Risk Management Primer

Save this PDF as:
Size: px
Start display at page:

Download "Risk Management Primer"

Transcription

1 Risk Management Primer Purpose: To obtain strong project outcomes by implementing an appropriate risk management process Audience: Project managers, project sponsors, team members and other key stakeholders Learning Objectives: Understand benefits of risk management Learn to design & implement the right risk management process Distinguish between issues & risks Examine potential risk categories Establish appropriate risk response strategies & action plans Implement monitoring & control processes Understand CommonWay Risk Templates Timeframe: 21 Minutes 1of 9 Course: Risk Management Primer Purpose: To obtain better project outcomes (including: budget, schedule and operational performance) by implementing an appropriate risk management process Audience: Project managers, project sponsors, team members and other key stakeholders Learning Objectives: Understand the benefits of good risk management Learn to design & implement the right risk management process Distinguish between issues and risks Examine potential categories of risk Establish appropriate risk response strategies and action plans Understand CommonWay Risk Templates Risk management is a complex topic with countless published sources for reference. This course is a primer on Risk Management. More advanced coverage of risk management topics is out-ofscope for this course. Additional sources have been identified on the CommonWay Wiki under the Reference Library. 1

2 Risk Management Process Overview 2of 9 Risk Management Process Overview The purpose of risk management is to secure better project results by proactively identifying, assessing, and controlling undesired outcomes. Risk management helps project managers: determine priorities, allocate resources and implement processes and actions that reduce the risk of the project not reaching its goals & objectives. Risk management is a four-step process with integrated monitoring and control feedback mechanisms. The process is initiated when the project is launched and continues through the life of the project. Risk management is not a stand-alone process; but rather integrated with other key project management processes, including: issues, schedule, change and scope management. Risk management is the responsibility of all stakeholders. The risk management process steps are: 1. Establish the process framework 2. Identify Risks 3. Analyze & Rank Risks 4. Develop & Implement Risk Response Strategies & Action Plans All projects, regardless of size or complexity, have inherent risks and can benefit from a formal risk management process. Remember, good risk management takes time. Given this, it is essential that the project manager adopts a process that is appropriate for the complexity of the project. The benefit gained from a well defined and orchestrated risk management process outweighs the costs. These benefits include: an enhanced understanding of the project; a more thorough understanding of potential risks, their impact, and the assignment of risks to team members best equipped to manage each risk. The net result of risk management is a more realistic schedule, budget, and project plan and a less reactive project environment.

3 Risk vs. Issues Risks Issues Threats or opportunities Uncertainty linked to objectives Potential material consequences (loss/gain) Occurred or imminent Requires prompt resolution Loss/impact certain 3of 9 Risks vs. Issues Before examining the risk management process, we will review differences between issues and risks. Project risks are uncertainties that could impact a project s objectives. Risks can be threats that disrupt the project and create losses or opportunities that benefit the project. If the project s objectives are not clearly defined, it will be difficult to identify, analyze, rank and manage those risks that could have the greatest impact. Risks left unmanaged can morph into significant issues with considerable impacts. Conversely, issues are events that have already occurred, are in dispute or are unsettled and require immediate attention and resolution. Let s clarify the differences through an example. Your project is dependent on the latest version of Microsoft SharePoint Services. The vendor has assured the market the release will be available in January. Your plan reflects a March installation date. Given the vendor s history, there is a possibility the date could slip. This is a risk that should be reflected in the Risk Register with: probability and impact ratings, a risk action plan and owner. By identifying this risk early, the team has an opportunity to proactively address it. For example, select another product and eliminate the risk or plan to upgrade at a later date. If the release is delayed and SharePoint is still the product of choice, the team implements the action plan to upgrade at a later date. If the risk had not been identified early on, the team would be contending with an issue that could impact the scope, schedule and budget. Next, let s look at the risk management process at a high level.

4 Establish Process Framework Project Size & Complexity Level Technological Innovations Procurement, Suppliers Vendor Relationships & Contracts Organization s Risk Tolerance Level Risk Management Process Preliminary Risk Identification Sessions Conducted Risk Categories Defined Risk Response Strategies & Action Plans Defined Risk Review Frequency Specified On-going Risk Identification Sessions Scheduled Roles & Responsibilities Risk Monitoring Determined & Control Functions Defined Escalation Processes Defined High Priority Risks with Risk Response Strategies, Action Plans, Risk & Action Owners Resources Environmental, Legal, Regulatory Factors Current Risk Plan & Risk Register Risk Response Strategies & Action Plans Implemented Standard Monitoring, Control & Reporting Processes Implemented Customer Expectations schedule, budget, quality Reputation, Politics - Dashboard Reporting 4of 9 Establish Process Framework & Logistics To help define the process, participants must understand key risk management concepts and tools. To build this awareness, review: how to define a risk event; the meaning of probability and impact ratings; appropriate risk response strategies; the risk management plan; the risk register and any other organizational specific tools that will be used to support the risk management process. It is essential that the team secures a briefing on the fundamentals of the project. This includes: project objectives, key features, functions and technologies; financial structures; who will be involved in the design, development, testing, implementation and support of the product (vendors & internal staff); customer expectations; impacts on business processes; and how the product will be deployed and supported. Once a shared understanding of both the process and project are established, work with the team to develop a list of risk categories. Risk categories provide a structure to systematically identify risks. Common risk categories include: new technology, complexity with interfaces, performance and reliability, procurement, suppliers, regulations, resources, requirements, funding, estimating, and environmental. Risk categories must be customized to suit the specific needs of the project. The final step is to determine the risk management framework. This includes: the process which the team will follow to identify risks (e.g. brainstorming) and classify risks (e.g. probability and impact); how risks will be monitored and controlled; how risks will be reviewed; escalation processes; roles and responsibilities; and frequency of risk scanning and review sessions. Factors important in structuring the process includes the project s complexity level and the organizations risk tolerance level. Project s with high complexity and/or low risk tolerance will require more sophisticated risk management. Consequently, the team will devote more time to risk management and control. Projects with a complexity level of 2 or 3 should not exit the planning stage without a clearly defined risk management plan. The plan must describe the process including: risk identification sessions, monitoring and control functions, the review of major risks with their respective steering committees and executive management. All projects, regardless of complexity level should start the risk register during the planning stage. This risk register is also input into Dashboard Reporting for executive management. The risk management plan, the risk register and implementation of the risk processes are key controls that will be evaluated during an Independent Verification and Validation (IV&V) process.

