[MUSIC] Do you ever look at some of your peers and think that because it looks like nothing ever goes wrong on their projects, that they must be lucky? Maybe they aren't lucky. Maybe they're smart. They use risk management and that means that they are prepared for many of the things that come up as their teams work towards project completion. The purpose of project risk management is to minimize the likelihood or the impact of negative events or threats to your project. And to increase the likelihood or impact of positive events or opportunities so a positive risk is an opportunity and a negative risk is a threat. It's never to early to start thinking about what can happen to your project. Remember the charter, the project charter has a section for high level risks, you and your team will build on that information as the project progresses. You have also captured some high level assumptions. Facts you are counting on as you move forward with the project. These can potentially develop to risks. If you're assuming that this project is so important that it will use a projectized organization, that you're making your plans based upon the assumption. It's a good idea to note that if another type of project organization is used, the schedule and the budget will be impacted. In fact, you might capture a risk like this. If the project organization is any other than project ties then the schedule for planning this project will no longer be valid. Notice that the phrasing of this risk uses if this, then that? Team members will tell you there's a risk the project could be late or we might go over budget and they're right. But what you need to know is why do these risks exist? When you and a team go beyond saying, we could be late or we could be over budget. And you say something like if the human resources subject matter expert is not available to the project per the planned allocation of 80% then project deliverables will not be completed on time. Now you have captured why the risk exists and what could happen to the project and you're being specific. Now you know what the concern is and that's perfect because you want to work with the team to identify as many of these risks as possible. As you know, there are multiple reasons why the project could be late and you and the team want to note as many of these as possibly, as you can. There are quite a few ways for you and your team to identify risks. A brainstorming session can be very effective, it allows your team to discuss what they perceive as risks and it allows the group to work off of one another's ideas. You can often look at the risks faced by similar projects. You can even find risk taxonomies for types of projects within specific industries. A review of your work breakdown structure is another excellent way to identify risks. So look at the work packages and discuss the risks involved in completing the work. You might begin to feel like you and your team have identified too many risks. Don't let this overwhelm you, this is actually a good thing. Not every risk is really going to occur and that's okay. You and your team will analyze and prioritize the risks, so don't discourage anyone from mentioning a risk. What you do with this information is you capture the risk information in a risk register. And your register is your list or repository of risks that you and your team have identified. Initially, you capture this statement and some additional information about what will happen if this risk occurs? What is the impact? You want to build on this information as you analyze and prioritize your risk and then again as you define some risk responses. Here you are, your risk register is full of risks. You're wondering what are you supposed to do with this information? And what are you supposed to do about all of these risks? With your team, you consider the risks with an eye for which are most likely to occur and which ones are more impactful if they do occur. You can accomplish this by developing a rating scale for both impact and probability. Now sometimes probability is also referred to as likelihood, you might use numbers for example in impact which is extremely low, could be a one. And an impact that is extremely high could be a five, you could do something similar with likelihood. You can use guidelines to help determine whether or not a risk receives a very low or a very high rating. You're looking for this combination of impact and likelihood. This is frequently called exposure and can be calculated by multiplying the score of impact by the score of likelihood. When you have a risk with a high probability and a high likelihood, that's a risk you really focus on. The truth is that your organization and your stakeholders will have a certain tolerance level for risks. Some places only concern themselves with risks that have a high rating and some include risks that have a medium rating. How do you know if a risk is impactful or likely to occur? When you can conduct research that shows you clear data on your risk or when you can find data that shows this information about your risks. You take that into consideration, you and your team are also using your expertise to conclude the impact and likelihood of a risk. With your risks prioritize, it's time to consider how you will respond to the risks which have gained your attention. For our time together, we are focusing on risks that are threats, as opposed to opportunities. As this is the case, you are seeking to devise responses which makes the risks either less likely to happen or less impactful if they do occur. The responses you design might involve adding work to the project or changing the way in which the work will be completed. This could mean updates to the work breakdown structure or to the schedule and budget. Let's discuss some of the response strategies that you might use. You might accept the risk, this means you understand it could occur and you have a plan for what to do if it does occur. But you're not taking action to prevent the risk perhaps there's a risk that a key team member might leave. But you're not allowed to hire a replacement until that person gives notice. And there are responses you take in advance to try and prevent the risk from occurring. If you opt to avoid the risk, it means you're changing your plan so that you eliminate the risk. If you participate in outdoor construction work, you might simply not schedule projects during the rainy season. You opt to avoid the risk of the rain, well, at least during the known rainy season that is. If you transfer the risk, it mean you are making another party responsible. You are giving the ownership of the potential risk and the work associated with the risk. It doesn't mean the risk goes away, it means that you have transferred it to a party who should be more qualified to deal with it. If you mitigate the risk, you take action to make the risk less likely or less impactful. In a situation where your key team member might leave, you might take steps to ensure his or her happiness. You might begin to cross-train someone else so that if he or she does leave, you can continue to work. So now where is all this information captured? You put it in your risk register. Your risk register contains the risks, their ranking and your responses. Now you're not finished, as long as your project is ongoing, so is your risk management. You might have a bigger push while you are planning to come up with that initial set of risks but your risk management is never completed. Throughout the life of your project, you and your team are always identifying new risks and reassessing existing risks. [NOISE]
