Risk management can be a deep, cavernous and potentially career-limiting endeavour if not properly planned. Unfortunately, project managers often approach risk in a purely one-dimensional fashion, without considering many essential components such as the company risk climate, the project’s strategic fit, key player and stakeholder involvement and buy-in. Ensuring risk ownership, addressing supply-chain concerns and utilising applicable lessons learned and historical documentation from previous projects will greatly reduce project management plan updates and the havoc of risks on your initiative.
Step 1—Understand Company Risk Climate
This is somewhat akin to a writer’s need to understand his or her audience. There are companies that seem to simply thrive on responding to situations as they arise as opposed to doing anything pre-emptive. This could be because there are project managers at these companies who have honed their reactionary skills into Ninja-like firefighting weapons. In these environments reactionary heroism is praised and the very mention of risks or “bad things” that could happen is discouraged. Conversely, more risk “evolved” companies have woven risk ownership, management and governance into their organisational fabric. Having a complete understanding of where the company fits on this continuum is the first step in planning an appropriate risk management approach and to becoming a Risk Superhero.
Step 2—Understand Your Project’s Strategic Fit
Projects are either initiated from within silos and in reaction to specific business needs or as part of a planned set of projects under a programme umbrella. Regardless of which is the case, in order to create an effective risk strategy, managers must be aware of the existence of success criteria and constraints and those of neighbouring projects. Without this insight, one is indeed blind as to whether the project is moving in the right direction to meet overall business goals, or simply speeding toward a collision with a neighbouring project. Understanding the strategic fit equips the informed project manager with insights on potential risk events as well as their potential impact. With understanding of risk continuum position and foresight regarding strategic fit, you don’t have to rely on reactive heroics to keep items from colliding.
Step 3—Ensure the Right Players and Stakeholders Are Engaged
It is important to be aware of the broad spectrum of possible risks. Certainly, the aforementioned investment in strategic fit will pay dividends here as knowledge of business dependencies, predecessors and successor projects will flesh out risks. Engagement of resources and stakeholders across multiple lines of business is beneficial as well, as multiple varieties of project risk exist within seemingly one-dimensional projects. Your project may seem highly technical on the surface, but many non-technical risks could adversely affect its success. In this case, not having the right players and stakeholders at the table could mean a very lopsided view of risks. Thoroughly review your stakeholder list to make sure you’ve accounted for key individuals and groups, as well as who is counting on the project to succeed and who might benefit from its failure.
Step 4—Secure Buy-In From Key Players and Stakeholders
With an understanding of risk continuum position, strategic fit and with the right players in place, you’ll be well positioned to articulate your strategy and secure stakeholder buy-in. Regardless of your company’s position on the continuum, the following approach is recommended:
1. Always utilise relevant fact-based risk events. This will be particularly important in reaching the risk-heroes and reactionary managers mentioned earlier, as it’s difficult to argue against facts.
2. Reference historically similar risks, approaches and cost savings. Stress the importance of early action and determine the opposing “cost of waiting” for the risk event to materialise. These costs could be financial, resource related, etc. Consider previous strategies employed (accept, mitigate, avoid, transfer, etc.).
3. Explain how your risk approach is designed to work and exactly what it is designed to do (be agile, relevant, easy, fact based).
Step 5—Consider Supply and Demand Issues
How many times have supply-chain issues derailed your “well-thought-out” project? The point here is to consider each of the “pain points” in your supply chain when crafting your risk management plan. Supply-chain disruptions and issues can significantly derail your projects, not to mention impact revenue and market share and damage the credibility of your company.
Step 6—Establish Clear Risk Ownership
It’s simply not enough to conduct a one-time session to identify risks, determine their probability, impact and response strategy. Someone needs to continually monitor each risk to determine changes to its probability and overall impact. This is particularly relevant in cases where a follow-on project requires completion of specific deliverables to enable the successor project to initiate.
Ownership and accountability need to be distributed across the project team and not be solely the responsibility of the project manager. Creating an atmosphere of risk ownership and accountability is a necessary step in organisational risk awareness and evolution. Individual risk events identified must have individual owners. Risk-evolved companies do not rely on siloed heroics, but on more integrated, strategic and proactive measures. Communicate to the team where the project fits, where it’s headed and ask them about opportunities that may be capitalised on as well.
Step 7—Utilise Risk Lessons Learned and Historical Documentation
Project risk lessons learned are invaluable sources of information and should be utilised whenever possible. Make use of all applicable risk-registers, plans and historical data as well. Change records for similar projects can be wonderful sources of information too.
Following each of the aforementioned steps will demonstrate to your team and stakeholders that you’ve done your homework and refuse to resort to reactionary heroics. These strategic due-diligence steps will enable an informed, educated and timely approach to risk and position you as a company Risk Superhero.
photo credit: JD Hancock