Chapter 5: Managing project success through project risk management by xuy20978

VIEWS: 45 PAGES: 23

More Info
									MBOKANE SE            IT project risk management in the financial sector:
2005                                an exploratory study


      Chapter 5: Managing project success through project risk management


Synopsis ………………………………………………………………………….……5-60


5.1    Introduction……..……..………………………………….……………….…..5-61


5.2    Managing project success through project risk management………..……..5-62
       5.2.1    Project risk management – 17 steps to success………………………...5-62
       5.2.2    Using software to assist in project risk management…….……………..5-67
       5.2.3    IT project managers and their teams’ contributions to the
                success of project risk management plans ………………..……………5-68
        5.2.4 Contributions of risk management programme plans
                to project success……………………………………………………..…5-72
        5.2.5 Principles of monitoring and controlling IT projects……..……………..5-73
        5.2.6 A solution development summary for successful project risk
                management…………………………………………..…………………5-74
        5.2.7   The project manager’s checklist for risk management………..………..5-74
        5.2.8   The project manager’s review checklist for project risk………..……….5-75
        5.2.9 Benefits of using project risk management……………………………..5-76
        5.2.10 Avoiding project failure beyond project risk management guidelines…..5-77


5.3    Closure…………………………………………………………………………5-79




Managing project success through project risk management                                   5-59
MBOKANE SE            IT project risk management in the financial sector:
2005                                an exploratory study


SYNOPSIS


There are four major categories in a project risk management plan that guarantee project success:
planning, resources, controlling and monitoring. These categories comprise 17 steps to the
success of an IT project.


The basis of risk management is in the action plan. To undertake the identified tasks, resources
must be allocated to each task and final adjustments made to plans. Once the risk management
plan has been finalised, execution can begin and the activities defined within the plan undertaken
with suitable control being exercised. It is always necessary to monitor progress against the plan.


Project managers can use software tools to enhance the various project risk management
processes. Tools like Microsoft Project 2003, spreadsheets and databases can help track and
quantify risk. Monte Carlo analyses and PERT analyses can help address costing and scheduling
uncertainties.


Project risk management will not succeed without the contribution of a good project manager and
a great project team. Project managers should not allow the project staff to run the project risk
management. The project manager should fully understand his/her role in the project team. There
are several suggestions or factors that guide and develop a successful project manager.


Project managers should have a project risk management programme plan to contribute to project
success. This plan should describe risk identification, risk analysis and risk handling. The plan
should also describe the role of risk assessment, technical performance monitoring and change
control processes. Methods of risk reduction, monitoring and handling should be described in this
plan. Principles for monitoring and controlling IT projects are important and include the project
manager’s checklist for project risk management. Project risk management benefits are included.




Managing project success through project risk management                                       5-60
MBOKANE SE            IT project risk management in the financial sector:
2005                                an exploratory study


5.1 INTRODUCTION


A study conducted by KPMG, a large consulting firm, found that 55% of runaway projects –
projects that have significant cost or schedule overruns – performed no risk management at all;
38% performed some risk management (but half did not use their risk findings after the project
was underway) and 7% did not know whether they did risk management or not. This study
discovered that performing project risk management is important to improve the likelihood of
project success and to prevent runaway projects (Schwalbe 2004: 390).


This chapter explores project success through project risk management. A frequently overlooked
aspect of project management, project risk management can often result in a significant
improvement in the ultimate success of projects. This chapter looks at the positive impact that
project risk management has on selecting projects, determining the scope of projects and
developing realistic schedules and cost estimates.


Organisations take risks to benefit from potential opportunities. IT companies like those in the
financial sector know that there is a high project failure in IT, but still new IT projects are being
undertaken all the time. This chapter looks at project risk management as an investment because
there are costs associated with it. The risk costs should not exceed the potential benefits.


This chapter also explores other ingredients to project success, based on literature and experience
from many projects. This chapter further addresses how a project manager can successfully
address project, human resource, management, technical and consultant issues to the benefit of
project success. All these recommendations will bring about project success for project managers,
especially through project risk management.