5 Identify Risks 5of 9 Identify Risks The purpose of the risk identification process is to identify a comprehensive list of potential risks that could impact the project. Risk Identification must account for both internal and external factors. Risk identification is an iterative process that begins during the planning stage and continues through the project s life-cycle. At the outset of a project, the project manager should conduct one or more identifications sessions with key stakeholders. For large, complex projects, several days of workshops may be required. For smaller, less complex projects, a couple of hours may suffice. After the initial identification sessions are held, regular risk scanning sessions are planned and conducted to determine whether the risk landscape has changed. These are typically abridged versions of the risk identification sessions held at the start of the project. The classic forum to identify risks is a brainstorming session. To orchestrate an effective session: assemble a diverse team of stakeholders with different perspectives; be prepared to balance exceedingly pessimistic or optimistic views; establish an environment that fosters creative thinking; and ensure that the facilitator (usually the project manager) is independent and has a comprehensive understanding of the risk process. During these workshops, the project manager must be adept at separating issues from risks. There are several techniques the project manager can use to solicit risks, including but not limited to: 1) Force Field Analysis; 2) Constraint Analysis; 3) SWOT Analysis (Strengths, Weaknesses, Opportunities, Threats); 4) Asking probing questions related to the triple constraints scope, cost, schedule; 5) Reviewing risk events from similar projects to determine whether they can happen again. Application of specific techniques are out of scope for this course. The CommonWay Wiki Reference Library contains links to articles on these techniques. At the conclusion of the risk identification session, the team will have generated a long list of potential risks. Some teams choose to stop here and manage all the risks identified. This is a mistake because not all risks are relevant. It is essential to hone this list through the analysis and ranking stages in order to focus the team on managing the most significant risks.

6 Analyze & Rank Risks 6of 9 Analyze and Rank Risks Now the team must determine which risks are significant enough to warrant active management. This is accomplished through an analysis and ranking process that leverages the Risk Register. The Risk Register is the CommonWay tool for tracking, prioritizing and managing project risks. Here are the process steps. First, describe each risk, including the factors that could cause the risk to occur and its potential impacts on the project. The Risk Impact can be positive or negative and should quantify and/or qualify the costs or opportunities of the risk occurring. Next assign each risk a Probability Rating and Impact Rating. The Probability Rating indicates the likelihood the risk will occur; while the Impact Rating specifies level of impact to the project should the risk occur. The CommonWay risk register uses a simple: high, medium, low scale for both Probability and Impact Ratings and then calculates a Priority Score and Priority Rating based on the selected Probability and Impact ratings. The risks with the highest Priority Score and Priority Rating should be managed most closely. Ensure each risk has a risk owner. The final step in the risk analysis and ranking process is to evaluate the interdependencies between risks. There can be a cascading effect across risks - one risk occurs triggering another risk which triggers another risk. Carefully note any risks that can trigger other risks and consider increasing their Priority Score to reflect this interdependencies. Note: there are sophisticated quantitative and qualitative approaches for risk analysis and risk ranking (e.g. Monte Carlo Simulation, Decision Trees, Sensitivity Analysis, Failure Mode Effect Analysis (FMEA)). These methods are out-of-scope for this course. At the conclusion of this step in the process, the team will have filtered out minor issues and created a prioritized list of risks that require some type of treatment.

7 Risk Response Strategies & Action Plans 7of 9 Risk Response Strategies & Action Plans During this stage, the risk owners collaborate with the project manager to develop a risk action plan or treatment plan for each risk. Strategies should be developed for risks that present the most significant consequences or best opportunities. Do not forget opportunities! Exploitation of opportunities is a key component of the risk management process. The continuum of potential strategies is highlighted below. To be effective, each strategy must: be manageable; reduce negative impacts or increase opportunity; leverage available resources; and be cost-effective. Avoidance requires elimination on both the probability and impact of the risk from occurring. This is the best risk response strategy because the root cause of the risk is addressed. Acceptance implies no active response strategy is adopted because nothing is possible or alternatives are too expensive to implement. This is the least optimal strategy. If selected, a contingency plan should be developed to address the fallout should the risk occur. Mitigation requires reducing either the impact or probability of the risk from occurring. Transfer shifts the risk to a third party better equipped to handle the risk. The risk is not eliminated. Transfer strategies include shifting the work to vendors or securing insurance to cover the cost of the risk should it occur. Enhance is a response to an opportunity that increases either the probability or impact of the opportunity occurring. Exploit is a response to an opportunity that guarantees the opportunity will occur. This is the most effective strategy for realizing opportunities. Although multiple strategies may be suitable for managing a given risk, the risk owner must select the most appropriate strategy. If the selected strategy proves to be ineffective, it can be replaced with a different strategy. After the strategy has been selected, the risk owner must develop an action plan and assign an action owner with the proper skills. A solid action plan should include risk triggers to caution the team of imminent risk events. Since the goal of the risk response strategy is to mitigate/eliminate a risk or enhance/exploit an opportunity, the risk manager must reevaluate the probability and impact of the risk occurring in light of the risk response strategy developed. If the risk strategy is not effective in reducing the risk or increasing the opportunity, an alternative strategy and action plan should be developed. Finally, the risk owner has to determine whether the proposed strategy introduces new secondary or residual risks and whether these secondary risks are acceptable. If acceptable, the residual risks should be added to the risk register and managed through the standard risk management process. If threats introduced by the secondary risks are too severe, the risk response strategy and action plan should be reworked. Once an acceptable approach is developed, the project manager records the: risk strategy, action plan, post-implementation risk strategy assessment, action owners in this Risk Register. The Risk Owner is responsible for implementing the risk strategies and action plans. Sometimes the risk owner requires assistance from others to implement action plans (for example, technical staff). In these instances the action owner will be different from the risk owner. Risk actions plans should be implemented immediately after they are defined. The project schedule and project management processes should be updated to include: risk monitoring and control sessions; risk response action planning activities and risk progress reporting. Remember proper risk management takes time and must be accounted for in your plans.

