Risk Analysis in Project Management by xiangpeng


									Risk Analysis in Project
     Dr Shafqat Hameed
                Key Themes of PM
Business Case       The why

Organisation        The who

Plans               The what, how and when

Risk                Managing uncertainty

Progress            Controlling time and costs

Quality             Assuring the delivery of fit-for-purpose products

Issues & Changes    Controlling scope
                 Phase Model



 Feedback Loops                   Implementation

  Definition          Planning         Implementation            Delivery

                                              Level of effort
1. Goals                                     1. Status reports    1. Train user
2. Specifications       2. Budgets           2. Change Orders     2. Transfer documents
3. Scope                3. Resources         3. Quality Audits    3. Release resources
4. Responsibilities     4. Risks             4. Contingencies     4. Reassign staff
5. Teams                5. Schedule                               5. Lessons learned
     Risk, Risk Analysis and Risk
 Uncertainty
 Negative Impact on Profitability i.e. Insurance
 Negative Impact on Success i.e. Military Hardware
Risk= Probability of event x Cost of event
Risk Analysis
   Qualitative or Quantitative assessment of risk
     Identification of main risk factors
     More sophisticated Techniques i.e computer
Project Risk Analysis
 Schedule
 Cost
 Performance

  Properly done risk analysis will achieve the above
      objectives and will increase the likelihood of
            successful completion of project
        Risk assessment

 Risks are judged against the assets which are to be
 cost of failure probability gives loss expectation
 qualitative (quasi-quantitative) approach is usually
  more practical
    Benefits of the Risk Analysis
   Cost Justification
   Productivity: Audit/Review Savings
   Breaking Barriers - Business Relationships
   Self-Analysis
    Security Awareness
   Targeting Of Security
   'Baseline' Security and Policy
    Consistency
    Communication
Identification and Assessment of the
            Level of Risk
  Values of assets
  Possible Threats to the assets
   Human, Operational, Reputational, Financial, Technical,
   natural, political etc etc.
  Their vulnerabilities and their likelihood of exploitation

 Goals for any risk analysis
  All the assets have been identified
  All types of harms have been identified and their impact on
   assets have been valued
  All vulnerabilities have been identified and assessed
                Vulnerability analysis
Vulnerability is a weakness in the project that makes an
attack more likely to succeed.

Vulnerability analysis has the following steps:
•Existing project
•New project
-Envisaged software
-Existing procedure
•Identify vulnerabilities
•Assess levels of likelihood
        Risk and Vulnerability Analysis of an
          Internet Ordering System Project
Asset                       Type     Why                             Harm                   Impact
Ordering System/Server      Direct   The main interaction point      Loss of availability   Medium
                                          between customer and the
                                     Assumption=combined system
Customer credit card
Customer personal details

Software application

System admin & data
Customer trust

Company reputation
Successful Projects
 Project Apollo
 Human Genome Project
 Airport Munich (Erdingermoos)
 Introduction of EDOZ at ETH Zurich
 KnowInnet
Project Failure Examples
 London Ambulance Project 1992
 UK Passport Project 1999
 Airport Malpensa
 German Toll System
 Iridium (failed, back on track)
 Many software projects
UK Passport Project 1999

 In the summer of 1999 the failure of the
  Passport Office’s new IT system caused huge
  delays in the issue of passports, several
  hundred people were unable to travel, and
  phone lines were continually congested.
What went wrong?

A report on the problem blamed over-optimistic planning of the
   implementation of the new system. The cost of producing a
   passport also rose. A risk had been taken by introducing the
   new system in 2 of the 6 passport offices before it was properly

 Failure to assess the time needed by staff to become familiar
  with new manual and computerized systems
 Unrealistic risk assessment and insufficient contingency
 A failure to communicate effectively with the public at a personal
  level, by phone and through the media
What were the lessons learned?
A number of the lessons indicate that closer attention to project
    management techniques could have mitigated the failures.
In particular, the main lessons were:
 New systems must be thoroughly tested
 Staff must be fully trained and adequate time allowed to learn new
 Realistic contingency plans are required should the project fail to
    deliver on time
 The customers, or end users, of the system – in this case the general
    public, must be kept well informed

A major lesson from this failure appears to be the need for contingency
planning. The project took some high risk decisions without having fall-
back plans. The Passport Office had not predicted the surge in
applications and enquiries and had no means of handling them
Critical Success Factors in PM
 PM is key to company success.
 Projects are done in all parts of an
 Projects are new, risky and have a defined
  start and end.
 There are several key success factors for
 PM is about managing people!
Thank You

To top