Chapter 11: Project Risk Management Schwalbe

1
(No Transcript)
2
Chapter 11Project Risk Management(Schwalbe)
3
Questions

• Do IT projects carry more risk than say,
  construction projects?
• What are some typical IT project risk categories?
• How much risk planning is done, really?
• What are some tools for risk management?
• In terms of the eight knowledge areas, which is
  typically the least mature?
• Describe a simple risk mitigation strategy

4
Are there two sides to risk? YES!!

• Down-side risk (negative risk) or just risk
• Up-side risk (positive risk) or opportunities
• Can you personally get out of taking risks?
• You want to minimize the negative risk and
  maximize the positive risk
• Was life designed to be intentionally risky?
• If so, why???

5
The Oklahoma State Delimma

• They invested 200M in oil stocks
• They expected the spot market price of oil to
  reach 200/barrel this year
• They also borrowed 200M against this asset,
  which they used for football stadium improvements
• What happened?
• Would you regard their behavior as risk seeking,
  risk neutral or risk averse?

6
The Importance of Project Risk Management

• Project risk management is the art and science of
  identifying, assigning, and responding to risk
  throughout the life of a project and in the best
  interests of meeting project objectives
• Risk management is often overlooked on projects,
  but it can help improve project success by
  helping select good projects, determining project
  scope, and developing realistic estimates

7
Which of the following software development
methodologies is focused on risk?

• Waterfall methodology
• Evolutionary development
• Spiral model
• Transform model

8
What is Risk?

• A dictionary definition of risk is the
  possibility of loss or injury
• Project risk involves understanding potential
  problems that might occur on the project and how
  they might impede project success
• Risk management is like a form of insurance it
  is an investment

9
Why Take Risks? Because of Opportunities!
Try to balance risks and opportunities
Risks
Opportunities
10
Risk Utility

• Risk utility or risk tolerance is the amount of
  satisfaction or pleasure received from a
  potential payoff
• Utility rises at a decreasing rate for a person
  who is risk-averse
• Those who are risk-seeking have a higher
  tolerance for risk and their satisfaction
  increases when more payoff is at stake
• The risk neutral approach achieves a balance
  between risk and payoff

11
Figure 10-1. Risk Utility Function and Risk
Preference
12
What is Project Risk Management?

• The goal of project risk management is to
  minimize potential risks while maximizing
  potential opportunities. Major processes include
• Risk management planning involves deciding how
  to approach risk management activities for the
  project
• Risk identification determining which risks are
  likely to affect a project
• Qualitative risk analysis prioritizing risks
  based on impact
• Quantitative risk analysis evaluating risks to
  assess the range of possible project outcomes
• Risk response planning taking steps to enhance
  opportunities and developing responses to threats
• Risk monitoring and control responding to risks
  over the course of the project

13
Common Sources of Risk on Information Technology
Projects

• Several studies show that IT projects share some
  common sources of risk
• The Standish Group developed an IT success
  potential scoring sheet based on potential risks
• McFarlan developed a risk questionnaire to help
  assess risk
• Other broad categories of risk help identify
  potential risks

14
Table 10-1. Information Technology Success
Potential Scoring Sheet
15
Table 10-2. McFarlans Risk Questionnaire
16
Market, Financial, and Technology Risk

• Market risk Will the new product be useful to
  the organization or marketable to others? Will
  users accept and use the product or service?
• Financial risk Can the organization afford to
  undertake the project? Is this project the best
  way to use the companys financial resources?
• Technology risk Is the project technically
  feasible? Could the technology be obsolete before
  a useful product can be produced?

17
People and Structure risks

• People risk does the organization have or can
  they find people with appropriate skills to
  complete the project successfullly
• Structure/process risk What is the degree of
  change the new project will introduce into user
  areas and business procedures?

18
Risk Identification

• Risk identification is the process of
  understanding what potential unsatisfactory
  outcomes are associated with a particular project
• Several risk identification tools include
  checklists, flowcharts, and interviews

19
Table 10-3. Potential Risk Conditions Associated
With Each Knowledge Area
20
Quantitative analysis

• Risk quantification or risk analysis is the
  process of evaluating risks to assess the range
  of possible project outcomes
• Determine the risks probability of occurrence
  and its impact to the project if the risk does
  occur
• Risk quantification techniques include expected
  monetary value analysis, calculation of risk
  factors, PERT estimations, simulations, and
  expert judgment

21
Figure 10-2. Expected Monetary Value (EMV) Example
22
Figure 10-3. Chart Showing High-, Medium-, and
Low-Risk Technologies
23
Simulation for Risk Analysis

• Simulation uses a representation or model of a
  system to analyze the expected behavior or
  performance of the system
• Monte Carlo analysis simulates a models outcome
  many times to provide a statistical distribution
  of the calculated results

