I fear that many project managers live by the letter of the law and may fail to gain the true benefits of risk management. These individuals are too concerned with checking boxes and making the risk management processes overly complex. Let’s look at some common mistakes and how to overcome them.
1. Thou shalt not make risk management complicated.
Every project is different. Wise project managers tailor their risk management plan to each project. Pick only the necessary inputs and tools and techniques. And speak in a manner that your sponsor, project team, and stakeholders understand. If you wish to introduce new terms (e.g., risk attitude, risk tolerance, Monte Carlo), be sure to define them.
2. Thou shalt not create a risk register longer than War and Peace.
Some project managers think they should identify every possible risk which can go on for eternity. Be pragmatic—identify the significant risks.
3. Thou shalt not forget your project objectives.
Heck, we can get so bogged down in the risk management minutia that we forget what matters—the project objectives. Risk management performed without a focus on the project objectives is a waste of time.
4. Thou shalt not forget your project stakeholders.
One of the best things that you can do early in your projects is to identify and analyze your stakeholders—individuals, groups, and organizations that may affect or be affected by your project. Forget these people and you will pay the piper later in your projects. Powerful stakeholders can negatively impact your projects at the worst times, particularly when you ignore them.
5. Thou shalt not forsake the risk reviews.
You are more likely to deliver results when you consistently perform risk reviews. Why? Because your risks change over time. Too many project managers identify risks early in their projects and never return to review current risks, identify new risks, and determine if their risk responses are actually working.
6. Thou shalt not own all the risks.
If I looked at your risk register, would I see your name as the risk owner for the majority of the risks? If so, why? When you and your team identify a risk, always ask, “Who has the knowledge and skills to develop a risk response plan and monitor the risk?” Ask that individual to own the risk.
7. Thou shalt not fail to prioritize your risks.
Imagine that you’ve identified 37 risks. Which ones will you respond to? When developing your risk management plan, determine how you will analyze and prioritize your risks.
8. Thou shalt not quantify risks in all of your projects.
You should always perform qualitative risk analysis. However, quantitative risk analysis—which requires more time and effort is not always required. Only perform the quantitative risk analysis if you need additional details to make project decisions.
9. Thou shalt identify opportunities.
Don’t forget the opportunities—those uncertain events or conditions that can result in positive impacts to your project. Work with your team to exploit and enhance these situations to advance your projects.
10. Thou shalt categorize your risks.
Where are your greatest risk exposures? Categorize your risks. For example, you could simply use the categories of schedule, cost, quality, and scope. For each risk, identify the category in your risk register. Once done, you can analyze the register. If 80% of your risks are schedule related, you know where you need to focus.
Join the 21 Day Challenge
Receive daily emails--learn to identify, evaluate, respond to, and control project risks.
Spend five minutes per day for 21 days--discover practical risk management techniques that can help you turn uncertainty into success!