If engaged in combat with enemy forces, we want every available tool to ensure safety and a successful mission.
Imagine watching an aircraft radar system. When we first see enemy aircraft, we know there is potential harm. We have risk – we may experience an airstrike resulting in damage to buildings, contents, and harm to people.
Now imagine the aircraft firing and striking a strategic site. At the point of the strike occurs there is no longer uncertainty about the threat. The event has occurred resulting in negative effects. We no longer have a risk – we have an issue or problem.
Let’s further explore the differences between risks and issues and understand why it matters.
What is Risk?
The Project Management Body of Knowledge (PMBOK) defines risk as, “An uncertain event or condition that, if occurs, has a positive or negative effect on one or more project objectives.” In the analogy above, we had an uncertain event of a potential airstrike. The uncertainty concerns the risk, not necessarily the cause.
Here is another example:
- Cause: Lack of requirements validation
- Risk: Project team may not meet the user’s needs
- Impact: Will be more costly and take longer to correct
Let’s assume a project team decides to skip the requirements validation. The cause is certain, but the risk remains uncertain. Why? There may be lots of requirements defects or none.
What is an Issue?
When a threat occurs, it becomes an issue or problem. When an opportunity occurs, it becomes a benefit. The problem or benefit is certain.
Why Does It Matter?
Are we splitting hairs? The distinction between risks and issues matters for a few reasons.
- Proactive Management Saves Time. “An ounce of prevention is worth a pound of cure.” Project managers should manage risks proactively. PMs will save valuable time through prevention. As often noted, PMs can eliminate up to 90% of threats through risk management.
- Provides a Measure of Management Effectiveness. If a PM is experiencing many issues, it may be a sign that the PM did not do an adequate job of planning. Tracking risks separately from issues allows the PM to determine the effectiveness of the planning and make adjustments as needed.
- Different Type Response. Where we may have previously been mitigating or preventing a threat, issues require a different response. Issues require corrective action to bring the performance of the project in alignment with the project management plan. Unknown risks or risks accepted passively require workarounds.
Other Terms – Assumptions and Constraints
While we are on this topic, let’s clarify two other terms – assumptions and constraints.
- Assumptions. Assumptions are “a factor in the planning process that is considered to be true, real, or certain, without proof or demonstration” according to the PMBOK. Assumptions may be a source of risks. Be sure to perform an assumption analysis periodically to validate assumptions.
- Constraints. A constraint is “a limiting factor that affects the execution of a project, program, portfolio, or process.” Constraints such as a budget or schedule constraints are factual. The PM must continually consider these defined limits when managing risks, particularly when planning risk responses.
Question: Do you know project managers who spend most of their time curing problems rather than managing their project? Why do some PMs fail to proactively reduce threats and the loss of benefits?