In the previous chapter, we saw an overview of all the tools and techniques that we could use as part of the Qualitative Risk Analysis phase of Risk Management. I had also said towards the end of the chapter that we will be covering all of those tools one by one in the subsequent chapters. Well, here we are. This chapter is about the first in the list, namely “Risk Probability & Impact Assessment”
Risk Probability & Impact Assessment
Risk Probability & Impact Assessment provides us with the initial risk rating for each of the risks that we have identified so far. To arrive at this risk rating, we will be using the definition of risk probability and impact that we defined when the Risk Management Plan was created. Remember the chapter on Creating the Risk Management Plan or Contents of the Risk Management Plan?
Using the definitions from the Risk Management Plan we will determine two things that will help us assign these risk ratings to our risks. They are:
a. Determine the chances (probability) that each risk will occur &
b. Examine the effects of a risk on Project objectives if the risk were to materialize. The usual project objectives we will be worried about are Cost, Quality, Schedule etc.
An important point to note here is that, we will be analyzing/assessing both risks and opportunities at this stage. Did you forget all about Objectives? It is easy to forget about Objectives whenever we get into topics on risk management. But, a good risk manager will always keep his eyes open for objectives and capitalize on them as and when possible.
Who is Involved in this step – Risk Probability & Impact Assessment?
This is a pretty straight forward question isn’t it? Try to answer this one by yourself…
Did you say “Everyone in the Project”?
If so, you are almost right. All team members from your projects take part in this step. Along with your project team members, knowledgeable individuals from outside the team known as “Risk Experts” too are part of the team. Practically speaking, you may not have the luxury of having risk experts as part of each project team. The organization as a whole may have a pool of risk experts who are shared between multiple projects as and when required. This is how a majority of the organizations function and we are going to assume that ours too does the same way.
Usually, this whole step is performed in a meeting. The project team and the Experts analyze each risk using the probability and impact definitions and then arrive at a risk rating.
Evaluation or assessment of risks is very subjective. The experts will be evaluating risks based on our projects risk tolerance as well as the probability & impact definitions provided to them. This information we (as project managers) provide these experts is extremely important because, without a proper understanding of our project as well as stakeholder risk tolerance, the experts can in no way perform good assessment. So, the onus is on us as project managers to understand stakeholder risk tolerance correctly and share that information with these risk experts so that they can utilize them effectively during risk analysis.
Not all risks will be assigned a rating. Only those risks that are high up in the probability & impact scales will be assigned a rating. The ones that are very low risk are usually moved into something called a “Watchlist”. These risks that are added to the watchlist are constantly monitored throughout the lifecycle of the project and will be taken up for re-assessment when its status changes. We put these low priority risks into the watchlist to ensure that we don’t totally forget them. If the status or key aspects of that low priority risk changes, we will typically re-assess it and assign a rating to that risk as well.
The Risk Ratings assigned in this technique will be used in the next technique in our list, “Probability & Impact Matrix” which we will be covering in the very next chapter.
Prev: Overview of Tools and Techniques for Qualitative Analysis
Next: Probability and Impact Matrix