Top 5 Responsibilities of a Risk Management Team (Part I)
May 20, 2010
The 5-phase process for managing risks
A risk management team (workgroup) is a separate and often independent unit within the project management team headed by the risk manager or the chief risk officer. It helps place a value on the project’s activities (such as procuring, communicating, controlling quality, staffing etc.).
The team also develops strategies to mitigate identified risks, applies risk management methodologies and risk analysis tools, and integrates insurance policies of treating prioritized threats with the project management team.
The primary responsibility is to ensure that the project is provided with a complete risk management information system that ultimately determines how to control and oversee the project’s effectiveness and fulfilment. The team also approves risk management policies and defines their framework.
The workgroup oversees and treats for the execution of the five-step process:
- Admit and Identify
The implementation of every activity within a project involves some degree of threat or uncertainty about future events. The first step in managing such threats is to acknowledge and identify them. Some of the threats are generic and inherent to the execution of the project so virtually any activity has a risk to fail.
For example, some necessary goods to be procured for executing the project are delivered out of schedule so completion of the respective project’s phase or the overall project completion is under the risk of failure, or at least delay.Other risks and threats are unique to the performing company, for example a possibility of vehicular crashes or copyright infringements. By means of risk management workshops, seminars and meetings, the risk management group needs to admit a probability of risk occurrence and then use risk identification tools to reveal and describe the probable risks.
In case the team can envision any threats and uncertainties happening in the existing system, it should list those threats at the very beginning of the risk management process. Insight will play a considerable role for identifying risks, so appropriate risk management education of the team members will be appreciated.
- Measure and Prioritize
At the second step, the team evaluates the probability of each risk’s occurrence and estimates its possible (negative or positive) effect and cost to the project and its activities. The group can use a retrospective risk assessment methodology to get a look at past accidents (if they took place) and check with similar situations in order to try developing risk probability estimates and cost estimates.A given retrospective risk assessment methodology allows using lessons learnt and consider the potential public reaction considering the past experience. If no similar threats are detected in past projects after a retrospective risk assessment methodology has been conducted, the team can use strategic risk management tools and assessment methods to evaluate the risks.The PMBOK Guide offers a variety of such tools and methods. The team uses results obtained to identify priority areas of concern for the risks that are most likely to occur and are expensive when they do happen. Such risks get High Priority. Lower Priority’s risks are those ones that occur rather rarely and are unlikely to cost as much when they do happen.
- Implement a Strategy.
The team decides how to manage the prioritized risks by using risk management strategies. So the next task of the workgroup is to develop a written planwhich outlines what steps should be taken to manage major risks and allow the performing company to carry out the project with the minimal probability of failure. That plan describes a suggested strategy, or combination of such strategies being implemented into the project.The PMBOK Guide offers the four basic risk management strategies. All the strategiesare usually implemented with help of risk management software solutions.
- “Avoidance” Strategy. The workgroup uses a risk management application to develop actions plans and risk management templates that let focus on ways to avoid or cease to provide a service or conduct an activity considered too risky.
- “Modification” Strategy. The workgroup strives at changing and modifying the project’s activities so that the chance of threat occurring and the impact of potential harm can be taken within acceptable limits.
- “Retention” Strategy. With help of a risk management software solution, the workgroup evaluates the success of admitting all or a portion of the identified risks and gets prepared for the consequences.
- “Sharing” Strategy. By means of a risk management application’s functionality for user collaboration and online communication, the workgroup is able to consider sharing the identified risks with another team or organization. Examples of risk sharing strategy include mutual procurement agreements with other performing companies, insurance, etc.