Plan Risk Responses (strategies ) in project management is the process of coming up with options, picking strategies, and agreeing on what to do to deal with both individual project risks and the general project risk exposure and then implement risk response . This process is most useful because it helps find good ways to deal with both overall project risk and specific project risks. It also assigns resources and adds tasks to project documents and the project management plan as needed during this process. The project as a whole goes through this process. Below is a picture of the process’s inputs, tools and methods, and outputs.
Using the right and most effective risk responses can lower the overall project risk exposure while also maximizing individual opportunities and minimizing individual dangers. The opposite result can happen when people don’t deal with risks properly. Following the identification, analysis, and ranking of risks, the person responsible for risk should make plans for how to deal with each and every project risk that the project team thinks is sufficiently important, either because it threatens the project goals or because it presents a chance. The project manager should also think about what to do about the current amount of risk in the project as a whole.
Risk response strategies in project management should be suitable for how big the risk is, cost-effective, realistic for the project, agreed upon by everyone, and owned by the person who is responsible for them. It is often necessary to choose the best risk response from a number of choices. With each risk, you should choose the plan or set of strategies that has the best chance of working. You can use structured decision-making methods to figure out the best way to respond. It might be best to use a mathematical optimization model or a real options analysis for big or complicated projects so that you can do a more thorough economic analysis of different risk response strategies.
Plan Risk Responses: Inputs
Project Management Plan
The following are some of the parts of a project management plan:
Resource management plan
The resource management plan helps figure out how the resources set aside for agreed-upon risk solutions will work with other resources on the project.
Risk management plan
In this process, risk management Roles and responsibilities and risk thresholds are used.
Cost baseline
The cost baseline includes details about the contingency fund that is set aside to deal with risks.
Project Documents
It’s possible to use the following project documents as inputs for risk response strategies in project management :
- Lessons learned register
- Project schedule
- Project team assignments
- Resource calendars
- Risk register
- Risk report
- Stakeholder register
Enterprise Environmental Factors
The Enterprise environment can affect the Plan Risk Responses process in many ways, such as through the risk appetite and thresholds of key stakeholders.
Organizational Process Assets
Templates for the risk management plan, the risk register, and the risk report are just a few of the organizational process assets that can affect the Plan Risk Responses process. Other assets include historical records and repository for lessons learned from similar projects.
Plan Risk Responses: Tools And Techniques
Expert Judgment
You should talk to people or groups that are experts in threat response strategies, opportunity response strategies, contingent response strategies, and overall project risk response strategies.
In cases where specialized technical knowledge is needed, for example, people with specific subject matter experience may be asked for their opinion on a certain project risk.
Data Gathering
You can use interviews and other methods such as focus groups in getting information for this process. Structured or semi-structured interviews with risk owners can help you come up with ways to deal with both specific project risks and general project risks. It’s possible to talk to other important people as well, if needed. To get people to make honest and fair choices, the interviewer should create an atmosphere of trust and privacy during the interview.
Interpersonal And Team Skills
Facilitation is one example of an interpersonal and team skill that can be used in risk response strategies in project management . Facilitation makes coming up with solutions to individual project risks and total project risks more effective. With the help of a skilled guide, risk owners can better understand the risk, come up with and compare different possible risk response strategies, pick the best response strategy, and find and get rid of sources of bias.
Strategies For Threats
Here are five distinct strategies to deal with threats that you might want to think about :
Escalate
It’s okay to escalate when everyone on the project team or the project sponsor agrees that a threat is outside the project’s scope or that the suggested response would be too much for the project manager to handle. You don’t manage escalated risks at the project level; instead, you do it at the program level, the portfolio level, or some other relevant part of the company.
The project manager decides who needs to know about the threat and tells that person or part of the company what’s going on. It’s important that the right person in the company takes responsibility for threats that get worse. Threats are usually raised to the level that meets the goals that would be lost if the threat came true. After an increase, the project team doesn’t keep an eye on the threat anymore, but they may write it down in the risk register just in case.
Avoid
The project team avoids risk when they take steps to get rid of the threat or keep the project safe from its effects. It might work for high-priority threats that have a big chance of happening and will cause a lot of damage. To avoid a threat, you might have to change some part of the project management plan or the goal that is at risk so that the threat doesn’t exist at all, making it impossible for it to happen. The person who owns the risk may also take steps to keep the project goals separate from the risk’s effects if they happen. Taking away the source of a danger, extending the schedule, changing the project strategy, or lowering the scope are all examples of avoidance actions. You can avoid some risks by making sure you understand the standards, getting information, communicating better, or learning new skills.
Transfer
Transferring a threat means giving it to a third party so that they can handle the risk and take responsibility if the threat comes true. Risk transfer usually involves giving the person who is taking on the threat money to cover their losses. You can transfer something in a number of ways, such as through insurance, performance bonds, warranties, pledges, and so on. You can give someone else ownership and responsibility for certain dangers through an agreement.