8 Monitor & Control Risks, Archive History 8of 9 Monitor & Control Risks, Archive History Known risks identified during the risk identification process and new risks that surface must be monitored and controlled to ensure prompt action is taken when appropriate. Since risks can evolve overtime, monitoring requires both reporting how the team is doing against risk action plans as well as any adjustments to strategies and the action plans to address changes in risk characteristics. The project manager should immediately implement standard risk action plan reviews and mini risk identification sessions to scan for new risks. Team members should understand project risks and impacts. High impact risks should be reported regularly to the steering and executive committees so they are aware of the potential impacts. If a risk occurs, escalation procedures and contingency plans should be executed at once. Money to support contingencies should be budgeted in a management reserve or contingency account during the budgeting process because contingencies to address risks almost always require additional funding. Contingency plans requiring significant changes to the budget, baseline schedule, scope or quality of the project must go through the formal change control process. The project manager is responsible for ensuring that risk documentation is current and archived during Closure so that the lessons learned can be shared with other project managers and teams.

9 Key Points Synopsis Establish a Risk Management Framework Identify Risks Analyze & Rank Risks Identify Risk Owners Develop Risk Response Strategies & Action Plans for all high risks Analyze Effectiveness of Risk Response Strategies Identify Residual risks. Adjusts strategies if necessary Assign Action Step Owners Update: Plan, Register, Budget, Schedule, RACI, Communication Plan Monitor, Control, Report on New & Existing Risks Archive/Share Risk Lessons Learned 9of 9 Key Points Synopsis Good project management requires implementation of an effective risk management process that begins at the start of the project and continues through the life of the project. A solid processes should include the following steps: Establish a Risk Management Framework Identify Risks Analyze & Rank Risks Identify Risk Owners Develop Risk Response Strategies & Action Plans for all high risks Analyze Effectiveness of Risk Response Strategies Identify Residual risks. Adjusts strategies if necessary Assign Action Step Owners Update: Risk Plan, Risk Register, Budget, Schedule, RACI, Communication Plan, Budget Monitor, Control Report on New & Existing Risks Archive/Share Risk Lessons Learned This concludes the risk management course.

PROJECT RISK MANAGEMENT

PROJECT RISK MANAGEMENT PROJECT RISK MANAGEMENT DEFINITION OF A RISK OR RISK EVENT: A discrete occurrence that may affect the project for good or bad. DEFINITION OF A PROBLEM OR UNCERTAINTY: An uncommon state of nature, characterized

More information

Risk Workshop Overview. MOX Safety Fuels the Future

Risk Workshop Overview. MOX Safety Fuels the Future Risk Workshop Overview RISK MANAGEMENT PROGRAM SUMMARY CONTENTS: Control Account Element Definition ESUA Form Basis of Estimate Uncertainty Calculation Management Reserve 1. Overview 2. ESUA Qualification

More information

The purpose of this course is to provide practical assistance for defining and managing project scope.

The purpose of this course is to provide practical assistance for defining and managing project scope. Scope Definition and Scope Management Purpose - To provide practical assistance for defining and managing project scope. This course will focus on tips for creating a scope statement rather than a step-by-step

More information

IIS Project Management

IIS Project Management IIS Project Management Best Practices, Lessons Learned from the Field Katie Reed, MPA, PMP 2012 AIRA IIS Meeting 1 Copy right 2012 Hewlett-Packard Dev elopment Company, L.P. The inf ormation contained

More information

PMI Risk Management Professional (PMI-RMP) Exam Content Outline

PMI Risk Management Professional (PMI-RMP) Exam Content Outline PMI Risk Management Professional (PMI-RMP) Exam Content Outline Project Management Institute PMI Risk Management Professional (PMI-RMP) Exam Content Outline Published by: Project Management Institute,

More information

Project Risk Management

Project Risk Management Project Risk Management Study Notes PMI, PMP, CAPM, PMBOK, PM Network and the PMI Registered Education Provider logo are registered marks of the Project Management Institute, Inc. Points to Note Risk Management

More information

Risk Management approach for Cultural Heritage Projects Based on Project Management Body of Knowledge

Risk Management approach for Cultural Heritage Projects Based on Project Management Body of Knowledge 1 Extreme Heritage, 2007 Australia, 19-21 July 2007, James Cook University, Cairns, Australia Theme 6: Heritage disasters and risk preparedness approach for Cultural Heritage Projects Based on Project

More information

Incorporating Risk Assessment into Project Forecasting

Incorporating Risk Assessment into Project Forecasting Incorporating Risk Assessment into Project Forecasting Author: Dione Palomino Conde Laratta, PMP Company: ICF International - USA Phone: +1 (858) 444-3969 Dione.laratta@icfi.com Subject Category: Project

More information

Negative Risk. Risk Can Be Positive. The Importance of Project Risk Management

Negative Risk. Risk Can Be Positive. The Importance of Project Risk Management The Importance of Project Risk Management Project risk management is the art and science of identifying, analyzing, and responding to risk throughout the life of a project and in the best interests t of

More information

Creating A Risk Management Plan

Creating A Risk Management Plan Creating A Risk Management Plan A presentation based on the concepts taught in the Risk Management 1A course. Carlos Consulting Group Roseville, CA. (916) 521-2520 www.carlosconsulting.com 1 Objectives

More information

Computing Services Network Project Methodology

Computing Services Network Project Methodology Computing Services Network Project Prepared By: Todd Brindley, CSN Project Version # 1.0 Updated on 09/15/2008 Version 1.0 Page 1 MANAGEMENT PLANNING Project : Version Control Version Date Author Change

More information

DRAFT RESEARCH SUPPORT BUILDING AND INFRASTRUCTURE MODERNIZATION RISK MANAGEMENT PLAN. April 2009 SLAC I 050 07010 002

DRAFT RESEARCH SUPPORT BUILDING AND INFRASTRUCTURE MODERNIZATION RISK MANAGEMENT PLAN. April 2009 SLAC I 050 07010 002 DRAFT RESEARCH SUPPORT BUILDING AND INFRASTRUCTURE MODERNIZATION RISK MANAGEMENT PLAN April 2009 SLAC I 050 07010 002 Risk Management Plan Contents 1.0 INTRODUCTION... 1 1.1 Scope... 1 2.0 MANAGEMENT

More information

RISK MANAGEMENT OVERVIEW - APM Project Pathway (Draft) RISK MANAGEMENT JUST A PART OF PROJECT MANAGEMENT

RISK MANAGEMENT OVERVIEW - APM Project Pathway (Draft) RISK MANAGEMENT JUST A PART OF PROJECT MANAGEMENT RISK MANAGEMENT OVERVIEW - APM Project Pathway (Draft) Risk should be defined as An uncertain event that, should it occur, would have an effect (positive or negative) on the project or business objectives.

