The first key to managing risk on your project is to know where to look for it. The good news is that 80% or more of all risks originate from the same sources on every project. After you know the project characteristics that contribute to higher risk levels and the common sources of most project risks, you can quickly and effectively identify risk factors for any project. These factors should be first evaluated during project definition and are the main reason why several iterations of planning are often necessary. In Table 14.3, most of the key project risk factors are listed to better guide your risk identification activities. Note that many of these are emphasis points for project definition and detail project planning.
TABLE 14.3 Common Sources of Risk
| Risk Source Category | Examples/Factors |
|---|---|
| Project size and complexity | Effort hoursCalendar timeEstimated budgetTeam size (number of resources)Number of sitesNumber of business unitsNumber of system interfacesNumber of dependencies on other projectsNumber of dependencies on other systemsDegree of business change |
| Requirements | Volatile requirementsUnrealistic or aggressive performance standardsComplex requirements |
| Change impact | Replacement or new systemImpact on business policiesImpact on business processesImpact on organizational structureImpact on system operations |
| Organization | Changes to project objectiveLack of prioritiesLack of project management buy-in and supportInadequate project fundingMisallocation and mismanagement of resources |
| Sponsorship | Lack of strong executive commitmentLack of clear ownershipLoss of political support |
| Stakeholder involvement | All key stakeholders not identifiedMissing buy-in from a key stakeholderStakeholder needs not completely identifiedKey stakeholders not fully engaged |
| Schedule | Estimate assumptions not holding trueSchedule contingency not adequate |
| Funding | Reduction in available capitalCash flow issuesInflation or exchange rate factors |
| Facilities | Adequate for team productivity requirementsAdequate for project security requirements |
| Team | Full-time or part-time rolesLocation of team membersCan’t find desired resourcesLack of experienceLack of business knowledgeLack of skillsLack of commitmentPersonal issuesLack of prior experience working together |
| Technology | Missing technical dataUse of unproven technologyUse of nonstandard technologyDevelopment approachLevel of complexity |
| Vendors and suppliers | Contract typesRisk-reward elementsProcurement processExperience with vendor/supplier |
| External factors | Changing weather conditionsChanges in legal and regulatory environmentApprovals from governmental agenciesPolitical changes |
| Business factors | Time-to-marketMergers and acquisitionsEconomic eventsMarket conditions |
| Assumptions and constraints | Might create schedule, cost, resource, or quality risks |
| Project management | Lack of experiencePoor leadershipPoor communicationsLack of contingency plansInadequate risk management |
Although most sources of risk are inherent attributes of project initiatives or are outside the project manager’s control (as the preceding table summarized), there is another common source of project risks that is generally self-inflicted. These are the project risks we create by not performing adequate project definition or detail project planning.
Note
Unidentified or unacknowledged project planning defects are the most common source of unknown risks.
Note
Technically, these factors are actually planning defects. They become project risks only if they are not corrected before planning is complete.
For a complete listing and explanation of those factors, you can review Part II, “Project Planning.” For a quick review, Table 14.4 lists many of the key factors. Please note that some risk source categories are listed again in this table. This is intentional. In some areas, there are universal, inherent factors that contribute to project risk, and there are other risk factors that are introduced due to inadequate project planning. One example is the project schedule. Estimate assumptions not holding true and inadequate contingency buffer are inherent risks on any project. However, a poorly developed schedule is self-inflicted and a result of project planning deficiencies. Yet, it can be as devastating to your project critical success factors as anything.
TABLE 14.4 Common Project Planning Sources of Risk
| Risk Source Category | Examples/Factors |
|---|---|
| Project management | Improperly defined project deliverablesIncomplete planningImproper proceduresNot defining clear roles and responsibilitiesLack of contingency plansInadequate risk managementInadequate attention to the right detailsInadequate resource staffing |
| Project definition | Unrealistic objectivesInconsistent objectivesIncomplete scope definitionInconsistent scope definitionImproperly defined project deliverables |
| WBS (and project schedule) | Not reviewed and approved by stakeholdersMissing tasksLack of team understandingMissing project management activitiesExternal dependencies not identified and understood |
| Project schedule | Missing task dependenciesTasks not clearly assignedResources overallocatedCalendar realities not factoredInadequate contingency or reserve |
| Project budget | Poorly developed cost estimatesMissing cost sourcesInadequate contingency or reserve |
| Requirements | Incomplete or poorly defined requirements |
| Assumptions and constraints | Not completely defined |
Leave a Reply