opportunities and negative impact definitions for threats. Descriptive terms (such as very high, high, medium, low, and very low) or numeric values can be used for probability and impact. Where numeric values are used, these can be multiplied to give a probability-impact score for each risk, which allows the relative priority of individual risks to be evaluated within each priority level. An example probability and impact matrix is presented in Figure 11-5, which also shows a possible numeric risk scoring scheme.
- Reporting formats. Reporting formats define how the outcomes of the Project Risk Management process will be documented, analyzed, and communicated. This section of the risk management plan describes the content and format of the risk register and the risk report, as well as any other required outputs from the Project Risk Management processes.
- Tracking. Tracking documents how risk activities will be recorded and how risk management processes will be audited.
Комментариев нет:
Отправить комментарий