More information

P3M3 Portfolio Management Self-Assessment

P3M3 Portfolio Management Self-Assessment Procurement Programmes & Projects P3M3 v2.1 Self-Assessment Instructions and Questionnaire P3M3 Portfolio Management Self-Assessment P3M3 is a registered trade mark of AXELOS Limited Contents Introduction

More information

CPM -100: Principles of Project Management

CPM -100: Principles of Project Management CPM -100: Principles of Project Management Lesson E: Risk and Procurement Management Presented by Sam Lane samlane@aol.com Ph: 703-883-7149 Presented at the IPM 2002 Fall Conference Prepared by the Washington,

More information

Gilead Clinical Operations Risk Management Program

Gilead Clinical Operations Risk Management Program Gilead Clinical Operations Risk Management Program Brian J Nugent, Associate Director 1 Agenda Risk Management Risk Management Background, Benefits, Framework Risk Management Training and Culture Change

More information

Develop Project Charter. Develop Project Management Plan

Develop Project Charter. Develop Project Management Plan Develop Charter Develop Charter is the process of developing documentation that formally authorizes a project or a phase. The documentation includes initial requirements that satisfy stakeholder needs

More information

QUALITY RISK MANAGEMENT (QRM): A REVIEW

QUALITY RISK MANAGEMENT (QRM): A REVIEW Lotlikar et al Journal of Drug Delivery & Therapeutics; 2013, 3(2), 149-154 149 Available online at http://jddtonline.info REVIEW ARTICLE QUALITY RISK MANAGEMENT (QRM): A REVIEW Lotlikar MV Head Corporate

More information

PROJECT MANAGEMENT PLAN Outline VERSION 0.0 STATUS: OUTLINE DATE:

PROJECT MANAGEMENT PLAN Outline VERSION 0.0 STATUS: OUTLINE DATE: PROJECT MANAGEMENT PLAN Outline VERSION 0.0 STATUS: OUTLINE DATE: Project Name Project Management Plan Document Information Document Title Version Author Owner Project Management Plan Amendment History

More information

Risk and Contingency Planning. Today s Topics. Key Terms. A Vital Component of Your ICD-10 Program

Risk and Contingency Planning. Today s Topics. Key Terms. A Vital Component of Your ICD-10 Program Risk and Planning A Vital Component of Your ICD-10 Program Today s Topics Key Terms Why is Risk Management Critical for ICD-10? Effective Risk Management and Best Concepts ICD-10 Risk Management Examples

More information

Program Management Professional (PgMP) Examination Content Outline

Program Management Professional (PgMP) Examination Content Outline Program Management Professional (PgMP) Examination Content Outline Project Management Institute Program Management Professional (PgMP ) Examination Content Outline April 2011 Published by: Project Management

More information

1.20 Appendix A Generic Risk Management Process and Tasks

1.20 Appendix A Generic Risk Management Process and Tasks 1.20 Appendix A Generic Risk Management Process and Tasks The Project Manager shall undertake the following generic tasks during each stage of Project Development: A. Define the project context B. Identify

More information

PMI Risk Management Professional (PMI-RMP ) - Practice Standard and Certification Overview

PMI Risk Management Professional (PMI-RMP ) - Practice Standard and Certification Overview PMI Risk Management Professional (PMI-RMP ) - Practice Standard and Certification Overview Sante Torino PMI-RMP, IPMA Level B Head of Risk Management Major Programmes, Selex ES / Land&Naval Systems Division

More information

ENTERPRISE RISK MANAGEMENT FRAMEWORK

ENTERPRISE RISK MANAGEMENT FRAMEWORK ENTERPRISE RISK MANAGEMENT FRAMEWORK COVENANT HEALTH LEGAL & RISK MANAGEMENT CONTENTS 1.0 PURPOSE OF THE DOCUMENT... 3 2.0 INTRODUCTION AND OVERVIEW... 4 3.0 GOVERNANCE STRUCTURE AND ACCOUNTABILITY...

More information

Risk Management Plan template <TEMPLATE> RISK MANAGEMENT PLAN FOR THE <PROJECT-NAME> PROJECT

Risk Management Plan template <TEMPLATE> RISK MANAGEMENT PLAN FOR THE <PROJECT-NAME> PROJECT RISK MANAGEMENT PLAN FOR THE PROJECT Prepared by: Approved by: Reference: Version: Date: INTRODUCTION This document is the Risk Management

More information

pm4dev, 2007 management for development series The Project Management Processes PROJECT MANAGEMENT FOR DEVELOPMENT ORGANIZATIONS

pm4dev, 2007 management for development series The Project Management Processes PROJECT MANAGEMENT FOR DEVELOPMENT ORGANIZATIONS pm4dev, 2007 management for development series The Project Management Processes PROJECT MANAGEMENT FOR DEVELOPMENT ORGANIZATIONS PROJECT MANAGEMENT FOR DEVELOPMENT ORGANIZATIONS A methodology to manage

More information

PRINCE2:2009 Glossary of Terms (English)

PRINCE2:2009 Glossary of Terms (English) accept (risk response) acceptance acceptance criteria activity agile methods approval approver assumption assurance A risk response to a threat where a conscious and deliberate decision is taken to retain

More information

THE SOUTH AFRICAN HERITAGE RESOURCES AGENCY ENTERPRISE RISK MANAGEMENT FRAMEWORK

THE SOUTH AFRICAN HERITAGE RESOURCES AGENCY ENTERPRISE RISK MANAGEMENT FRAMEWORK THE SOUTH AFRICAN HERITAGE RESOURCES AGENCY ENTERPRISE RISK MANAGEMENT FRAMEWORK ACCOUNTABLE SIGNATURE AUTHORISED for implementation SIGNATURE On behalf of Chief Executive Officer SAHRA Council Date Date

More information

Driving Project Success Through Effective Stakeholder Management. Neeraj Shah, MBA,PMP, SAPM

Driving Project Success Through Effective Stakeholder Management. Neeraj Shah, MBA,PMP, SAPM Driving Project Success Through Effective Stakeholder Management Neeraj Shah, MBA,PMP, SAPM Objective Why do projects or change initiatives fail? Who is a stakeholder? Why are they so crucial? Challenges

More information

FUNBIO PROJECT RISK MANAGEMENT GUIDELINES

FUNBIO PROJECT RISK MANAGEMENT GUIDELINES FUNBIO PROJECT RISK MANAGEMENT GUIDELINES OP-09/2013 Responsible Unit: PMO Focal Point OBJECTIVE: This Operational Procedures presents the guidelines for the risk assessment and allocation process in projects.

