HOW TO IDENTIFY PROJECT RISKS?

It only make logical sense for a rational person to know what is good and what is not.  As the saying goes, if you fail to identify a risk, you will not be able to manage it.

Any unknown good or possible bad event would be called uncertainties, and I am sure you are familiar with risk preparation strategies such as:

• Saving for old age.
• Exercise and eating balance diet for health.
• Careful driving to avoid road accident.
• Careful talk to avoid hurting other people feeling.

The same personal preparation we make in our daily life, also applies in a more formal way for managing projects. 

Unknown risks means dangers waiting to happen, causing delay, cost increase, poor quality works and consequences which you are not prepared to face.  With that, you would want to know:

1. Which risk might be most destructive.
2. What is the characteristics of the risks.
3. How to respond to the risks.

A. WHAT GOES INTO IDENTIFYING RISKS?

Key input or documents that you need to go through include the following:

1. The risk management plan
2. The project management plan
3. Project scope statement

In addition, you would also want to consider the following:

1. Enterprise environmental factors.

• Academic and industry studies, benchmarking, and commercial databases.

2. Organizational process assets.

• Information from previous projects and lessons learned.

3. Project scope baseline.

• Assumptions in the project scope statement for sources of uncertainty.
• Constraints such as hard deadlines and fixed cost.
• The WBS levels of hierarchy.

4. Management plans.

• Cost management plan, schedule management plan, and quality management plan.
• Risk management plan items :
  • Risk categories
  • Roles and responsibilities
  • Budget and schedules for risk management activities.

5. Estimates.

• Cost estimates and activity duration estimates.

6. Stakeholder register.

• Stakeholders who can give useful input to identifying risks.

A simple Checklist is a valuable tool to continuously update and improve risk management practice for the current and also future projects.

1. Checklist Analysis.

• A checklists in a timesavers tool as projects often have similarities.
• You can develop a risk identification checklist based on previous project.
• The lowest level of a RBS can also be used as a checklist.

2. Assumptions Analysis.

• Assumptions represent uncertainty.
• Assumptions analysis is used to examine the validity, inaccuracies, inconsistencies, or incompleteness of each assumption.
• For example:
  • Assume that a team member has a rare crucial skill.
  • It is assume that the person would be available for the project.
  • A risk would be any inaccuracy of such assumption.

3. Diagramming Techniques.

• These techniques use diagrams to identify risks by exposing and exploring the risks’ causes. Here are a few examples:

A. Cause-And-Effect Diagram.

• A cause-and-effect diagram illustrates how various factors (causes) can be linked to potential problems (effects).

B. Flowchart Diagram.

• How the elements of a project are related to each other and the logical flow of a process.
• Identify the points of potential problems.

C. Influence Diagram.

• Shows relationships among various variables and outcomes.
• Make it easier to recognize potential problem areas and risks.

4. Documentation Reviews.

• Relevant parts of project scope statement, project management plan and the knowledge base from the previous projects.

1. Brainstorming.

• To get a comprehensive list of potential risks from project team, and experts from relevant fields.
• Brainstorming is best performed a facilitator using categories of risks or the RBS as a framework to maintain a issue focus session.

2. Delphi Technique.

• To ensure non bias opinion and emphasis on quality of the information and the argument while ignoring who provide the information.
• A facilitator circulates a questionnaire to solicit ideas about risks for anonymous response.
• Responses are circulated for further evaluation without attaching a name to a response.
• It usually take a few iterations before a general consensus is reached.

3. Interviewing.

• A common methods for risk identification information among selected stakeholders and subject matter experts.

4. Root Cause Identification.

• Look for anything in the project that might cause a risk.
• If you know what cause of a risk, you can better plan an effective response.

5. SWOT Analysis.

• You examine the strengths, weaknesses, opportunities, and threats (SWOT) to expose risks involved.
• SWOT analysis looks at the potential impacts of the risks.
• For example:
  • A strength = Most of the project parts are similar past completed projects.
  • A weakness = One of the parts involves new technology that is not well tested.
  • An opportunity = Project to operate more efficient than previous.
  • Threat = A propose change in law that may cause big changes to the scope of project.

1. List of risks.
2. Causes of the risks.
3. Possible responses to the risks.

The next step would be use the list and start to update the Risk Register.