This paper was first published in the site. Its revision was presented for publication December 9 2018.
Published here February 2019

Introduction | 1. Building Trust Within Your Team 
2. Engaging Your Stakeholders to Get Them What They Really Need
3. Making Project Risk Management an Organic Exercise
4. Understanding the Environment | 5. Applying LEAN Principles | Understanding the Basics

3. Making Project Risk Management an Organic Exercise

Figure 3
Figure 3

Almost every project starts with a set of generic risks that are brought up at the beginning of the project including users' resistance to change, lack of resources, and immature technology, to name a few. Top PMs direct their teams, not only to identify the common risks, but also the most pressing and unique risks in such a way that risk identification is a reflex throughout the project lifecycle. This is no small task at the beginning of a project.

In recognizing risks, Top PMs also look to their collaboration with key stakeholders, who often explicitly or implicitly define risk and concerns in their requirements. Great PMs understand that this process happens all the way through the entire project life cycle from the requirements elicitation step onwards. They regard this as an asset for defining risk throughout the project process. Hence, expert PMs also trust their teams to use and apply their expert knowledge as a source of risk mitigation. To achieve this, the PM actively empowers team members to take ownership of the project and proactively spot risk by participating in risk identification and management.

In many large, complex and critical IT projects, it is common to hold daily "Standup" meetings. A practical and typical question relating to risk at such a meeting is simply: "What is getting in your way?"

In practical terms, the third question during a daily standup reflects more prudent responses as a team is empowered to contribute to the project's success. Of course, some blockers may be temporary or removed immediately following the scrum, however, some are potential candidates which may grow into substantial risks. Team members need to be encouraged to identify these potential risks and their inclusion should be celebrated rather than look down upon even at the end of the project lifecycle.

Risk recognition is also not as simple as stating the risk and proceeding forward. Risk recognition should be regularly assessed, in terms of probability, severity, and a metric that is sometimes forgotten: proximity. The latter metric allows for the team to define the right action items, whether it be "Do nothing until next risk recognition step" or something more tangible should the risk be more proximate. What is important to recognize here is that Top PMs understand how to make risks actionable, as any risk is unhelpful if it is unmanaged. Additionally, the list of action items should not only be reactive but also proactive in nature, ultimately informing a Risk-Adjusted Product Backlog.

In short, a Top PM recognizes that regardless of experience or authority, they are not and should not be the single source for risk recognition and management. Stakeholders, their team, and other important project contributors should be involved in risk recognition and management not only during early stages but also regularly through the project life cycle. This is important because there is very little use for having risks that have been identified at the start of the project but have not been managed ever since.

Key takeaway: "To achieve successful project management, the whole team must be responsible for identifying risks. Risk discovery has to be a continuous process that happens throughout the whole lifetime of the project."

2. Engaging Your Stakeholders to Get Them What They Really Need  2. Engaging Your Stakeholders to
Get Them What They Really Need

Home | Issacons | PM Glossary | Papers & Books | Max's Musings
Guest Articles | Contact Info | Search My Site | Site Map | Top of Page