Mitigate
Risk reduction means taking steps to lower the chance that a threat will happen and/or its effects. Taking steps to reduce the danger early on is often more effective than trying to fix the damage after it’s happened. Some examples of prevention actions are using simpler processes, running more tests, or picking a seller with a better track record. One way to lower the risk of growing up from a bench-scale model of a process or product is to make a prototype. If it’s not possible to lower the chance of something happening, a mitigation reaction might lower the effect by going after the things that make it worse. For example, building resilience into a system might lessen the damage if the first part fails.
Accept
Risk acceptance means that you are aware of a threat, but you don’t do anything about it. People may use this approach for low-priority threats or when they can’t or can’t afford any other way to deal with a threat. There are two kinds of acceptance: active and passive. Putting together a reserve of time, money, or resources to deal with the threat if it happens is the most common active acceptance approach. Passive acceptance means not doing anything, other than checking in on the threat every so often to make sure it doesn’t change a lot.
Strategies For Opportunities
If you want to take advantage of chances for risk response strategies in project management , here are five other options:
Escalate
This risk response strategy works when everyone on the project team or the project sponsor agrees that a chance is outside the project’s scope or that the project manager doesn’t have the power to carry out the proposed response. You don’t manage escalated opportunities at the project level; instead, you do it at the program level, the portfolio level, or some other relevant part of the company. The project manager figures out who needs to know about the chance and tells that person or part of the company about it. It’s important that the right person in the company takes responsibility for opportunities that have grown.
Opportunities are usually taken to the level that matches the goals that would be affected by the chance. The project team doesn’t keep an eye on escalated chances after they’ve been escalated, but they may be written down in the risk register for future reference.
Exploit
When an organization really wants to make sure that a high-priority chance comes up, they may choose the exploit strategy. This approach tries to get the benefit of a certain chance by making sure it will definitely happen, which raises the chance of it happening to 100%. Assigning the job to an organization’s smartest workers to cut down on the time it takes to finish or using new technologies or upgrades to technologies to cut down on cost and time are both examples of exploiting responses.
Share
Giving someone else the right to a chance means letting them share some of the benefits if the opportunity comes up. When someone takes over a shared chance, it’s important to pick them carefully so they can make the most of it for the project. When people share risks, they often pay the person who is taking on the risk a risk premium. Creating risk-sharing partnerships, teams, special-purpose companies, or joint ventures are all examples of activities that involve sharing.
Enhance
You can use the enhance approach to make a chance more likely to happen or to have a bigger effect. Improving the benefit before the chance comes up is often more effective than trying to do it after the fact. Putting your attention on what causes a chance may make it more likely to happen. If it’s not possible to raise the chance of something happening, an enhancement reaction might raise the effect by focusing on factors that determine how big the possible benefit is. A good example of improving opportunities is making a task easier to finish early by adding more resources.
Accept
Accepting a chance means that you are aware of it, but you don’t do anything about it. This approach could work for low-priority opportunities or when there is no other way to handle the opportunity that is both possible and cost-effective. There are two kinds of acceptance: active and passive. Setting aside time, money, or other resources to take advantage of the chance if it comes up is the most common way to actively accept an offer. Passive acceptance means not doing anything, other than checking the chance every so often to make sure it doesn’t change a lot.
Contingent Response Strategies
To use some responses, certain things must first happen. When there are certain risks, it may be best for the project team to come up with a reaction plan that will only be used under certain conditions, if they think they will have enough time to put the plan into action. It’s important to set and keep track of the events that set off the contingency reaction, like missing intermediate milestones or becoming more important to a seller. For risk solutions found using this method, which are also known as fallback or contingency plans, there are known events that cause the plans to go into action.
Strategies For Overall Project Risk
Risk responses should be planned and put in place for both specific project risks and the general project risk. As with individual project risks, the same risk response techniques can be used for project risk as a whole:
Avoid
Avoiding a project may be the best option when the general risk level is very low and not within the acceptable risk limits for the project. This means taking specific steps to restore the project to within the acceptable range and lessen the negative impact of doubt on the whole project. Taking out high-risk parts of the project’s scope would be an example of avoiding something at the project level. If it’s not possible to get the job back within the limits, it might be skipped. At this level, you should only avoid risks if the overall level of threat is and will stay unacceptable.
Exploit
People may use an exploit strategy when the general project risk is very high and above the agreed-upon risk levels for the project. To do this, you need to take focused action to make the most of the good effects of uncertainty on the project as a whole. Adding high-benefit parts of the project’s scope to give stakeholders more value or benefits would be an example of exploiting at the general project level. On the other hand, the project’s risk thresholds could be changed with the agreement of key partners to take advantage of the chance.
Transfer/share
There may be a third party involved to manage the risk for the organization if the general project risk is high and the organization is unable to deal with it effectively. When the overall risk of a project is negative, you need a transfer plan, which could mean paying a risk premium. People may share ownership of a project if the overall risk is high and good so that everyone can gain. There are both transfer and share strategies for overall project risk. Some examples are starting a joint venture or special-purpose company, setting up a collaborative business structure where the buyer and the seller share the overall project risk, and hiring someone else to do key parts of the project.