More information

CDC UNIFIED PROCESS PRACTICES GUIDE

CDC UNIFIED PROCESS PRACTICES GUIDE Document Purpose The purpose of this document is to provide guidance on the practice of Quality Management and to describe the practice overview, requirements, best practices, activities, and key terms

More information

Risk, Risk Assessments and Risk Management. Christopher Bowler CPA, CISA August 10, 2015

Risk, Risk Assessments and Risk Management. Christopher Bowler CPA, CISA August 10, 2015 + Risk, Risk Assessments and Risk Management Christopher Bowler CPA, CISA August 10, 2015 + Agenda A Few Thoughts Fundamentals of Risk Assessments Fundamentals of Risk Management Assessments vs. Management

More information

Project Management Body of Knowledge (PMBOK) (An Overview of the Knowledge Areas)

Project Management Body of Knowledge (PMBOK) (An Overview of the Knowledge Areas) Project Management Body of Knowledge (PMBOK) (An Overview of the Knowledge Areas) Nutek, Inc. 3829 Quarton Road, Suite 102 Bloomfield Hills, Michigan 48302, USA. Phone: 248-540-4827, Email: Support@Nutek-us.com

More information

Policy 10.105: Enterprise Risk Management Policy

Policy 10.105: Enterprise Risk Management Policy Name: Responsibility: Complements: Enterprise Risk Management Framework Coordinator, Enterprise Risk Management Policy 10.105: Enterprise Risk Management Policy Date: November 2006 Revision Date(s): January

More information

Procurement Programmes & Projects P3M3 v2.1 Self-Assessment Instructions and Questionnaire. P3M3 Project Management Self-Assessment

Procurement Programmes & Projects P3M3 v2.1 Self-Assessment Instructions and Questionnaire. P3M3 Project Management Self-Assessment Procurement Programmes & Projects P3M3 v2.1 Self-Assessment Instructions and Questionnaire P3M3 Project Management Self-Assessment Contents Introduction 3 User Guidance 4 P3M3 Self-Assessment Questionnaire

More information

21. Earned Value deals with: a. EV Scope b. PV Time c. AC Cost 22. Portfolios are organized around business goals. 23. Take stern action against

21. Earned Value deals with: a. EV Scope b. PV Time c. AC Cost 22. Portfolios are organized around business goals. 23. Take stern action against PMP Short Notes Based on PMBOK Guide fifth edition By Dilip Chaturvedi,PMP Email id: info@justpmp.com To know about our training schedule, please visit www.justpmp.com 1. Communication is more complex

More information

RISK BASED AUDITING: A VALUE ADD PROPOSITION. Participant Guide

RISK BASED AUDITING: A VALUE ADD PROPOSITION. Participant Guide RISK BASED AUDITING: A VALUE ADD PROPOSITION Participant Guide About This Course About This Course Adding Value for Risk-based Auditing Seminar Description In this seminar, we will focus on: The foundation

More information

Project Management Office (PMO)

Project Management Office (PMO) Contents I. Overview of Project Management...4 1. Project Management Guide (PMG)...4 1.1 Introduction...4 1.2 Scope...6 1.3 Project Types...6 2. Document Overview, Tailoring, and Guidance...7 3. The Project

More information

PROJECT MANAGEMENT PLAN CHECKLIST

PROJECT MANAGEMENT PLAN CHECKLIST PROJECT MANAGEMENT PLAN CHECKLIST The project management plan is a comprehensive document that defines each area of your project. The final document will contain all the required plans you need to manage,

More information

RETTEW Associates, Inc. RISK MANAGEMENT PLAN. for. (client project/rfp number) (date of proposal submission)

RETTEW Associates, Inc. RISK MANAGEMENT PLAN. for. (client project/rfp number) (date of proposal submission) RISK MANAGEMENT PLAN for (client project/rfp number) (date of proposal submission) This proposal includes data that shall not be disclosed outside the government and shall not be duplicated, used, or disclosed

More information

The PNC Financial Services Group, Inc. Business Continuity Program

The PNC Financial Services Group, Inc. Business Continuity Program The PNC Financial Services Group, Inc. Business Continuity Program 1 Content Overview A. Introduction Page 3 B. Governance Model Page 4 C. Program Components Page 4 Business Impact Analysis (BIA) Page

More information

Introduction to the ITS Project Management Methodology

Introduction to the ITS Project Management Methodology Introduction to the ITS Project Management Methodology In September 1999 the Joint Legislative Committee on Performance Evaluation and Expenditure Review (PEER) produced a report entitled Major Computer

More information

Program Lifecycle Methodology Version 1.7

Program Lifecycle Methodology Version 1.7 Version 1.7 March 30, 2011 REVISION HISTORY VERSION NO. DATE DESCRIPTION AUTHOR 1.0 Initial Draft Hkelley 1.2 10/22/08 Updated with feedback Hkelley 1.3 1/7/2009 Copy edited Kevans 1.4 4/22/2010 Updated

More information

Appendix V Risk Management Plan Template

Appendix V Risk Management Plan Template Appendix V Risk Management Plan Template Version 2 March 7, 2005 This page is intentionally left blank. Version 2 March 7, 2005 Title Page Document Control Panel Table of Contents List of Acronyms Definitions

More information

10-005 Enterprise Risk Management

10-005 Enterprise Risk Management 10-005 Enterprise Risk Management Current update: 09/16/10 Original Issuance: 03/31/08 Purpose This policy provides guidance and direction to State Board of Administration business unit heads for identifying,

