The Identify Risks process is all about figuring out all possible uncertainties or problem areas that may come to bite us in future. So, to ensure that we figure out all possible problems we need to look at a variety of project related areas. All these put together are known as the “Inputs” to the Risk Identification process.
Inputs Used in the Identify Risks process
We have successfully entered the Identify Risks process. This is where we are going to take a look at all possible inputs that can help us identify all possible risks that may affect us. We will be looking at every nook and cranny of our project to uncover as many risks as possible.
Trivia:
The 4th edition of the PMBOK Guide is the latest and we will be using the same in all our studies. If you have an older version of the PMBOK guide, the names of the processes or the inputs/outputs may be different. As both the exam as well as this blog is based on the 4th edition of the PMBOK guide, I suggest you upgrade to the same. If you are a PMI Member a soft copy of the 4th edition is available for download as a member benefit. Alternately you can even order a paper-back copy from PMI website or Amazon.
The following are the items that we will need while Identifying Risks:
1. Enterprise Environmental Factors
2. Organizational Process Assets
3. Risk Management Plan
4. The following documents/plans from the Project Management Plan
a. Cost Management Plan
b. Scheduled Management Plan
c. Quality Management Plan
d. Scope Baseline
5. Activity Cost Estimates
6. Activity Duration Estimates
7. Stakeholder Register
8. Other Project Documents like
a. Work Performance Reports
b. Earned Value Reports
c. Assumptions Log
d. Baselines
e. Network Diagrams
f. Etc.
As we saw in the chapter on “
Managing Uncertainty” Uncertainties are sources of risks and they can exist anywhere in our project. The list above is basically a “Where” we will be looking for all those uncertainties that exist in our project so that we can address them appropriately. Let us now take a detailed look at each of these items.
A word of Caution:
It is never a good idea to memorize stuff blindly, esp. for certifications like the RMP that test our practical knowledge and understanding of Project Risk Management concepts. So, take your time, read and understand what each item is and why it is used. This way you will not only be a better risk manager, but also eliminating the need to memorize stuff.
1. Enterprise Environmental Factors
We have learnt what these enterprise environmental factors are many times in this blog. The factors that are relevant in our identifying risks area are:
a. Commercial Databases
b. Public & Industry studies
2. Organizational Process Assets
These again have been covered many times. The organizational process assets include files & data from previous projects. We can study what the actual risks were, the responses that we used and the actual outcomes of the responses. We can utilize this information to ensure that we do not commit the same mistakes as our predecessors. Looking at the lessons learned documents from previous similar projects would be a good idea too. Document Templates also come under this section.
3. Risk Management Plan
As you may have guessed correctly by now, the risk management plan comes as an input to every risk management process in our project that happens after it is created. As this document explains how risk management activities are to be carried out in our project, it is an indispensable resource. We will be using the following from the risk management plan:
a. Assignment of Roles & Responsibilities
b. Budget and Schedule provisions & allocations to Risk Management activities
c. Risk Breakdown Structure
4. Artifacts from the Project Management Plan
The following artifacts from the Project Management Plan will be useful for us in this step. An important point here is that, you need not remember all intricate details about these processes like inputs, tools & techniques, outputs etc. (like what we were forced to remember for the PMP Exam). But, you need to understand these items in detail to ensure that you are able to correlate all those areas from these artifacts that can contribute to the projects risk management area.
a. Scope Baseline
The scope baseline includes the
Project Scope Statement along with any constraints & assumptions. As you might already know, wherever assumptions are involved, there are bound to be uncertainties and it is these uncertainties that we are looking for. Also, constraints can be a major source of risks.
The scope baseline contains a key artifact that will be very useful for us from a Risk Management perspective. If you have already done your PMP you must have guessed this by now…
“
Work Breakdown Structure”
A
Work Breakdown Structure is going to give us a detailed perspective of the project work that will be done including tasks and sub-tasks. By going through this WBS thoroughly we can uncover a lot of potential risk possibilities.
b. Cost Management Plan
The
Estimating Costs and Determining Budgets process of Project Planning creates the Projects Cost Baseline or in other words the Project Budget. The approach used in managing the project costs can be a major source of risks. For ex: a project that is operating on a tight budget with little room for maneuvering has a great risk of cost overruns. On the other hand, if the project has good cost reserves planned already, then the risks go down accordingly.
c. Schedule Management Plan
The
Develop Project Schedule process creates the Project Schedule. By understanding the Projects Schedule and the Schedule Management Plan will give us a good idea of whether the project is operating on tight deadlines or has any slack in terms of completion dates. As in the case of Projects Budget, projects operating on a tight schedule can have a great deal of risk in terms of schedule overruns.
d. Quality Management Plan
The approach to quality management in the project has a direct bearing on the project risks. A Project where a great deal of importance is given to quality related activities to produce a good quality work product usually has lower risks when compared to one that does not follow good quality practices. In cases where the quality or work done is compromised (for whatever reason it may be), risks are introduced.
Poor Quality Standards is a major source of risks in many projects. If we address the Quality aspect of our project, we will be eliminating a good number of risks at its source.
5. Activity Cost Estimates
The Cost Estimates are created in the
Estimating Costs process and these estimates can give us a good idea of the likely cost involved in all the scheduled project activities. This way we can identify if the project is in any danger of cost overruns.
6. Activity Duration Estimates
The activity duration estimates are created in the
Estimate Activity Duration process. The quality and accuracy of the estimates can have a direct impact on the risks. If the estimate is accurate then the risks of schedule overruns are low whereas if the estimates are rough or ball-park then the chances of schedule slippages are pretty high which in turn means high risk.
7. Stakeholder Register
The stakeholder register gives us details about the list of all people who have a stake in our project. We can use it to identify the high influence group of stakeholders and handle them accordingly. We can also use this document to invite all those important stakeholders to the risk related meetings to ensure that everyone is on the same page.
8. Other Project Documents
There are a whole bunch of other project related documents that can be sources of risks or risk related information. Some of them are:
a. Work Performance Reports – The output of the Direct and Manage Project Execution process
b. Earned Value Reports – The output of the Measure Project Performance process
c. Assumption logs
d. Baselines (Cost, Schedule and Scope)
e. Network Diagrams – Created during the Develop Project Schedule process
f. Etc.
If you see closely, the scope baseline was considered as a separate input entity just a few paragraphs ago and has been mentioned again as part of the general term “Baselines” along with the Cost and Schedule baseline. Also, the Schedule Management Plan & the Cost Management Plan were covered already as inputs in detail and their baselines are considered here. This should give you a fair idea of the fact that the golden triangle “Scope-Time-Cost” are the key sources of risks for the Project and need to be investigated & analyzed thoroughly in order to minimize risks and to enhance the chances of the Project’s Success.
Apart from all the above mentioned inputs, any other document or information related to the Project that can be a source of risk or that can provide insights that will help in project risk management can be considered as input to this process.
Prev: Intro to Risk Identification
Next: Tools & Techniques used in Risk Identification