Mitigate/enhance
Changing the overall project risk is part of these strategies to improve the chances of meeting the project’s goals. Reducing the general project risk is what the mitigation strategy is for, and increasing it is what the enhancement strategy is for. Some examples of tactics for reducing or improving problems are replanning the project, changing its boundaries and scope, shifting its priority, shifting its resources, changing its delivery dates, and so on.
Accept
If the organization can’t come up with a creative way to deal with the overall project risk, they may decide to go ahead with the project as planned, even if the overall project risk is higher than the acceptable levels. There are two kinds of acceptance: active and passive. Active acceptance usually means setting aside a certain amount of time, money, or resources for the project in case it goes over its limits. Passive acceptance means not doing anything, except checking the general project risk level from time to time to make sure it doesn’t change in a big way.
Data analysis
You could think about a number of different ways to deal with risks. If you want to choose the best risk response plan, you can use data analysis techniques like the ones below :
Alternatives analysis
It’s easy to figure out which risk response strategies in project management is best by comparing the features and needs of different choices.
Cost-benefit analysis
If you can figure out how much a certain project risk will cost, you can use cost-benefit analysis to compare how cost-effective different risk response methods are. You can find out how cost-effective a response plan is by dividing the change in impact level by the cost of implementation. A higher ratio means the response worked better.
Decision Making
There are many ways to make decisions when choosing a risk response plan. One example is multicriteria decision analysis. You might be thinking about one or more ways to deal with risks. Techniques for making decisions can help you decide which risk response tactics to use first. Using a decision matrix, multicriteria decision analysis gives you a structured way to set important decision criteria, evaluate and rank options, and choose the best one.
Risk response choices may be based on a number of factors, such as the cost of the response, how likely it is to change the likelihood and/or impact of the risk, the availability of resources, time constraints (such as urgency, proximity, and dormancy), the level of impact if the risk occurs, the effect of the response on related risks, the introduction of secondary risks, and so on. Options for new methods may be considered later on in the project if the first one doesn’t work.
Plan Risk Responses: Outputs
Change Requests
It’s possible that the planned responses to risks will lead to a request to change the cost and schedule baselines or other parts of the project management plan. The Perform Integrated Change Control method takes change requests and reviews and decides what to do with them.
Project Management Plan Updates
People in the company have to fill out a change request for any changes they want to make to the project management plan. The following parts of the project management plan may need a change request:
Schedule management plan
It includes changes to the schedule management plan, like new ways to load and level resources, or changes to the schedule strategy.
Cost management plan
It includes changes to the cost management plan, like how costs are tracked, recorded, and reported, as well as changes to the budget strategy and how emergency funds are used.
Quality management plan
It includes changes to the quality management plan, like new ways of meeting standards, managing quality, or checking quality.
Resource management plan
There are improvements to the resource strategy and changes to the resource management plan, such as changes to how resources are allocated.
Procurement management plan
There are changes made to the procurement management plan, like changing the make-or-buy choice or the type(s) of contracts that will be used.
Scope baseline
You can make changes to the scope baseline in reaction to approved changes in scope that may come up because of agreed-upon risk responses.
Schedule baseline
We make changes to the schedule baseline when accepted changes in the schedule estimates happen because of agreed-upon risk responses.
Cost baseline
We make changes to the cost baseline when accepted changes happen in cost estimates that come up because of agreed-upon risk responses.
Project Documents Updates
Because of this method, project documents like, but aren’t limited to, the following may be updated:
Assumption log
The Plan risk response strategies in project management process can lead to the discovery of new assumptions and constraints, as well as the revisiting and changing of current assumptions or constraints. Include this new information in the assumption log.
Cost forecasts
Planned responses to risks could cause cost estimates to change.
Lessons learned register
There is new information in the lessons learned register about how to deal with risks that could be useful for later stages of the project or for other projects in the future.
Project schedule
The project plan could include activities related to agreed-upon ways to deal with risks.
Project team assignments
Once the risk response strategies in project management have been set in stone, the resources needed for each step in a risk response plan should be made available. These resources include qualified and experienced people to carry out the agreed-upon action (usually within the project team), a clear budget and time frame for the action, and any technology tools needed to finish the action.
Risk register
When the right risk responses are picked and agreed upon, the risk register is updated. In addition to the things listed below, changes to the risk record may also include:
- agreed-upon methods to respond;
- Details on how to carry out the chosen response plan;
- Set off conditions, indicators, and warning signs of something that could go wrong;
- Plan and budget for the tasks that need to be done to carry out the chosen answers;
- Risk triggers and contingencies that tell you when to use them;
- There should be backup plans for when a risk has happened and the main reaction doesn’t work.
Risk report
It’s possible to add agreed-upon responses to the current overall project risk exposure and high-priority risks to the risk report. This report could also include expected changes that will happen as a result of putting these responses into action.
References :