Control Risks – PMBOK Risk Management
PMBOK Control Risks is an on-going process throughout the project, and it is important that you continuously identify, analyse, and respond to risks.
This will include regular reassessment of existing risks as well as identifying new risks.
In exactly the same way as risks were originally managed, you should continue the cycle of identifying, analyzing, and responding to new and existing risks.
The process of Control Risks is:
- Tracking existing risks
- Monitoring residual risks
- Identifying new risks (using the Identify Risks Process)
- Implementing risk response plans (using the Plan risk responses process)
- Evaluating risk process effectiveness continuously
During project execution, new and regular information will be available mainly in the form of the team status report. These will be used when the project manager prepares a performance report for the sponsor.
The project manager needs to be proactive in terms of Control Risks, and keep a weather eye out for potential new risks that may be emerging. The key data used for this are work performance measurements and work performance information.
The project manager will be continually engage in taking was corrected and repetitive actions for new and existing risks, and all of these must be entered into the changing management process as a change request.
PMBOK Control Risks – The main monitor and control risks outputs are:
Updating the PMBOK risk register.
After any risk reassessment, new risks should be added along with their analysis and response strategies. Existing risks may need to be updated, as well as closing down any risks that did not and will not occur. I cover this further below.
The PMBOK risk management plan.
As a result of experience gained during the project the risk management plan may needs to be updated to reflect the PMBOK risk management strategy for the remainder of the project.
Others documents that may need changing for the remainder of the project and need to be updated as a result of the project risk environment are organisational process assets and lessons learned plus as a result of any risk audits.
Let us now look at the inputs that are used to control risks within your project:
The PMBOK risk register.
This summarizes the total identified risks for this project, and the following list are the main attributes (but not all of them) captured for each risk:
- Risk description
- Risk score
- Chosen response
- Risk owner
- The revised in fact, probability and score
The risk register is a great source of information on the current status of project risks and to recognize when new risks need to be added.
For each risk, the Perform qualitative risk analysis process and the Perform quantitative risk analysis process are carried out.
Work performance information.
The actual and forecast information here provides evidence and clues to help Control Risks.
The status of work effort and progress, work still remaining, activity actual start and finish dates, actual and the remaining costs.
A key source used to monitor and control PMBOK risk within the work performance information is the status on corrective and preventative actions that have been taken and the status of any defect repairs.
PMBOK Control Risks – Performance reports.
These have some overlapping information with regards to the above work performance, but here are the key differences and value in helping to monitor and control risks:
- Earned Value metrics such as schedule, costs, and work performance, variances, forecasts and indexes.
- The reason why any planned work was not completed and project variances
- Existing risk and issue status
- New risks or issues
- Changes requested and changes implemented
- Quality results and issues
- Project management plan.
The risk management plan is most useful here as it contains aspects such as timing and frequency for PMBOK risk assessment, risk auditing and reporting, and the strategy for allocating risk reserves such as a risk budget.
To ensure the risks are reassessed in a timely and regular manner, is a good idea to include risk situation for discussion at any team meetings. Is a good idea to use the general headings within the risk register as discussion points for each risk reassessment.
When carrying out PMBOK risk analysis, consider both the root cause and the knock-on effect of one risk upon another. Remember that cost, time, scope, and quality interact, and that a risk relating to one of them, may cause an impact to one or more of the others.
Delays, rework, quality issues, overspent and functionality issues may all have a root cause within an existing risk, or provide evidence that a new risk is emerging that will now need to be managed.
Using Earned Value, you can use trend analysis to determine if your project performance is at risk; for example checking cost performance index and schedule performance index trends will give you evidence of potential future risks.
Using contingency reserve for PMBOK Control Risks
This is a lot of money and time set aside to reduce the risk and infect of both cost and time overruns.
Using the technique of reserve analysis, it can be determined whether the reserve remaining sufficient to cater for schedule and budget overruns for both risks yet to occur.
PMBOK Risk Audits.
These can be conducted formally or informally and are there to audit both individual risks and the overall risk management process effectiveness. Such audits can be used as an input to the lessons learned.
Like to find out more? CLICK HERE for my PMP Mastery System!