What’s on the Menu?

We all enjoy having different cuisines at restaurants. Imagine you visited one of the famous restaurants in your country and the menu read like:

** Serves Only the Project Risk

Starters:

• Scope Risk: Serves 2, it’s a blend of ‘scope creep’ and ‘gold-plating’
• Procurement Risk: the ingredients used depends on the availability
• Scheduling Risk: includes unexpected delays due to error in estimations by the chef or natural factors
• Communication Risk: depends on how the requirements are communicated to the chef

Main Course:

• Management risk-(organizational): enjoy different taste every time you order due to instability(delegation of authority)
• Quality: opportunity of having the delicacies including fleas
• Technology Risk: possibility of a half-cooked meal served due to failure of performance of ovens etc.
• Resource Risk: experimented by a new chef with first-hand ingredients

Deserts:

• Integration Risk: the ingredients used will not complement each other
• User acceptance risk: likelihood your taste buds may or may not like the desert served

**Depending on the risk appetite of the individual the dishes will be ordered and served.

Well, I hope the case above gives a brief about the different types of risk encountered while executing the project. There may be more like — Cost risk, stakeholder risk, external risks arising from government agencies, laws, etc.

Every project in an organization bumps into the risk however its impact is determined to depend upon various scenarios. The success of the project involves a lot of activities to be undertaken and one of that is concerning the risk. To have a suitable risk strategy there is a list of processes to be performed:

1. Identify the risk
2. Identify the likelihood of the event
3. Develop Mitigation Plan
4. Quantify Mitigation
5. Implement the Plan

Usually, a risk register is maintained which includes a list of identified risks by the stakeholders, project manager, and the team. It specifies the risk probability, its impact, and the mitigation plan with the correspondence owner (risk owner) who will be implementing the mitigation plan when the event occurs.

Subject to risk appetite and tolerance of the project (stakeholders, project manager, and team), the risk responses for threats can be — avoidance (eliminates the event), transference (shared by 3rd party like insurance companies), mitigation (the probability or impact can be reduced) or acceptance (accepting the risk and taking action as and when it occurs). Similarly, there are different responses for opportunities — exploit (increase the probability of the occurrence of an event), share, enhance, and accept.

Fundamentally, the risk strategy focuses on increasing the probability of the event which has a positive impact (opportunities) and reducing the likelihood of the event with the negative impact (threats). An organization will never go forward with the risk response strategy where the cost of the mitigation plan is greater than the cost of the occurrence of the event.

To conclude, it can be said that every project involves risk, and based on the risk appetite and tolerance of the project the strategies are formulated, or even the decision to terminate the project is taken. It is not a one-time event to be performed but a continuous process until the project is closed.