Managing project success through project risk management                                        5-61
MBOKANE SE              IT project risk management in the financial sector:
2005                                  an exploratory study


5.2       Managing project success through project risk management


Project management of risk is inherent in the objectives of the five systems: scope, organisation,
quality, cost and time. There is the risk that the project will not turn out as expected, arising
directly from the uniqueness of projects. Successful completion requires the risk to be managed
(Turner 1993:235). There are 17 steps to project success that a project manager should note.

5.2.1 Project risk management – 17 steps to success

In 1995, a consulting firm – EnterpriseCM – researched the best practices to project success
through risk management. Their findings were summarised in 17 project risk management steps
that could help every project manager to successfully manage project risk. These steps can be
grouped into four major categories:


-     Planning: identifying the type of response appropriate for each risk; developing a detailed
      plan of action; confirming its desirability and objectivity; and obtaining management
      approval.
-     Resources: identifying and assigning the people and other resources (e.g. money and
      equipment) necessary to do the work; also confirming that the plan is feasible.
-     Controlling: making sure that events in the plan are really happening.
-     Monitoring: making sure that execution of the plan is having the desired effect on the risks
      identified; also ensuring that the management of risk processes is applied effectively.


The extent to which these activities need to be addressed depends on the size and nature of the
particular project under review. Also, these activities are not necessarily carried out sequentially.


Planning


The basis of risk management is the “action plan”, which is developed in steps 1 to 7. It is
important to note that inadequate attention to some of the early steps may waste time and effort
later.


Managing project success through project risk management                                         5-62
MBOKANE SE              IT project risk management in the financial sector:
2005                                  an exploratory study


Step 1: Determine risk indicators and pass information to risk evaluation. The level of
acceptability of the risk or group of risks needs to be decided as part of the planning process prior
to its use in the evaluation activity of risk analysis.


Step 2: Using the ordered set of risks, assess each against its indicators. When risk estimation is
finished during the risk analysis phase, all the identified risks are placed in an order of
importance, based on their likelihood of happening and potential consequences. It is now
necessary to superimpose the risk indicators that have defined onto this list.


Step 3: Select the most appropriate means of reducing each risk. No further action, other than
monitoring, is required for risks that are below their risk indicator. Actions on risks, which are
above their defined level of acceptability, may also be deemed undesirable. If the cost of such
action is not justified, then either the risk indicator needs to be adjusted or the project must be
halted.


Step 4: If the risk is to be accepted without trying to avert it, move on to Step 6. If the risk is to
be eliminated, its likelihood or consequences reduced or its consequences mitigated, then design
an appropriate course of action. If the risk is to be accepted without any reduction measures
taken, then it need only be monitored. It is important, however, to plan the approach to
monitoring. If the elimination of risks or reduction of their likelihood or consequence is selected,
some proactive action is applied.


Step 5: Ensure that the course of action selected does not produce any unintended consequences.
Part of the planning process is to ensure that, whatever means are selected to deal with the risks
that have been identified, these new actions themselves will not make things worse.


Step 6: Create a preliminary risk management plan and define the initial monitoring
requirements. A detailed risk management plan is created as a result of the planning process, to
implement the risk reduction measures decided upon. The risk management plan summarises the
risk analysis conducted, as well as recommended courses of management based on the level and
type of risk present.


Managing project success through project risk management                                         5-63
MBOKANE SE             IT project risk management in the financial sector:
2005                                 an exploratory study


Step 7: Present a plan to management for authority to proceed. The execution of the risk
management plan must not continue until management has formally approved the plan. This step
is undertaken to ensure that staff or cost commitments are fully appreciated and that the approach
being processed for risk management is in line with the overall strategy of the organisation.


In summary, steps in the risk project planning process enable project managers to distinguish
between situations and to deal with risks accordingly. There can be little project risk management
without planning. To identify the appropriate type of response to each risk, a detailed plan of
action is required. This helps project managers to select the appropriate means of risk reduction.


Resources


To undertake the identified tasks, resources must be allocated to each task and final adjustments
made to plans. These plans must reflect the skills, experience and availability of the identified
resources.


Step 8: Allocate resources to the risk management plan. The allocation of resources to risk
reduction is one of the critical activities of the risk management phase and can proceed parallel
with Step 6 of the planning activity. The risk planning process must concentrate on ensuring that
the highest priority risks are attended to first.


