What is project risk management? If defined, project risk management is a systematic process that includes planning, identifying, analyzing, and responding to project risks. According to Lavanya and Malarvizhi (2008) in PMI, risk management is an important project management practice to minimize unexpected panic during the project.
Not without purpose, project risk management is carried out to increase positive opportunities and minimize negative or detrimental opportunities that may actually occur in our projects. Not only negative, the risks themselves are categorized as positive, where these positive risks are also often called opportunities. The response handling for the types of positive and negative risks is certainly different, and this must be prepared properly through project risk management.
In its application, project risk management has various processes that must be passed. Starting from the stages of planning, identification, qualitative and quantitative analysis, risk response planning, control, to monitoring.
Risk management has an important role in project success. Through good project risk management, we can identify the strengths, weaknesses, opportunities, and threats (SWOT) in our projects. In addition, there are several other reasons why risk management is important for a project:
- Help us avoid big, uncontrollable problems in the future.
- Help us find new profitable opportunities (positive risk).
- Increase the sense of responsibility and the value of accountability.
- Optimizing project budgets due to more controlled expenses.
- Increase the chances of project success
1. Risk Identification From the Beginning
From the very beginning of the project, it is highly recommended to identify the project risks. To identify project risks, try to find answers to these questions:
-What is the list of possible project risks and how are they categorized?
-Is your team experienced in dealing with these risks?
-Are you sure all project risk opportunities have been identified?
-Who is responsible for this risk?
2. Communicate Risks With All Project Stakeholders
Everyone who plays an important role in your project (project stakeholders) has the right to know all project risks that may arise. Therefore, hold a meeting with all project stakeholders to discuss this risk. This will make some vital stakeholders, such as sponsors for example, not be surprised if in the future this risk occurs. Also make sure they provide answers or decisions in response to the most important risks that your internal team cannot handle alone.
3. Consider Positive Risks and Negative Risks
In project risk management, there are at least two types of risk categories. There are positive risks which are also known as opportunities, as well as negative risks such as weaknesses and threats. Good or bad we have to consider their existence.
4. Create a Priority Scale
The impact and probability of the risks we find will certainly vary. Therefore, it is important for us to prioritize these risks. This will help us avoid exhausting ourselves on risks that are not truly impactful or high priority. Meanwhile, risks that actually have a high priority are left in the queue and can cause bigger problems in the future.
To help us determine this priority scale, we can try to create an evaluation instrument or tool to categorize and measure the impact of the risks found. This process will ultimately help the team to better manage and respond to risks in the future.
5. Do a Risk Assessment Before Trying To Solve It
Usually, when we have identified the project risks, the desire to move to the problem-solving stage will immediately arise. But before that, find the root cause or cause of the identified risk first.
Why is that? the goal is to find out the rate at which the layers appear. Is it still at the individual level, or far above it. Some of the things that must be answered at this stage are the causes of the identified risks and their impact on the project.
6. Plan the Right Risk Response
It is not impossible that there is no quick solution to eliminate or reduce all project risks that arise. Some risks may have to be managed strategically over the long term. This makes us have to make a plan to respond so that risk can be controlled
Our risk response plan should include the following:
– Description and assessment of identified risks
– Description of response or action to reduce risk
– Project risk owner
– Committed risk completion deadlines
7. Plan Countermeasures
After identifying and developing a response plan for possible risks, the next step is to develop preventive actions. At this stage, the team must develop appropriate countermeasures to minimize the chance of these risks occurring. We can break it down in the form of tasks or activities that must be done during the project.
8. Prepare an Emergency Plan
Imagine if one or more project risks occurred suddenly and required it to be managed as a crisis, it would be a nightmare, right? Therefore, at a later stage you can also make contingency plans for any risks found. This will help you a lot if this risk really occurs in an urgent situation or suddenly.
9. Risk Efficiency Measurement
Risk Matrix (Risk Metrics)
Risk efficiency can be measured through the following questions:
– How does the number of risks that occur with the identified risks compare?
– Is the impact of the risk as bad as expected?
– How much risk of recurrence?
– How does the actual risk that occurs differ from the risk that has been anticipated?
Risk Audit (Risk Audit)
Risk audit activity is an analysis from experts that is used as a recommendation to improve the effectiveness of risk management in the company. This activity will evaluate things like:
– Top 10 risks in companies that require special attention
– Potential additional risks identified
– Risk-prone areas in the project
– and others.
10. Risk Monitoring and Control
At this final stage, the activities we can do to manage risk are:
-Identify new risks and plan for them
-Track existing risks to check whether a risk reassessment is necessary, whether each risk has a trigger, the likelihood of the risk becoming worse over time, and the likelihood of remaining risk requiring a long-term approach
-Reclassification of risks to review risks that cannot be resolved.
– Risk reporting that must be updated. Both from the list of risks found, to the response to each of these risks. This project risk register is the primary risk reporting tool and is available on a central project server and accessible to all project stakeholders.