The term ‘risk’ is defined in financial terms as ‘the chance that an investment’s actual return will be different than expected’. But in Project Management Body of Knowledge, project risks are defined as uncertain events that will have an effect on project objectives like scope, cost, schedule, quality etc. The impact can be positive as well as negative. Positive risks are called opportunities and negative risks are called threats. By this definition they are like two sides of a coin. Depending on the individual’s appetite for risk, one will view the same event as a threat or an opportunity. For example, making a mega blockbuster movie with Rajnikanth is an opportunity for Director Shankar. For others it is a threat. If you are a risk lover, you will sleep less but eat more and if you are risk averse you will probably sleep more but eat less.
Risk management is all about how quickly we recognize the risks (opportunities and threats) and respond. By the way, risks are known unknowns. We know something about those uncertain events and can do something in a proactive manner. If we are planning a trip to Munnar in March to avail an off-season discount, we know it is going to be colder and so we can carry extra sweaters. If it is an unknown unknown, all we can do is, keep some reserve money and buffer time to tackle the issues when they occur. But risk management is to analyze the known unknowns, i.e judge the probability of the event occurring and the impact if it occurs, prioritize them and respond to the top risks such that the probability or impact of the event is minimized (or maximized if it is an opportunity).
One of the key responsibilities of a project manager is managing risks in the project. It is learning from past experience and managing uncertain events such that their impact on the project objectives is positive. But who can identify the risks in a project? Is it the project manager alone? Many a time project managers are tempted to come up with a list of risks from their past experience (just before the audit!). It is not a bad practice. The project manager has been there and done that in the past. But it will be very helpful to talk to more people who have been there and done that. So risk identification should involve interviewing experts, brainstorming with team leads, reviewing more documents prepared by other stakeholders along with the planning documents prepared by the PM etc. Most risks can be responded to, if they are exposed and articulated clearly as a statement detailing the cause and consequence. Project managers can involve more people in responding to the risk also by making the appropriate SME the risk owner.
Contrary to popular belief, risk management is not for the PM alone. We do it all the time. If it is cloudy, we carry an umbrella. If it is cloudy and we are on the way to an important meeting, we take an umbrella and also go by taxi. Our response is based on the risk exposure (which is a product of the probability and impact of the risk). But do we do that for our projects? If we align better with the project objectives, we will do more towards risk management even if our roles don’t demand it.
ganapathy ms academy , MS Academy , risk management