Step 9: Assign responsibility for activities identified in the risk management plan. As part of the
resource management activity, authority for risk management activities is delegated and
responsibility assigned to individuals and groups throughout the organisation.


Step 10: Ensure that the risk management plan is feasible and perform a re-analysis of risks if
necessary to make a final judgement concerning the feasibility of the plan. Aspects to consider at
this stage primarily concern the appropriateness of resource allocation and whether this allocation
has implications for planned cost and time.




Managing project success through project risk management                                        5-64
MBOKANE SE            IT project risk management in the financial sector:
2005                                an exploratory study


Step 11: Finalise the risk management plan and begin its execution. Although the elimination of
risks is the aim of the management of risk, generally this is not plausible or practical due to the
scarcity of resources available for risk reduction, the unacceptably high cost of any action that
would be effective or the nature of the risk. Thus, a combination of acceptance, elimination,
reduction and mitigation measures must be put into place.


In summary, plans must reflect the skills, experience and availability of the identified resources.
Project managers should use resource planning as a tool to determine outsourcing risks and
money risks. The allocation of resources to risk reduction is one of the critical activities of the
risk management phase. A lack of technical skills or access to appropriate staff is a large source
of project risk for complex, technical projects.


Controlling


Once the risk management plan has been finalised, execution can begins and the activities
defined within the plan undertaken with suitable control being exercised.


Step 12: Ensure that progress against the risk management plan is within the resource limits.
Control activities concentrate on ensuring that the risk management activities specified in the
project plan are being properly executed.


Step 13: Coordinate the execution of the risk management plan with existing organisational
activities. Communication makes up a large part of the control activities. All risk reduction
activities have to be coordinated with each other and with other activities, notably those
concerned with the development of the project itself. Specific action may be necessary to
harmonise the implementation of both risk reduction and project work.


Step 14: Resolve any conflicts over resource allocation. Resource conflicts must be addressed
before they compromise the implementation of the risk management plan or the project
development activities. There must be no hesitation in using the escalation procedure if the
problem cannot be resolved at the project manager’s level.


Managing project success through project risk management                                      5-65
MBOKANE SE             IT project risk management in the financial sector:
2005                                 an exploratory study


In summary, project risk controlling involves analysing and tracking status information on risks
identified. Project managers have to decide how to proceed and communication makes up a large
part of the control activities. Planning and measurement are an important part of control. Control
is easier with planning and project managers cannot control what they cannot measure.


Monitoring


Having planned and then controlled the activities of the project, it is necessary to monitor
progress against the plan and assess whether everything is proceeding healthily. Project progress
is specifically assessed at the control points, such as end-stage assessments.


Step 15: Capture lessons learned on the effectiveness of risk reduction measures. As project
plans are executed, they must be monitored to ensure that their objectives are achieved as
intended. It should be recognised that, in a high-risk environment, the one thing that can be
expected is that not everything will go according to plan. What is important is that an
understanding of what needs to be done develops during the planning and monitoring processes.


Step 16: Check that the risk indicators are not being exceeded and that reduction efforts are
effective. At regular periods, the progress should be checked against the plan to ensure that:
-   risks identified earlier are still valid and that the indicators have not changed;
-   any changes of risk significance are understood and communicated to those who need to
    know about them;
-   implemented responses have been effective and lessons learned are captured;
-   the risk reduction measures can be considered a success (or if they are failing, then identify
    new measures that need to be put into place);
-   residual risks are acceptable or are subject to continuing action on the plan; in this event the
    monitoring must continue; and
-   no other risks have materialised over time.




Managing project success through project risk management                                         5-66
MBOKANE SE               IT project risk management in the financial sector:
2005                                   an exploratory study


Step 17: Discover the reason(s) for change in the risk status. If minor corrective action is
required, go back to Step 14. It is, of course, possible that the risk reduction measures are not
working as well as had been expected and that corrective action may be required. If the corrective
action required is significant in terms of cost and time, especially if it involves several risks (a
highly likely situation), a new risk analysis may be required.


In summary, monitoring project risk can be accomplished by reviewing milestones in the project
schedule and by holding project risk management review meetings. In this manner new risks can
be identified and prioritised. Minor corrective actions can be taken if required after reviews or
changes in priorities.


