Risk is all about uncertainty. A risk is regarded as an uncertain event, which if occurs may have an impact (positive or negative) on project objectives.
There is a misconception that risk can only have a negative impact on a project. Rather, it can have both negative a positive effect to project goals.
Project risk management is unavoidable to any project nowadays to avoid a negative effect on the project objectives and to get maximum out of opportunities.
Purpose of Risk Assessment
Risk analysis techniques are helpful to forecasts these threats and opportunities in a smarter way to get maximum benefits or to avoid any negative effect or even to mitigate these risks.
Risk Analysis Techniques
These are the two most common techniques used for risk analysis on any project
- Qualitative Risk Analysis
- Quantitative Risk Analysis
We use these techniques to make a priority for dealing with that particular risk.
When I was in my PMP preparations, I use to get confused on both terms but finally, I cracked it as I am explaining to you below.
First, we prepare a Risk Register of overall possible identified risks on a project.
Risk Register is a tool used in risk project management that record the risks going to happen on any project. A risk register contains information like a description of the risk, risk assessment and response strategy main. Below is an example of a risk register.
Qualitative Risk Analysis
This is done on risk-level. Probability of occurrence and impact of all the risks is analyzed. The main purpose here is as we cannot do a complete analysis on every risk on that risk register as we need huge resources and more time hence, we filter out as many as possible here for further analysis.
There are many techniques to perform qualitative risk analysis but most commonly used are
- Interviewing, Delphi Technique
- Historical Data
- SWOT Analysis (Strength, Weakness, Opportunities, and Threats Analysis)
- Risk Rating Scales
Quantitative Risk Analysis
This is done on the project level. Here, we estimate based on time and cost. We will see a combined effect hereafter analyzing the filtered-out risk after qualitative analysis. We will categorize as the overall effect on project objectives.
To perform Risk Analysis quantitatively, we need to do it with any appropriate software as it involves complex calculations and simulations.
Risk Response Strategies for Threats
You have categorized all the risk in your risk register after careful quantitative analysis. It’s time to define the Risk Response process. Here, you will define the response/s to any risk.
There are different strategies to deal with negative risks, we call it Threats and positive risks we call it opportunities.
Every risk should be ranked on a scale of Probability and Severity (1-10 or similar) in a risk register log.
Use this formula in risk register (Risk = Probability x Severity)
Below are the strategies to deal with both threats and opportunities;
- Avoidance / Exploit
- Transferring / Share
- Mitigation / Enhance
Let’s explore these terms one by one in more detail
Avoidance / Exploit
A threat can be avoided by just removing a small part without affecting project goals. It should be the first strategy to deal with threats.
If you find any golden opportunity having high probability and impacts. that will help then exploit it and we call it an aggressive response strategy.
Insurance is the best example to transfer any risk.
Share is when you find the other entity can exploit the opportunity better to get maximum output.
Mitigation / Enhance
Mitigation reduces the impact of risks with high probability and impacts to below the threshold.
On the other hand, opportunities are enhanced by increasing its probability and/or impact to get maximum results.
These are risks that cannot be handled by above-mentioned strategies and you have to accept.
A contingency plan, workaround plan and/or contingency reserve may be developed for that eventuality.
Here, we prepare a contingency plan, contingency reserve or a workaround plan.
The purpose of the risk management planning process is avoiding threats and get maximum out of opportunities. It is clear, nowadays, Risk Project Management is an integral part of any successful project. A qualified person should have to handle this position. A risk manager should have risk management certification from any reputed institute of risk management. He/she should know the purpose of a risk assessment and effective implementations or response strategies.
One Small Request:
Being a Project Management guy, I know how little time we have to play around on the internet. But if you have found this information useful then please share it to your colleague so that more people can get benefit from it. If you have any question then comment below and I am glad to take it.
Read More: Project Management Interview Questions