© mahindra satyam 2009 risk management qms training

© Mahindra Satyam 2009

Risk Management

QMS Training

2

© Mahindra Satyam 2009 Mahindra Satyam Confidential

Objective

To identify, analyze ,mitigate, handle and continuously monitor the risks in the project

3


Process

Prepare Risk Management Plan

Identification and Analysis of Risks

Plan for Risk Response Action

Implement and Analyze Risk Response Actions

Monitor and Control Risks

Revisit risks

Risk Management at Organization Level

Review Risk Management Plan

4


Prepare Risk Management Plan

The Risk Management Plan prepared during project planning is documented

at the stages of Contract Review ,Project Planning and Project Execution

and is available as a separate template.

5



A set of possible risks for the project are to be identified under standard risk

categories.

The inputs for identification are:

Guidelines for Risk Identification

Standard Risks (worksheet in template)

Standard Risk Categories

Check list for development projects( worksheet in template)

6



The risks that are identified have to be analyzed for the impact of the risk on the

project and also for the probability of its occurrence to arrive at risk criticality on the

scale of 5.

Inputs for analysis are

Instructions work sheet in template

– Impact-Probability Table

– Risk Impact categorization work sheet in template

– Risk rating table

7



For all the identified risks, need to choose type of action plan.

Risk Avoidance

Risk Transfer

Risk Mitigation

Risk Acceptance

Need to identify person responsible for implementing action plans

8



Need to identify target date by which action plan should be implemented.

For all the risks with criticality greater than or equal to 4 , should be ready

with the risk handling plan too.

Inputs for risk response planning are

– Guidelines for risk response planning.

9


Review Risk Management Plan

Once the risks are identified, analyzed and risk response action is planned ,

the risk management plan needs to be reviewed and approved by project

manager and if possible by customer too so as to ensure the completeness

and correctness of the plan.

10


Implement and Analyze Risk Response Actions

The response actions identified are implemented for all the identified

risks.

Update the risk management plan with actual actions taken.

Recalculate the residual impact and probability to arrive at residual risk

criticality.

If greater than cut off , need to re-plan the response action to bring it

down to acceptable limits.

11


Monitor and Control Risks

The project will be monitored for the symptoms of occurrences of

any of the risks that are already identified

new risks

The potential risks and the risk response action plans will be discussed in the

Project review meetings and reported thru PMI/QMR

QRs to conduct risk audits during PPMs to check the compliance with the risk

management plan and also in identifying/reporting the risk , if there is a lack of

project process compliance.

Risk management plan may have to be revised based on these inputs.

12


Revisit Risks

Whenever, risks occur in the project or new risks are identified during project

execution

it is updated in the risk management plan

the project plan and/or the project schedule is to be revised, if necessary

Whenever the project plan is modified, the risks are to be re-assessed and

the Risk Management Plan is to be revised, if required

13


Risk Management at Organization Level

PMG analyzes the risk reports of projects to identify most common causes of risks

PMG to maintain list of standard risks contributed by projects.

To mitigate these risks Organization level risk mitigation actions will be taken

These common risks and their mitigation plans will be documented in the

organization Risk Management Plan

Organization level risk analysis and revision of Organization level Risk

Management Plan will be done every six months

© mahindra satyam 2009 risk management qms training

Documents