The effort expected in managing project risk should be reasonable enough to keep risk exposure
at acceptable levels within the overall constrains of the project (EnterpriseCM, Inc 1995: 2-4).
Project managers need software tools to assist them to successfully manage such project risk.


5.2.2 Using software to assist in project risk management


Project managers can use software tools to enhance the various project risk management
processes. Databases can keep track of risks; spreadsheets can aid in tracking and quantifying
risks; and more sophisticated risk management software can help develop models and use
simulations to analyse and respond to various risks. Microsoft Project 2003 can help to perform
PERT analyses and managers can use add-on software to perform Monte Carlo analyses. For
example, Risk + (by C/S Solutions, Inc.) is a comprehensive risk analysis tool that integrates with
Project 2003 to quantify the cost and schedule uncertainty associated with projects. It uses Monte
Carlo-based simulation techniques to answer questions such as: What are the chances of
completing the project by 1 December 2005? How confident are we that costs will remain below
$10 million? What are the chances that this task will end up on the critical path? (Schwalbe 2004:
414).




Managing project success through project risk management                                        5-67
MBOKANE SE            IT project risk management in the financial sector:
2005                                an exploratory study


Technical performance measurement (TPM) and cost/schedule control system criteria (C/SCSC)
are the best-known sensors. The requirements (in time and money) for the development of these
options determine the required sensitivity of the monitoring tools selected by the project office. A
TPM or cost performance measurement (CPM) report, giving 90 days’ notice of impending
failure, is not helpful if the products of parallel development will take six months (Kerzner 1998:
897)

The essential nature of PERT analysis is to determine the expected time for each activity by using
a weighted average of the most likely along with the best case and worst case time estimate that
can reasonably be imagined. The normal approach to PERT is to weight the “most likely” four
times heavier than the extremes, then to sum them all and divide the total by six. When the
expected times have been determined for all activities on the critical path, these can be summed
to determine the expected time required for the entire project.

Many project managers support their work with project management software packages. Some of
the more popular packages include Computer Associates’ Estimates, Software Productivity
Research Inc’s Decisioneering’s Crystal Ball Predictor, which also evaluates risk, and Microsoft
Project (Oz 2004:606).


Technology has a competitive impact in two primary ways. First, it provides a market advantage
through differentiation of value added; and second, it provides a cost advantage through
improved overall system economies (Shtub et al. 1994:247).


Using software tools for the success of the project is never enough without the contribution of a
project manager and a project team.


5.2.3 IT project managers and their teams’ contributions to the success of project risk
       management plans


A knowledge worker is an employee who possesses valuable experience. Knowledge workers are
seen as ‘capital assets’. Assets need to be made to grow (Love et al. 2005:108). Project managers
should be aware of IT and its potential impact on the organisation.

Managing project success through project risk management                                       5-68
MBOKANE SE             IT project risk management in the financial sector:
2005                                 an exploratory study


They cannot afford to leave consideration of project risk management solely to the project team
or to IT specialists. The following factors can contribute to the success of their projects.


5.2.3.1 Do not let IT project staff run project risk management

A theme that should be clear by now is that good risk management is cross-functional. If
engineers dominate product development, one might consider letting engineering run project risk
management. This is a mistake. If one assigns risk management to the engineering department
and engages only engineers to identify, analyse and plan for risks, they will place only
engineering risks on their list.


Many organisations have faced this issue regarding project management in general; that is, if they
place project management under engineering, they will not have truly cross-functional product
development. They have found various creative solutions for making project management cross-
functional in their organisations, depending on their culture and organisational structure (Smith &
Merritt 2002:186).


5.2.3.2 The project manager’s role in the project team

The project manager must make sure that the following roles are adhered to (Steyn et al.
2003:223). Each team member must understand:


− exactly what the project definition, objective and major deliverables are;
− exactly how and when his or her respective tasks on the project (as indicated on the WBS) are
    required;
− what quality standards are expected to make the project a success;
− that each team member has the necessary tools, documentation and/or specifications available
    that they might require to perform their tasks; and
− that the team will work together as a team.




