Implementation of projects, especially if they relate to the development of software (SW) - obviously not a deterministic process. The novelty of the technology used the complexity
of jobs, lack of necessary skills for developers - because of these and many other factors, projects often do not go as planned.
One of the techniques that increase the likelihood of success in such conditions is the evaluation of potential risk. Traditionally, under the term risk management is understood the process for identifying and analyzing events and respond to them. The goal is to maximize the likelihood of positive events and their consequences and to minimize the probability and consequences of adverse events. However, quite often we are limited on working only with negative events.
Let me introduce some formal definitions and ways for evaluation of potential risk.
Risk - an event that can (if implemented) influence on the course of the project. Risks exist in all projects, but not always implemented. Realized risk, becomes a problem.
The impact or consequence of a risk - the impact of realized risk for the probabilities to perform certain components of the plan. Impact usually relates to cost, and to schedule and technical specifications of developed product. For example, in software development impact of risk can lead to the fact that the product will cease to satisfy the customer in full or even unusable.
The impact has often latent period - from the moment of manifestation of the risk until the resulting changes in the system. For the evaluation of potential risk, are commonly used standard units or qualitative scale (e.g. negligible, low, significant, large, and catastrophic). To work with a positive risk, you have to expand the scale appropriately.
The probability of risk is the likelihood that this risk will become a problem. It also applies a qualitative scale (negligible probability, low, and so on - up to very likely). However, you are allowed to use the numerical values (usually choose a set of typical values, for example, 0.1, 0.3, 0.5, 0.7, 0.9). It should be noted that the event that must necessarily happen, is not a risk, and actions required in connection with the take shall be determined in the normal course of planning and management, not risk management.
Risk Management – these are the procedures and actions that allow the manager to identify, evaluate, monitor and address risks before or during their transformation into a problem. It is desirable to identify the risks as early as possible and certainly before they become a problem (usually in this case, the action requires fewer resources).
After evaluation of potential risk, you have to make a decision about the response. The task of project manager - to choose actions that will reduce the likelihood of adverse events or mitigate its consequences in case of risk implementation. It is desirable that the consumption of resources was minimal.
Most commonly used strategy to combat the risk.
1. Avoid the risk. Reorganize the project so that it does not depend on the event, it means that the project should have minimal weak points. For example, in software development, you can eliminate dubious functionality. Unfortunately, it is rarely possible to satisfy the customer completely.
2. Forward risk. Contractor resorts to a kind of insurance - if the manifest risk of the customer assumes payment of additional work. In case of realization of such a risk Management Company undertakes to bring to the project has a number of employees.
3. Agree with the presence of risk. This does not mean that we should not do anything, but just wait passively for risk implementation. Agreeing with the presence of weak points you can take certain actions to reduce the likelihood of its manifestations, reducing its impact (e.g., to provide a system architecture that allows for the loss of productivity) or to develop a plan of alternative actions (e.g., switching to another DBMS), which will performed if the risk is realized.
Risk List - prioritized list of identified and monitored weak points. Priority is defined as the production probabilities on the magnitude of exposure (in arbitrary units).