24
What Went Right?
McDonnell Aircraft Company used Monte Carlo
simulation to help quantify risks on several
advanced-design engineering projects. The
National Aerospace Plan (NASP) project involved
many risks. The purpose of this multi-billion
dollar project was to design and develop a
vehicle that could fly into space using a
single-stage-to-orbit approach. A
single-stage-to-orbit approach meant the vehicle
would have to achieve a speed of Mach 25 (25
times the speed of sound) without a rocket
booster. A team of engineers and business
professionals worked together in the mid-1980s to
develop a software model for estimating the time
and cost of developing the NASP. This model was
then linked with Monte Carlo simulation software
to determine the sources of cost and schedule
risk for the project. The results of the
simulation were then used to determine how the
company would invest its internal research and
development funds. Although the NASP project was
terminated, the resulting research has helped
develop more advanced materials and propulsion
systems used on many modern aircraft.
25
Expert Judgment

• Many organizations rely on the intuitive feelings
  and past experience of experts to help identify
  potential project risks
• The Delphi method is a technique for deriving a
  consensus among a panel of experts to make
  predictions about future developments

26
Risk Response Planning

• Risk avoidance eliminating a specific threat or
  risk, usually by eliminating its causes
• Risk acceptance accepting the consequences
  should a risk occur
• Risk transference shifting responsibility for a
  risk to a third party
• Risk mitigation reducing the impact of a risk
  event by reducing the probability of its
  occurrence

27
Table 10-4. General Risk Mitigation Strategies
for Technical, Cost, and Schedule Risks
28
Risk Management Plans, Contingency Plans, and
Contingency Reserves

• A risk management plan documents the procedures
  for managing risk throughout the project
• Contingency plans are predefined actions that the
  project team will take if an identified risk
  event occurs
• Contingency reserves are provisions held by the
  project sponsor for possible changes in project
  scope or quality that can be used to mitigate
  cost and/or schedule risk

29
Table 10-5. Questions Addressed in a Risk
Management Plan

• Why is it important to take/not take this risk in
  relation to the project objectives?
• What specifically is the risk and what are the
  risk mitigation deliverables?
• How is the risk going to be mitigated? (What risk
  mitigation approach is to be used?)
• Who are the individuals responsible for
  implementing the risk management plan?
• When will the milestones associated with the
  mitigation approach occur?
• How much is required in terms of resources to
  mitigate risk?

30
Risk Monitoring and Control

• Risk response control involves executing the risk
  management processes and the risk management plan
  to respond to risk events
• Risks must be monitored based on defined
  milestones and decisions made regarding risks and
  mitigation strategies
• Sometimes workarounds or unplanned responses to
  risk events are needed when there are no
  contingency plans

31
Top 10 Risk Item Tracking

• Top 10 risk item tracking is a tool for
  maintaining an awareness of risk throughout the
  life of a project
• Establish a periodic review of the top 10 project
  risk items
• List the current ranking, previous ranking,
  number of times the risk appears on the list over
  a period of time, and a summary of progress made
  in resolving the risk item

32
Table 10-6. Example of Top 10 Risk Item Tracking
33
Using Software to Assist in Project Risk
Management

• Databases can keep track of risks
• Spreadsheets can aid in tracking and quantifying
  risks
• More sophisticated risk management software helps
  develop models and uses simulation to analyze and
  respond to various project risks

34
Figure 10-4. Sample Monte Carlo Simulation
Results for Project Schedule
35
Figure 10-5. Sample Monte Carlo Simulations
Results for Project Costs
36
Results of Good Project Risk Management

• Unlike crisis management, good project risk
  management often goes unnoticed
• Well-run projects appear to be almost effortless,
  but a lot of work goes into running a project
  well
• Project managers should strive to make their jobs
  look easy to reflect the results of well-run
  projects

37
Discussion Questions

• Discuss the risk utility function and risk
  preference chart in Figure 10-1. Would you rate
  yourself as being risk averse, risk neutral, or
  risk seeking? Give examples of each approach from
  different aspects of your life, such as your
  current job, your personal finances, romances,
  and eating habits.
• What is your organizations (your employer's or
  your college's) risk preference when it comes to
  information technology projects? Give evidence to
  support your position.
• Describe the Top 10 Risk Item Tracking approach.
  How could you use this technique in your
  organization?