Managing project success through project risk management                                       5-69
MBOKANE SE             IT project risk management in the financial sector:
2005                                 an exploratory study


The project manager should make sure that the project staff is satisfied about all the aspects to be
performed and achieved to accomplish something that none of the individuals could have
accomplished on their own. Organisations rely more on project teams and task forces.


5.2.3.3 The successful IT project manager


According to Lientz & Rea (2001:91), there are certain success factors that an IT project manager
should know to ensure a successful project.


-   Continue to learn and grow technically with the project. Many project managers let their
    technical knowledge and skills become obsolete.
-   Be in frequent informal communication with line managers and upward management. This
    includes not only addressing problems and opportunities, but also communicating interesting
    project stories and project status.
-   Know what is going on in the project at all times. This includes what people are working on,
    what issues are active, the status of the project and upcoming milestones. Be prepared to
    answer almost any question at a moment’s notice.
-   Work with team members individually. Although team communication and work are very
    important, much of the system work is individual. Take care to keep in touch with each
    person as an individual.
-   Use the team to identify issues. Perform much of the analysis of issues yourself. Allowing
    team members to suggest issues that can lead to problems or opportunities gives them a larger
    role in the project. It adds to their commitment. On the other hand, project managers must be
    very careful about delegating issues to team members. They may have too narrow a
    perspective and lack organisation and political knowledge
-   Across all projects, managing projects is and has always been political. Remember that
    projects typically mean change. Change can be disruptive and threatening. Groups and
    departments may fight for resources




Managing project success through project risk management                                       5-70
MBOKANE SE            IT project risk management in the financial sector:
2005                                an exploratory study


According to Cleland (1999:382), the successful project manager should:


-   Understand the technology involved in the project.
-   Have that blend of interpersonal skills to build the project team and to work with the team and
    other project stakeholders so that there is a culture of loyalty, commitment, respect,
    dedication and trust.
-   Have the ability to see the systems context and strategic context of the project.


Project managers should have the three vital skills: decision-making, negotiation and
communication (Knipe & Van der Waldt 1998:44). The study acknowledges that communication
still comes out being one of the vital weapons in project risk management.


In summary, the study has established that the successful project manager should continue to
grow in technical knowledge and understand the technology involved in the project. Project
managers should make sure that the project team members have clear roles and responsibilities
that are interdependent. The project manager should ensure that he/she has full knowledge of
what is going on in the project.


Project managers have to motivate their teams for better performance.




Managing project success through project risk management                                      5-71
MBOKANE SE            IT project risk management in the financial sector:
2005                                an exploratory study


5.2.3.4 Motivation models and techniques for an IT project manager to the project team

Table 5.1: Thayer’s motivation models and techniques for project managers to understand their
teams
Motivation model       Definition/explanation
Frederick Taylor      Workers will respond to an incentive wage.
Elton Mayo            Interpersonal (group) values override individual values. Personnel will
                      respond to group pressure.
Kurt Lewin            Group forces can overcome the interest of an individual.
Douglas               Managers must understand the nature of people in order to be able to
McGregory             motive them.
Abram Maslow          Human needs can be categorised in a hierarchy. Satisfied needs are not
                      motivators.
Frederick             An increase in environmental factors is dissatisfying. A decrease in job
Herzberg              content factors is not dissatisfying; an increase in job content is satisfying.
Chris Argyris         The greater the disparity between company needs and individual needs, the
                      greater the dissatisfaction of the employee.
Rensis Likert         Participative management is essential to personal motivation.
Arch Patton           Executives are motivated by the challenge of work, status, the urge to
                      achieve leadership, the lash of competition, fear and money.
Theory Z              A combination of American and Japanese management style. People need
                      goals and objectives, otherwise they can easily impede their own progress
                      and the progress of the company.
Total Quality         A strategy for continually improving performance at each level and area of
Management            responsibility.
                                                                               Thayer at al. 2000 :91

These motivation models by different authors bring a combination of definitions that explain the
importance of the work force in the project. The project has to be motivated for the benefit of the
project.

The project manager can motivate the project team and must ensure that the project team is
effective.

5.2.3.5 The effective and efficient IT project team

A fairly simple, but effective, team-building technique involves setting aside a day or two, away
from worksite if possible, to enhance communication among team members (Faerman et al.
2003:70).