More information

ERM Program. Enterprise Risk Management Guideline

ERM Program. Enterprise Risk Management Guideline ERM Program Enterprise Management Guideline Table of Contents PREAMBLE... 2 When should I refer to this Guideline?... 3 Why do we need a Guideline?... 4 How do I use this Guideline?... 4 Who is responsible

More information

Risk Management. Software SIG. Alfred (Al) Florence. The MITRE. February 26, 2013. MITRE Corporation

Risk Management. Software SIG. Alfred (Al) Florence. The MITRE. February 26, 2013. MITRE Corporation Risk Management Software SIG MITRE Corporation February 26, 2013 The MITRE Alfred (Al) Florence MITRE Corporation The MITRE Agenda Introduction Risk Management References Contact Information Al Florence

More information

Knowledge Area Inputs, Tools, and Outputs. Knowledge area Process group/process Inputs Tools Outputs

Knowledge Area Inputs, Tools, and Outputs. Knowledge area Process group/process Inputs Tools Outputs HUMAN RESOURCE MANAGEMENT Organizational planning Staff Acquisition Project interfaces such as organizational interfaces, technical interfaces and interpersonal interfaces. Staffing requirements Staffing

More information

Project Management Frequently Asked Questions:

Project Management Frequently Asked Questions: Project Management Frequently Asked Questions: Risk Management Version:1.4, November 2008 Inter Agency Policy and Projects Unit Department of Premier and Cabinet What are the benefits of risk management?

More information

Program Prioritization

Program Prioritization University of Alberta, Department of and Film Studies 1 October 2015 Program Prioritization Department of Jonathan Warren York University Contexts for prioritization Department of 1. Ontario Ministry of

More information

The Commonwealth of Virginia. P3 Risk Management Guidelines

The Commonwealth of Virginia. P3 Risk Management Guidelines The Commonwealth of Virginia P3 Risk Management Guidelines March 2015 Document Version control Version Date Issued 1.0 September 2011 2.0 March 2015 R ISK M ANAGEMENT G UIDELINES MARCH 2015 PAGE 2 TABLE

More information

Step by Step Project Planning

Step by Step Project Planning Step by Step Project Planning Contents Introduction The Planning Process 1 Create a Project Plan...1 Create a Resource Plan...1 Create a Financial Plan...1 Create a Quality Plan...2 Create a Risk Plan...2

More information

Risk Management Strategy and Policy. The policy provides the framework for the management and control of risk within the GOC

Risk Management Strategy and Policy. The policy provides the framework for the management and control of risk within the GOC Annex 1 TITLE VERSION Version 2 Risk Management Strategy and Policy SUMMARY The policy provides the framework for the management and control of risk within the GOC DATE CREATED January 2013 REVIEW DATE

More information

A Risk Management Standard

A Risk Management Standard A Risk Management Standard Introduction This Risk Management Standard is the result of work by a team drawn from the major risk management organisations in the UK, including the Institute of Risk management

More information

Digital Asset Manager, Digital Curator. Cultural Informatics, Cultural/ Art ICT Manager

Digital Asset Manager, Digital Curator. Cultural Informatics, Cultural/ Art ICT Manager Role title Digital Cultural Asset Manager Also known as Relevant professions Summary statement Mission Digital Asset Manager, Digital Curator Cultural Informatics, Cultural/ Art ICT Manager Deals with

More information

Change Management Trends in Governance Structures

Change Management Trends in Governance Structures Change Management Trends in Governance Structures Cheryl Yaeger BenchMark Consulting International OVERVIEW Financial institutions are operating in a very dynamic marketplace today; this requires the ability

More information

Risk Management Framework

Risk Management Framework Risk Management Framework Christopher J. Alberts Audrey J. Dorofee August 2010 TECHNICAL REPORT CMU/SEI-2010-TR-017 ESC-TR-2010-017 Acquisition Support Program Unlimited distribution subject to the copyright.

More information

Project Management Plan for

Project Management Plan for Project Management Plan for [Project ID] Prepared by: Date: [Name], Project Manager Approved by: Date: [Name], Project Sponsor Approved by: Date: [Name], Executive Manager Table of Contents Project Summary...

More information

Institute for Business Continuity Training 1623 Military Road, # 377 Niagara Falls, NY 14304-1745

Institute for Business Continuity Training 1623 Military Road, # 377 Niagara Falls, NY 14304-1745 ECP - 601: Effective Business Continuity Management: ISO 22301 This 3-day course provides an intensive, hands-on workshop covering all major aspects for the design of an effective Business Continuity Plan

More information

Understand why, when and how-to to formally close a project

Understand why, when and how-to to formally close a project Project Closure Purpose: Understand why, when and how-to to formally close a project Audience: Project managers, project sponsors, team members and other key stakeholders Learning Objectives: Describe

More information

Risk Management & Business Continuity Manual 2011-2014

Risk Management & Business Continuity Manual 2011-2014 ANNEX C Risk Management & Business Continuity Manual 2011-2014 Produced by the Risk Produced and by the Business Risk and Business Continuity Continuity Team Team February 2011 April 2011 Draft V.10 Page

More information

STANDARDS OF SOUND BUSINESS AND FINANCIAL PRACTICES. ENTERPRISE RISK MANAGEMENT Framework

STANDARDS OF SOUND BUSINESS AND FINANCIAL PRACTICES. ENTERPRISE RISK MANAGEMENT Framework STANDARDS OF SOUND BUSINESS AND FINANCIAL PRACTICES ENTERPRISE RISK MANAGEMENT Framework September 2011 Notice This document is intended as a reference tool to assist Ontario credit unions to develop an

More information

California Department of Mental Health Information Technology Attention: MHSA-IT 1600 9 th Street, Room 141 Sacramento, CA 95814

California Department of Mental Health Information Technology Attention: MHSA-IT 1600 9 th Street, Room 141 Sacramento, CA 95814 IT Project Status Report For an MHSA-Funded IT Project Please send the Signed Original to the following address: California Department of Mental Health Information Technology Attention: MHSA-IT 1600 9

More information

Essential Elements for Any Successful Project

Essential Elements for Any Successful Project In this chapter Learn what comprises a successful project Understand the common characteristics of troubled projects Review the common characteristics of successful projects Learn which tools are indispensable

More information

The purpose of Capacity and Availability Management (CAM) is to plan and monitor the effective provision of resources to support service requirements.