38
(No Transcript)
39
Chapter 12Project Procurement Management
40
Importance of Project Procurement Management

• Procurement means acquiring goods and/or services
  from an outside source
• Other terms include purchasing and outsourcing
• By the year 2003 the worldwide information
  technology outsourcing market had grown to over
  100 billion

41
Why Outsource?

• To reduce both fixed and recurrent costs
• To allow the client organization to focus on its
  core business
• To access skills and technologies
• To provide flexibility
• To increase accountability

42
Project Procurement Management Processes

• Planning purchases and acquisitions determining
  what to procure and when
• Planning contracting documenting product
  requirements and identifying potential sources
• Requesting Seller Responses obtaining
  quotations, bids, offers, or proposals as
  appropriate

43
Project Procurement Management Processes,
Continued

• Selecting sellers choosing from among potential
  vendors
• Administering the contract managing the
  relationship with the vendor
• Closing the contract completion and settlement
  of the contract

44
Figure 12-1. Project Procurement Management
Processes and Key Outputs
45
Planning purchases and acquisitions

• Procurement planning involves identifying which
  project needs can be best met by using products
  or services outside the organization. It
  includes deciding
• whether to procure
• how to procure
• what to procure
• how much to procure
• when to procure

46
Collaborative Procurement

• Several organizations, even competitors, have
  found that it makes sense to collaborate on
  procurement for some projects
• Kodak worked with several competitors to develop
  the Advantix Advanced Photo System (see What Went
  Right? on pg. 303)

47
Procurement Planning Tools and Techniques

• Make-or-buy analysis determining whether a
  particular product or service should be made or
  performed inside the organization or purchased
  from someone else. Often involves financial
  analysis
• Experts, both internal and external, can provide
  valuable inputs in procurement decisions

48
Types of Contracts

• Fixed price or lump sum involve a fixed total
  price for a well-defined product or service
• Cost reimbursable involve payment to the seller
  for direct and indirect costs
• Unit price contracts require the buyer to pay
  the seller a predetermined amount per unit of
  service

49
Cost Reimbursable Contracts

• Cost plus incentive fee (CPIF) the buyer pays
  the seller for allowable performance costs plus a
  predetermined fee and an incentive bonus
• Cost plus fixed fee (CPFF) the buyer pays the
  seller for allowable performance costs plus a
  fixed fee payment usually based on a percentage
  of estimated costs
• Cost plus percentage of costs (CPPC) the buyer
  pays the seller for allowable performance costs
  plus a predetermined percentage based on total
  costs

50
Figure 12-2. Contract Types Versus Risk
51
Statement of Work (SOW)

• A statement of work is a description of the work
  required for the procurement
• Many contracts, or other mutually binding
  agreements, include SOWs
• A good SOW gives bidders a better understanding
  of the buyers expectations

52
A Common Contractual Relationship

• Time and Materials Contract
• Is essentially a cost reimbursement contract, but
  reimburses material costs as well
• May be agreed to through transmittal of a letter

53
Solicitation Planning

• Solicitation planning involves preparing several
  documents
• Request for Proposals used to solicit proposals
  from prospective sellers where there are several
  ways to meet the sellers needs
• Requests for Quotes used to solicit quotes for
  well-defined procurements
• Invitations for bid or negotiation, and initial
  contractor responses are also part of
  solicitation planning

54
Figure 12-4. Outline for a Request for Proposal
(RFP)
55
Solicitation

• Solicitation involves obtaining proposals or bids
  from prospective sellers
• Organizations can advertise to procure goods and
  services in several ways
• approaching the preferred vendor
• approaching several potential vendors
• advertising to anyone interested
• A bidders conference can help clarify the
  buyers expectations

56
Source Selection

• Source selection involves
• evaluating bidders proposals
• choosing the best one
• negotiating the contract
• awarding the contract
• It is helpful to prepare formal evaluation
  procedures for selecting vendors
• Buyers often create a short list

57
Figure 12-5. Sample Proposal Evaluation Sheet
58
Figure 12-6. Detailed Criteria for Selecting
Vendors
59
Contract Administration

• Contract administration ensures that the sellers
  performance meets contractual requirements
• Contracts are legal relationships, so it is
  important that legal and contracting
  professionals be involved in writing and
  administering contracts
• Many project managers ignore contractual issues,
  which can result in serious problems (see What
  Went Wrong? on pg. 315)

60
Suggestions on Change Control for Contracts

• Changes to any part of the project need to be
  reviewed, approved, and documented by the same
  people in the same way that the original part of
  the plan was approved
• Evaluation of any change should include an impact
  analysis. How will the change affect the scope,
  time, cost, and quality of the goods or services
  being provided?
• Changes must be documented in writing. Project
  team members should also document all important
  meetings and telephone phone calls

61
Contract Close-out

• Contract close-out includes
• product verification to determine if all work was
  completed correctly and satisfactorily
• administrative activities to update records to
  reflect final results
• archiving information for future use
• Procurement audits identify lessons learned in
  the procurement process

62
Discussion Questions

• Discuss the scenario in the opening case. Have
  you experienced similar situations? How did the
  parties involved handle them?
• Provide examples of information technology goods
  and services that were outsourced. Which were for
  information technology projects and which were
  parts of on-going operations? Was it advantageous
  for the organization to use outsourcing?
• Some experts recommend working with preferred
  vendors, even if their prices may be higher than
  other vendors. Why do you think this is the
  case?