Managing project success through project risk management                                        5-72
MBOKANE SE             IT project risk management in the financial sector:
2005                                 an exploratory study


To be successful, however, a project needs more than only project teams, it needs teamwork. An
effective group is one that achieves both high levels of task accomplishment and good human
resource maintenance or relationships. That is, they maintain a positive working relationship with
one another. They are conscious of time, cost and quality in their application of roles and
responsibilities.


According to Steyn et al (2003: 227), an effective IT project team has certain characteristics that
can be used to measure the effectiveness and efficiency of any project team:

-   a clear understanding of the project definition and objective;
-   a clear understanding of each person’s role and responsibilities;
-   a result orientation;
-   a high degree of cooperation and collaboration;
-   a high level of trust; and
-   a high level of enthusiasm and motivation.

In summary, the effective team needs teamwork, trust, motivation, good communication and be
conscious of time, cost and quality.


5.2.4 The contribution of the risk management programme plan to project success

The risk management programme plan should describe risk identification, risk analysis and risk
handling. The plan should describe the role of risk assessment in design reviews, technical
performance monitoring and change control processes. It should describe the methods of risk
reduction, monitoring and handling to be used for each assessed risk (Thayer et al. 2000:201).


The risk management programme plan should require a separate risk handling plan to be prepared
for each high-risk item, identify the timing for its development, and cite originator and review
responsibilities. The plan should also require a risk reduction report to be prepared for each item,
classified as medium or high risk. The risk management plan should contain the following for
each accepted risk (Thayer et al. 2000:201):



Managing project success through project risk management                                       5-73
MBOKANE SE             IT project risk management in the financial sector:
2005                                 an exploratory study


-   statement and assessment of the risk factor;
-   probability of the risk becoming a problem;
-   consequences and/or cost of the problem;
-   alternatives considered with risk, cost and schedule of each;
-   recommended risk reduction/abatement method;
-   impact statement for implementation (cost/schedule/technical);
-   responsible organisation and personnel;
-   risk indicator metrics to be tracked;
-   criteria for closure of the problem (should it occur);
-   reviews and decision points; and
-   recommended backup developments and tests including cost and schedule.


The purpose of risk management planning is simply to focus organised, purposeful thought on the
subject of eliminating, minimising or containing the effects of undesired events.


5.2.5 Principles of monitoring and controlling IT projects


Project managers should follow the principles of monitoring and controlling IT project as these
two aspects are critical to the success of the project. According to Richman (2002:57), the
following principles should be followed:


-   Establish a formal process to control changes in the project. Revise project plans as needed to
    keep them realistic and accurate, but only allow them to be revised by those who are
    authorised to do so.
-   Do not micro-manage the project. Let functional managers and line supervisors develop for
    their own use a set of sub-activities, cost plans and detailed checklists to help them
    accomplish their activities.
-   Elevate problems to the lowest level of management that can make the decision and take
    action. Never present a problem without a recommended solution or two.
-   Be sure that schedule progress, cost expenditures and scope performance are calculated and
    reported using methods consistent with the way the plan was established.


Managing project success through project risk management                                      5-74
MBOKANE SE            IT project risk management in the financial sector:
2005                                an exploratory study


-   If they manage several projects at once, project managers may wish to rank them to handle
    regular-schedule projects differently from fast-track-schedule projects.


In summary, these principles assist project managers to identify new risks early and also to
elevate problems to the lowest level of management. It is also advisable for project managers to
have solutions to recommend whenever they present a new problem.


5.2.6 A solution development summary for successful project risk management

The risk, as identified and assessed, must now be responded to. This will involve alternative
strategies that are determined and documented, contingency planning, having substitute plans in
place for all the “what if” scenarios and also insurance.


Alternative strategies and contingency plans must be analysed in order to have the best
plan/strategy forming the basis of risk management plan. This is done by again using decision-
making tools and techniques as mentioned, determining the possible/most probable outcome of
each alternative. The best alternatives are then listed in the risk management plan (Oosthuizen
1995:36).