The purpose of Capacity and Availability Management (CAM) is to plan and monitor the effective provision of resources to support service requirements. CAPACITY AND AVAILABILITY MANAGEMENT A Project Management Process Area at Maturity Level 3 Purpose The purpose of Capacity and Availability Management (CAM) is to plan and monitor the effective provision

More information

LeadingAge Maryland. QAPI: Quality Assurance Performance Improvement

LeadingAge Maryland. QAPI: Quality Assurance Performance Improvement LeadingAge Maryland QAPI: Quality Assurance Performance Improvement NOT ALL CHANGE IS IMPROVEMENT, BUT ALL IMPROVEMENT IS CHANGE Donald Berwick, MD Former CMS Administrator 2 WHAT IS QAPI? Mandated as

More information

PRIORITIZING CYBERSECURITY

PRIORITIZING CYBERSECURITY April 2016 PRIORITIZING CYBERSECURITY Five Investor Questions for Portfolio Company Boards Foreword As the frequency and severity of cyber attacks against global businesses continue to escalate, both companies

More information

Risk Management Basics - ISO 31000 Standard. Louis Kunimatsu, CRISC IT Security & Strategy, Ford Motor Company

Risk Management Basics - ISO 31000 Standard. Louis Kunimatsu, CRISC IT Security & Strategy, Ford Motor Company Risk Management Basics - ISO 31000 Standard Louis Kunimatsu, CRISC IT Security & Strategy, Ford Motor Company Risk Management Basics - ISO 31000 Standard 1. Risk Management Basics 2. ISO 31000 Risk Management

More information

44-76 mix 2. Exam Code:MB5-705. Exam Name: Managing Microsoft Dynamics Implementations Exam

44-76 mix 2. Exam Code:MB5-705. Exam Name: Managing Microsoft Dynamics Implementations Exam 44-76 mix 2 Number: MB5-705 Passing Score: 800 Time Limit: 120 min File Version: 22.5 http://www.gratisexam.com/ Exam Code:MB5-705 Exam Name: Managing Microsoft Dynamics Implementations Exam Exam A QUESTION

More information

Integrating Project Management and Service Management

Integrating Project Management and Service Management Integrating Project and Integrating Project and By Reg Lo with contributions from Michael Robinson. 1 Introduction Project has become a well recognized management discipline within IT. is also becoming

More information

Governance and Risk Management in the Public Sector. Fernando A. Fernandez Inter-American Development Bank (202) 623-1430 e-mail: fernandof@iadb.

Governance and Risk Management in the Public Sector. Fernando A. Fernandez Inter-American Development Bank (202) 623-1430 e-mail: fernandof@iadb. Governance and Risk Management in the Public Sector Fernando A. Fernandez Inter-American Development Bank (202) 623-1430 e-mail: fernandof@iadb.org 1 Agenda Governance, why is it important? Compliance

More information

5.2. 5.2 Template for IT Project Plan. Template for IT Project Plan. [Project Acronym and Name]

5.2. 5.2 Template for IT Project Plan. Template for IT Project Plan. [Project Acronym and Name] 231 5.2 Template for IT Project Plan Name of the Tool: Source: Usage: Description: Template for IT Project Plan GIZ This template has been designed as a tool to support the planning of IT projects for

More information

IT strategy. What is an IT strategy? 3. Why do you need an IT strategy? 5. How do you write an IT strategy? 6. Conclusion 12. Further information 13

IT strategy. What is an IT strategy? 3. Why do you need an IT strategy? 5. How do you write an IT strategy? 6. Conclusion 12. Further information 13 IT strategy made simple What is an IT strategy? 3 Why do you need an IT strategy? 5 How do you write an IT strategy? 6 step 1 Planning and preparation 7 step 2 Understanding your organisation s IT needs

More information

Government Communication Professional Competency Framework

Government Communication Professional Competency Framework Government Communication Professional Competency Framework April 2013 Introduction Every day, government communicators deliver great work which supports communities and helps citizens understand their

More information

Project Charter and Scope Statement

Project Charter and Scope Statement Prepared by: Mike Schmidt Version: 1.0 Last Revision Date: April 14, 2010 Create Date: May 6, 2010 EXECUTIVE SUMMARY... 3 1 INTRODUCTION... 4 2 PROJECT OBJECTIVES... 4 2.1 MISSION... 4 2.2 OBJECTIVES...

More information

Project Risk Management. Presented by Stephen Smith

Project Risk Management. Presented by Stephen Smith Project Risk Management Presented by Stephen Smith Introduction Risk Management Insurance Business Financial Project Risk Management Project A temporary endeavour undertaken to create a unique product

More information

Internal Quality Assurance Arrangements

Internal Quality Assurance Arrangements National Commission for Academic Accreditation & Assessment Handbook for Quality Assurance and Accreditation in Saudi Arabia PART 2 Internal Quality Assurance Arrangements Version 2.0 Internal Quality

More information

1 www.imarcresearch.com

1 www.imarcresearch.com Risk Management in Clinical Research: PROCESS DEVELOPMENT & APPLICATION Introduction Recently, two key pieces of guidance were released from Food and Drug Administration (FDA) and European Medicines Agency

More information

Business Continuity Planning. Presentation and. Direction

Business Continuity Planning. Presentation and. Direction Business Continuity Planning Presentation and Direction Thomas Bronack, president Data Center Assistance Group, Inc. 15180 20 th Avenue Whitestone, NY 11357 Phone: (718) 591-5553 Email: bronackt@dcag.com

More information

Risk Management for IT Projects

Risk Management for IT Projects Introduction There are a variety of standards associated with risk management including PMI s Project Management Body of Knowledge (PMBOK), Australia-New Zealand ANZ- 4360, International Standards Organization

More information

Crosswalk Between Current and New PMP Task Classifications

Crosswalk Between Current and New PMP Task Classifications Crosswalk Between Current and New PMP Task Classifications Domain 01 Initiating the Project Conduct project selection methods (e.g., cost benefit analysis, selection criteria) through meetings with the

