© mahindra satyam 2009 risk management qms training
TRANSCRIPT
© Mahindra Satyam 2009
Risk Management
QMS Training
2
© Mahindra Satyam 2009 Mahindra Satyam Confidential
Objective
To identify, analyze ,mitigate, handle and continuously monitor the risks in the project
3
© Mahindra Satyam 2009 Mahindra Satyam Confidential
Process
Prepare Risk Management Plan
Identification and Analysis of Risks
Plan for Risk Response Action
Implement and Analyze Risk Response Actions
Monitor and Control Risks
Revisit risks
Risk Management at Organization Level
Review Risk Management Plan
4
© Mahindra Satyam 2009 Mahindra Satyam Confidential
Prepare Risk Management Plan
The Risk Management Plan prepared during project planning is documented
at the stages of Contract Review ,Project Planning and Project Execution
and is available as a separate template.
5
© Mahindra Satyam 2009 Mahindra Satyam Confidential
Identification and Analysis of Risks
A set of possible risks for the project are to be identified under standard risk
categories.
The inputs for identification are:
Guidelines for Risk Identification
Standard Risks (worksheet in template)
Standard Risk Categories
Check list for development projects( worksheet in template)
6
© Mahindra Satyam 2009 Mahindra Satyam Confidential
Identification and Analysis of Risks
The risks that are identified have to be analyzed for the impact of the risk on the
project and also for the probability of its occurrence to arrive at risk criticality on the
scale of 5.
Inputs for analysis are
Instructions work sheet in template
– Impact-Probability Table
– Risk Impact categorization work sheet in template
– Risk rating table
7
© Mahindra Satyam 2009 Mahindra Satyam Confidential
Plan for Risk Response Action
For all the identified risks, need to choose type of action plan.
Risk Avoidance
Risk Transfer
Risk Mitigation
Risk Acceptance
Need to identify person responsible for implementing action plans
8
© Mahindra Satyam 2009 Mahindra Satyam Confidential
Plan for Risk Response Action
Need to identify target date by which action plan should be implemented.
For all the risks with criticality greater than or equal to 4 , should be ready
with the risk handling plan too.
Inputs for risk response planning are
– Guidelines for risk response planning.
9
© Mahindra Satyam 2009 Mahindra Satyam Confidential
Review Risk Management Plan
Once the risks are identified, analyzed and risk response action is planned ,
the risk management plan needs to be reviewed and approved by project
manager and if possible by customer too so as to ensure the completeness
and correctness of the plan.
10
© Mahindra Satyam 2009 Mahindra Satyam Confidential
Implement and Analyze Risk Response Actions
The response actions identified are implemented for all the identified
risks.
Update the risk management plan with actual actions taken.
Recalculate the residual impact and probability to arrive at residual risk
criticality.
If greater than cut off , need to re-plan the response action to bring it
down to acceptable limits.
11
© Mahindra Satyam 2009 Mahindra Satyam Confidential
Monitor and Control Risks
The project will be monitored for the symptoms of occurrences of
any of the risks that are already identified
new risks
The potential risks and the risk response action plans will be discussed in the
Project review meetings and reported thru PMI/QMR
QRs to conduct risk audits during PPMs to check the compliance with the risk
management plan and also in identifying/reporting the risk , if there is a lack of
project process compliance.
Risk management plan may have to be revised based on these inputs.
12
© Mahindra Satyam 2009 Mahindra Satyam Confidential
Revisit Risks
Whenever, risks occur in the project or new risks are identified during project
execution
it is updated in the risk management plan
the project plan and/or the project schedule is to be revised, if necessary
Whenever the project plan is modified, the risks are to be re-assessed and
the Risk Management Plan is to be revised, if required
13
© Mahindra Satyam 2009 Mahindra Satyam Confidential
Risk Management at Organization Level
PMG analyzes the risk reports of projects to identify most common causes of risks
PMG to maintain list of standard risks contributed by projects.
To mitigate these risks Organization level risk mitigation actions will be taken
These common risks and their mitigation plans will be documented in the
organization Risk Management Plan
Organization level risk analysis and revision of Organization level Risk
Management Plan will be done every six months