Contingency plans increase the chance of the project being completed on time and within budget.
Use of contingency reserves should be closely monitored, controlled and reviewed throughout the
project life cycle (Gray & Larson 2000:57).


5.2.7 The project manager’s checklist for risk management


According to Heerkens (2002:156), project managers should use the following checklist to guide
them and also to have a clear understanding of project risk management. The following are
factors that should be on the checklist:


-   Do not let a “can do” attitude inhibit your ability to understand that bad things can happen to
    your project. If you do not manage risk it will manage you.


Managing project success through project risk management                                       5-75
MBOKANE SE                IT project risk management in the financial sector:
2005                                    an exploratory study


-   In the world of project management, risk is directly related to uncertainty and the extent to
    which you can predict a specific or understand the nature of a given situation.
-   The focus of your risk management efforts should be on addressing the “down-side” effects
    of risk or threats.
-   Perform risk management analyses with the entire team. It represents an excellent team-
    building opportunity.
-   Not all risk can be eliminated. Project managers should acknowledge or accommodate the
    existence of risk.
-   Strongly consider the use of commercially available software for cost and schedule
    estimating. It is a powerful, easy-to-use tool.


Project managers should manage risk and not the opposite. They have to ensure that when the
analysis is being done, the whole project team is involved. It is a fact that not all risk can be
eliminated, therefore project managers should accept this fact.


5.2.8 The project manager’s review checklist for reviewing project risk


According to Young (2002:147), a checklist is necessary for the review of project risks because it
eliminates the risks that have been solved, reduced and accepted. Thereafter it ranks the new risks
accordingly.


The steps in risk review are:


-   Check if any risks are no longer valid. Remove the ranking completely, but leave the risk on
    the list for future reference.
-   Use the risk ranking matrix to verify the rankings of all risks on the list. Raise or lower the
    rankings by consensus agreement of the team.
-   Prepare risk management forms for any risks revised to “high” ranking.
-   List any new risks identified from current work and new work plan ranking.
-   Use a risk ranking matrix to rank new risks.
-   Prepare action plans for any risks ranked as “unacceptable”.

Managing project success through project risk management                                         5-76
MBOKANE SE             IT project risk management in the financial sector:
2005                                 an exploratory study


-   Implement the action plans promptly.
-   Prepare risk management forms for new “high” risks.
-   Ensure that everyone knows the triggers that signal high risks becoming issues.
-   Confirm or allocate responsibility for managing the risks on the list.
-   Update the project risk log and distribute them to key stakeholders and the team.


These review checklists deals with risk ranking and the risk documentation involved to ensure
that risks are valid and ranked accordingly.


Project risk management has benefits for the financial sector only if the project manager has
followed the guidelines and techniques for the success of the project.


5.2.9 Benefits of using project risk management

The following benefits through IT can help financial institutions to be competitive:


    -   reduced maintenance costs;
    -   ability to hire new staff;
    -   reduced reliance on critical staff with old architecture;
    -   flexibility in placing software and data;
    -   improved security;
    -   improved management and troubleshooting;
    -   ability to implement client-server and intranet systems; and
    -   improved productivity with new methods and tools.


In summary, the organisation could have improved security, management and productivity. There
would also be reduced maintenance costs and reduced reliance on critical staff.




Managing project success through project risk management                                5-77
MBOKANE SE               IT project risk management in the financial sector:
2005                                   an exploratory study


Business units can benefit and also be competitive through IT because they will have:


    -      access to new functions;
    -      access to new software packages;
    -      benefits from new developments;
    -      increased sharing of information;
    -      improved productivity of staff;
    -      increased computer utilisation; and
    -      support for reengineering and process improvement.


In summary, business units will have access to improved technology or software and will have
improved technology functions.


This chapter looks beyond project risk management guidelines to avoid project failure and
examines the factors that contribute to the success of IT project success.


5.2.10 Avoiding project failure beyond project risk management guidelines


Gardner (2000:1) published a journal that includes the following guidelines to avoid IT project
failure.

Accept the fact that software is nothing more than a tool. Just as a hammer does not guarantee
that nails can be driven into wood with great precision, IT does not guarantee that operating
efficiency will improve. Each department that uses the system must learn how to “drive” the
application project properly. Each department must make decisions about how to use and
maintain IT.