More information

Risk/Issue Management Plan

Risk/Issue Management Plan Risk/Issue Management Plan Centralized Revenue Opportunity System November 2014 Version 2.0 This page intentionally left blank Table of Contents 1. Overview... 3 1.1 Purpose... 3 1.2 Scope... 3 2. Roles

More information

The integrated leadership system. ILS support tools. Leadership pathway: Individual profile EL1

The integrated leadership system. ILS support tools. Leadership pathway: Individual profile EL1 The integrated leadership system ILS support tools Leadership pathway: Individual profile Executive Level 1 profile Shapes strategic thinking Achieves results Cultivates productive working relationships

More information

Risk Profiling Toolkit DEVELOPING A CORPORATE RISK PROFILE FOR YOUR ORGANIZATION

Risk Profiling Toolkit DEVELOPING A CORPORATE RISK PROFILE FOR YOUR ORGANIZATION Risk Profiling Toolkit DEVELOPING A CORPORATE RISK PROFILE FOR YOUR ORGANIZATION I Background Under the TBS Risk Management Policy, departments and agencies must identify the potential perils, factors

More information

Risk Management and Internal Audit Specialized Training Course Audit Risk Assessment Methodology

Risk Management and Internal Audit Specialized Training Course Audit Risk Assessment Methodology Risk Management and Internal Audit Specialized Training Course Audit Risk Assessment Methodology May 20, 2015 Internal FR 2 Risk and Risk Assessment Defined Risk Institute of Internal Auditors (IIA) The

More information

Risk Management Procedure

Risk Management Procedure Purpose of this document Develop and document procedures and work instructions for Risk Management to cover the project Stages set out in the Project Process Map. The purpose of this procedure is to identify

More information

Appendix 3: Project Management Substation Guidelines (General Process Flow Template)

Appendix 3: Project Management Substation Guidelines (General Process Flow Template) 365 Appendix 3: Project Management Substation Guidelines (General Process Flow Template) Checkpoint Methodology The schedule is issued prior to the go decision. It covers the duration of the project. It

More information

How to achieve excellent enterprise risk management Why risk assessments fail

How to achieve excellent enterprise risk management Why risk assessments fail How to achieve excellent enterprise risk management Why risk assessments fail Overview Risk assessments are a common tool for understanding business issues and potential consequences from uncertainties.

More information

CDC UNIFIED PROCESS PRACTICES GUIDE

CDC UNIFIED PROCESS PRACTICES GUIDE Document Purpose The purpose of this document is to provide guidance on the practice of Requirements Definition and to describe the practice overview, requirements, best practices, activities, and key

More information

Job Description. Barnet Band & scale range. No. of staff responsible for 0 Budget responsibility ( ) Purpose of Job

Job Description. Barnet Band & scale range. No. of staff responsible for 0 Budget responsibility ( ) Purpose of Job Job Title Barnet Band & scale range Reports to Service area No. of staff responsible for 0 Budget responsibility ( ) Purpose of Job Job Description Partnership Manager Commissioning Group The will support

More information

Part One: Introduction to Partnerships Victoria contract management... 1

Part One: Introduction to Partnerships Victoria contract management... 1 June 2003 The diverse nature of Partnerships Victoria projects requires a diverse range of contract management strategies to manage a wide variety of risks that differ in likelihood and severity from one

More information

PMP Project Management Professional Study Guide, Third Edition

PMP Project Management Professional Study Guide, Third Edition PMP Project Management Professional Study Guide, Third Edition Joseph Phillips McGraw-Hill is an independent entity from the Project Management Institute, Inc. and is not affiliated with the Project Management

More information

Information Technology Engineers Examination. Information Technology Service Manager Examination. (Level 4) Syllabus

Information Technology Engineers Examination. Information Technology Service Manager Examination. (Level 4) Syllabus Information Technology Engineers Examination Information Technology Service Manager Examination (Level 4) Syllabus Details of Knowledge and Skills Required for the Information Technology Engineers Examination

More information

Town of Greenwich. Strategic Technology Plan

Town of Greenwich. Strategic Technology Plan Town of Greenwich Strategic Technology Plan Executive Summary May 6, 2013 Prepared for: Town of Greenwich 101 Field Point Road Greenwich, CT 06830 PaSFge ihttp:// http://www.berrydunn.com/gcg Acknowledgements

More information

PASTA Abstract. Process for Attack S imulation & Threat Assessment Abstract. VerSprite, LLC Copyright 2013

PASTA Abstract. Process for Attack S imulation & Threat Assessment Abstract. VerSprite, LLC Copyright 2013 2013 PASTA Abstract Process for Attack S imulation & Threat Assessment Abstract VerSprite, LLC Copyright 2013 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

More information

Project Management for Process Improvement Efforts. Jeanette M Lynch CLSSBB Missouri Quality Award Examiner Certified Facilitator

Project Management for Process Improvement Efforts. Jeanette M Lynch CLSSBB Missouri Quality Award Examiner Certified Facilitator Project Management for Process Improvement Efforts Jeanette M Lynch CLSSBB Missouri Quality Award Examiner Certified Facilitator 2 Project and Process Due to the nature of continuous improvement, improvement

More information

The Project Academy Series: Contract Management and Negotiation. January 30 and 31, 2014

The Project Academy Series: Contract Management and Negotiation. January 30 and 31, 2014 The Project Academy Series: Contract Management and Negotiation January 30 and 31, 2014 1 Agenda Take Away Contract Parts n Pieces Procurement Phase Components of a Strong Contract Attributes of a Contract

More information

Space project management

Space project management ECSS-M-ST-80C Space project management Risk management ECSS Secretariat ESA-ESTEC Requirements & Standards Division Noordwijk, The Netherlands Foreword This Standard is one of the series of ECSS Standards

More information

Risk management and the transition of projects to business as usual

Risk management and the transition of projects to business as usual Advisory Risk management and the transition of projects to business as usual Financial Services kpmg.com 2 Risk Management and the Transition of Projects to Business as Usual Introduction Today s banks,

More information

The College of New Jersey Enterprise Risk Management and Higher Education For Discussion Purposes Only January 2012

The College of New Jersey Enterprise Risk Management and Higher Education For Discussion Purposes Only January 2012 The College of New Jersey Enterprise Risk Management and Higher Education For Discussion Purposes Only Agenda Introduction Basic program components Recent trends in higher education risk management Why

More information