This section breaks out of the strict risk management process and considers some powerful strategies you should consider to either deal with the high-priority risks you now have or reduce the number of new risks from occurring as your project goes forward.
- Tackle high risks first—Develop a work plan that attacks your high-risk factors right out of the gate Why? If you are going to have a problem, it is best to know sooner than later. If something is not feasible or acceptable, determine this as soon as possible, so senior management can decide whether the project is worthy of organizational investment and resources.
- Use iterative, phased approaches—By breaking the work of the project into multiple iterations and phases, you provide a systematic method of providing tangible output to the stakeholders sooner and more often. The multiple points of review and feedback with the stakeholders enable you to better control your greatest risk—stakeholder expectations and satisfaction.
- Test it like you mean it—This strategy overlaps with quality management but is worth emphasizing here too. There’s no better way to avoid and reduce risks with a new work product than to use effective, prioritized testing. An effective test plan will identify defects before the final project work item is deployed to production or made available to the customer audience.
NoteAgile approaches emphasize these first three risk control strategies: tackle high risks first, use iterative, phased approaches, and use prioritized testing. - Verify deployments—And for those in the IT software world, this strategy is focused on verifying the deployment of the project work product into a new environment. Often, this is referred to as a “smoke test” and is commonly used with IT services and resources. The project work item might have met all requirements, but if it is not deployed and set up correctly in the target environment, the customer will not be able to tell the difference. NoteFor those in the IT space, DevOps (or DevSecOps) approaches emphasize these last two risk control strategies: prioritized/continuous testing and verifying deployments through continuous build, integration, and deployment processes.
- QA the planning process—This strategy has been mentioned before but is worth mentioning again: Be sure to do a quality review on the planning process. This step helps identify planning defects that, if undetected, will become unknown risks with a high-impact potential.
- Leverage independent QA audits—Leveraging an independent, experienced, and objective viewpoint can be a powerful way to identify risk factors and determine the best response strategies. This can be especially useful in project situations where the key stakeholders are inexperienced, the climate is very political, or multiple vendors are involved.
Leave a Reply