top of page
Writer's pictureDominique Smith

Risk Response Planning

Updated: Dec 5, 2021

When you’re involved with any you should be aware that there are always risks involved. As a project manager it is your responsibility to acknowledge any potential risks and try to find ways to reduce those risks in order to have a better-quality project. Project risk management focuses on this aspect of project management. A risk is an uncertainty that can have a negative or positive effect on meeting project objectives (Schwalbe 468). When dealing with risk management, it is important not only to acknowledge potential risks that may happen but also to recognize that there is a difference between known and unknown risks. Knowing that risks are inevitable, you should begin this process by creating a risk management plan. Within your risk management plan, you make sure to have an area of the plan that focuses on planning risks responses. This post will focus on the planning risk response process and how it can be adapted into an agile project.







Planning risk responses happens after you and your team have identified and quantified risks within your project. This process oversees the task of finding and developing appropriate options to address specific risks with the goal of increasing positive risk outcomes and reducing negative risk outcomes. With positive and negative risk there are several basic responses that are universally used. We will look at a list of these responses and give you, our project manager, an idea of how they can be used for positive and negative risk respectively.


Positive Risk Response Strategies



Positive risk responses have 3 specific strategies that go along with them: risk exploitation, risk sharing, and risk enhancement.


Risk Exploitation- trying to do whatever possible to make a positive risk happen. This can happen by adding or changing work in the project to give yourself a better chance of the opportunity occurring.


Risk Sharing- allocating ownership of the risk to another person or party. This tends to include a third party that would take on the risk. Think of risk sharing as wanting to throw a party however you either don’t want to or can’t take on the role of planning it, so you decide to have a party planning company do it for you. You’ve removed the work of planning a party out of your hands and placed it in someone else's but there’s still a chance that you may have to do something.


Risk Enhancement- changing the size of the opportunity by identifying and maximizing key drivers of the positive risk. By doing risk enhancement you increase the likelihood of having a positive risk which entail has a positive impact on your project



Negative Risk Response Strategies



Just like positive risk responses, negative risk responses also have 3 specific strategies that go along with them: risk avoidance, risk transference, and risk mitigation.


Risk Avoidance- eliminating a specific risk threat, usually by eliminating its cause. Focusing on the cause allows your team a chance to rework that aspect of your project so that that particular risk can be eliminated permanently. Obviously, every risk can’t be eliminated but removing specific risks leads to better project quality.


Risk Transference- shifting the consequences of a risk and responsibility for its management to a third party. Risk transference can be looked at similarly to risk sharing, however with transference none of the consequences are on you. Think of this as an insurance policy or a warranty guarantee.


Risk Mitigation- reducing the impact of a risk event by reducing the probability of its occurrence. Much like avoidance not all risk can be eliminated however with mitigation the goal is to reduce the impact of that risk.



Positive and Negative Risk Response Strategies



With risk response strategies there are 2 strategies that are effective for both positive and negative risks: risk acceptance and risk escalation.


  • Risk Acceptance- accepting the consequences if a risk occurs. Risk acceptance decisions should be communicated to stakeholder. There are two forms of risk acceptance: active and passive. Active acceptance involves having contingency plans and cost reserves ready to implement if a risk needs to be addressed. Passive acceptance consists of the team just leaving the risk response action to be determined as needed.

  • Risk Escalation- notifying a higher level authority. If the risk is outside the project scope, the response is outside the project manager’s authority or there is a positive risk chance, you would tell a higher level manager.


*When planning your risk response strategies, make sure that you acknowledge the chance of residual and secondary risk. Residual risk can still be present even after a response strategy has been implemented. In regards to secondary risk, they can arise directly from having a risk response implemented in your project. *


Agile risk management

In agile risk management can be broken down into 4 parts: risk identification, risk assessment, risk responses, and risk review. That being said, because of their focus on quality as a built-in element of project development, most agile frameworks don’t contain a dedicated process for risk management. With agile having shorter work cycles and more communication between the project team and stakeholders, there are some types of risk that are less likely to happen. These shorter cycles also allow for risk to be addressed earlier in a project then they may have been in comparison to a waterfall project, as each sprint does allow for retrospectives and a quicker test response time.


Conclusion

Having a grip on the risk responses can allow for your team to address specific risk in the most efficient and timely manner possible. That being said, you as a project manager should be able to categorize the level of risk that a task may have, recognize if the risk is positive or negative, be able to plan your responses and have a contingency plan for anything that might come up after your responses are implemented. When planning risk management keep in mind that there are unknown risks that go along with known risks. Every risk can’t be eliminated but it’s your responsibility to keep risk under control so that you can produce the best product.


Works cited

Schwalbe, Kathy. Information Technology Project Management. Boston, MA: Course Technology, 2019. Print.


Images





9 views0 comments

Recent Posts

See All

コメント


bottom of page