IT is the servant; the client is the master. Beware if it seems that IT has become (or is becoming)
the master and the client has become the servant of IT.




Managing project success through project risk management                                      5-78
MBOKANE SE              IT project risk management in the financial sector:
2005                                  an exploratory study


Understand that the "best" software is not necessarily what is best for each business. “Best” is a
relative term. What is “best” for one financial institution may be technologically inappropriate for
another. Acquiring a sophisticated application simply because another firm in the financial sector
has done so can be a prescription for disaster. Acquiring an application “that a company can grow
into” can also be problematic.

Many companies undermine their investment by failing to identify their business and application
needs. If you do not know where you are going, any road will get you there.

Comparing “features and functions” with competing software vendors prior to understanding or
defining how you want to run your business contributes to many project failures. Clients often
depend on software vendors whom they assume fully understand their business needs.

The greater the number of features and functions, the greater the perception that the software
                                     s
vendor has a firm grasp of the client' problems. Quite the opposite can be true. Though the
software vendor would have you believe otherwise, do not assume that the software vendor has a
profound understanding of your actual business needs.

Consider the company culture and likelihood that the team will be able to absorb and embrace
the technology. Imagine the difference in complexity between the cockpit in a Piper Cub and a
Boeing 747 aircraft. While both are airplanes, the similarity quickly ends. The levels of
sophistication, training and aptitude required to successfully fly the two aircraft are at opposite
ends of the spectrum.

The same can be true of two different applications that essentially do the same thing. Acquiring a
“state-of-the-art” application can easily overwhelm one’s staff with its complexity. It is important
in any decision to take into account the experience and comfort level of the people who will have
to manage the application on a day-to-day basis.

Sell the project to the troops, not just to senior management. The decision-makers generally are
not the people who have to use the system day in and day out. Too many applications have been
deployed in situations where the troops hate the application as it does little or nothing to help
with their actual business needs. This result is normally chalked up to “resistance to change”.


Managing project success through project risk management                                          5-79
MBOKANE SE                IT project risk management in the financial sector:
2005                                    an exploratory study



It is important to look beyond presentations and speak to the people in the business units. Find
out what they need. Do not assume you know what is best for them.

Inadequate budgeting for training and conversion from existing application environments. When
a company rolls out a new application, there is only one opportunity to make a first impression.
        s
The user' initial impressions will be very difficult to change. If inadequate training and support
budget is available, the users will never embrace the new technology.

During training, it is important to properly set expectations about problems the users will
encounter such as performance problems, known bugs, application enhancements being made. If
you try to conceal defects, the users will have little faith in your appreciation of their needs.

An easy way to reduce risk is to have less ambitious goals. After evaluating risks, one can choose
a path of risk avoidance or risk mitigation and management. If one understands the risks in a
project, one can decide which risks are acceptable and take action to mitigate or forestall those
risks. If one’s project risk assessment determines that risks are excessive, one may want to
consider restructuring the project to within acceptable levels of risk.

Risks that do not offer the potential for gain (profit?) should be avoided. Risks associated with
achieving challenging and worthwhile goals should be managed. One way to reduce risk is to
gather information about relevant issues to lower the level of uncertainty. Then one can look for
ways to reduce the probability of failure or reduce their consequences.

The known unknowns are more likely to be project risks than the unknown unknowns. This means
you should trust your instincts and pay attention to what seems risky to you. It is more likely you
will have problems from known risk areas than be surprised by things completely unforeseen.


In summary, project managers are warned that IT on its own is not the solution, but a tool to
assist in the solution.




Managing project success through project risk management                                            5-80
MBOKANE SE            IT project risk management in the financial sector:
2005                                an exploratory study


5.3 CLOSURE

In this chapter it was found that there are certain factors that can influence project success. These
factors are:


-   The 17 project risk management steps to success.
-   Software tools that contribute to project success.
-   Characteristics of a successful project manager and a successful project team.
-   Risk management programme plans can contribute to success.


After the projects have been successfully completed, there are also more benefits for the
organisation and its business units.


The next chapter concludes the study by providing a briefing on the successful implementation of
project risk management in IT.




Managing project success through project risk management                                        5-81

								
To top