BOOM! An asteroid has just collided with Earth.
Luckily it was a small asteroid, so we’re all okay. Not so luckily, that lump of space rock landed smack in the middle of your project site. Your new construction, your server warehouse, your team headquarters — your whole project has been flattened to a pancake under a mountain of rubble. What now?
Life is full of surprises, and even if you budget every penny and map out each milestone, project risk can sneak up and pull the rug out from under you. You can’t predict the future, but with this Ultimate Guide to Project Risk, you can prepare for it. We’ll tell you everything you need to know about project risk and how to manage risk in a project, including free resources so you can prepare for the next asteroid.
Risky Business: What is Project Risk, Exactly?
Here’s how PMI defines risk: “An uncertain event or condition that has a positive or negative effect on a project’s objectives.” Basically, risk is any unexpected event that can affect your project — for better or for worse. Risk can affect anything: people, processes, technology, and resources.
Pay attention to this important distinction: risks are not the same as issues. There can be positive risks in project management. Not every risk is negative or an issue. Issues are things you know you’ll have to deal with. You may even have an idea of when they'll pop up. (Think scheduled vacations, or a spike in product demand just before the holidays.) Conversely, risks are events that might happen, and you may not be able to tell when. (Surprise! A key product component is on backorder and will arrive a week late.) They're slippery, and it takes some serious preparation to manage them.
We can break project management risks down into five elements:
- Risk event: What might happen to affect your project?
- Risk timeframe: When is it likely to happen?
- Probability: What’s are the chances of it happening?
- Impact: What’s the expected outcome?
- Factors: What events might forewarn or trigger the risk event?
Here's another way to look at it: every time you backup files on an external drive or in cloud storage like Dropbox, you’re practicing risk management. The collapsible umbrella that lives in your bag rain or shine? That's risk management as well. Start applying that same proactive preparedness to your projects and nothing will shake you.
Assessing Project Risk
The first thing you'll want to do is prepare a Risk Assessment to get a better understanding of the kinds of risks you’re facing and their possible consequences.
Here's how, step-by-step:
Step 1: Identify potential risks. Sit down and create a list of every possible risk and opportunity you can think of. If you only focus on the threats, you could miss out on the chance to deliver unexpected value to the customer or client. Ask your team to help you brainstorm during the project planning process, since they might see possibilities that you don't. Here's a list of 130 project risks to get you started.
Step 2: Determine probability. What are the odds a certain risk will occur? It’s a lot more likely that a key team member will be out for a week with the flu than develop total amnesia. Rate each risk with high, medium, or low probability.
Step 3: Determine Impact. What would happen if each risk occurred? Would your final delivery date get pushed back? Would you go over budget? Create a business impact analysis to determine the risk of each potential issue and identify which risks have the biggest effect on your project's outcomes, and rate them as high impact. Rate the rest as medium or low impact risks.
TIP: Start using a risk register to log and track risks. (You can create separate registers for threats and opportunities, if you wish.) Include risk probability, impact, counter-measures, etc.
Once you have your risk assessment in place, you're ready to actually start managing the risk, which will be the next installment in this 2-part series on the Ultimate Guide to Project Risk.
Meanwhile, what are your best risk assessment tips? Share your wisdom in the comments section!