The Common Sources of Project Risk

The first key to managing risk on your project is to know where to look for it. The good news is that 80% or more of all risks originate from the same sources on every project. Once you know the project characteristics that contribute to higher risk levels and the common sources of most project risks, you can quickly and effectively identify risk factors for any project. These factors should be first evaluated during project definition and will be the main reason why several iterations of planning are often necessary. In Table 14.3, most of the key project risk factors are listed to better guide your risk identification activities. You will note that many of these are emphasis points for project definition and detail project planning.

Table 14.3. Common Sources of Risk

Risk Source Category

Examples/Factors

Project size and complexity

Effort hours

Calendar time

Estimated budget

Team size (number of resources)

Number of sites

Number of business units

Number of system interfaces

Number of dependencies on other projects

Number of dependencies on other systems

Degree of business change

Requirements

Volatile requirements

Unrealistic or aggressive performance standards

Complex requirements

Change Impact

Replacement or new system

Impact on business policies

Impact on business processes

Impact on organizational structure

Impact on system operations

Organization

Changes to project objectives

Lack of priorities

Lack of project management "buy-in" and support

Inadequate project funding

Misallocation and mismanagement of resources

Sponsorship

Lack of strong executive commitment

Lack of clear ownership

Loss of political support

Stakeholder involvement

All key stakeholders not identified

Missing "buy-in" from a key stakeholder

Stakeholder needs not completely identified

Key stakeholders not fully engaged

Schedule

Estimate assumptions are not holding true

Schedule contingency is not adequate

Funding

Reduction in available capital

Cash flow issues

Inflation or exchange rate factors

Facilities

Adequate for team productivity requirements

Adequate for project security requirements

Team

Full-time or part-time roles

Location of team members

Can't find desired resources

Lack of experience

Lack of business knowledge

Lack of skills

Lack of commitment

Personal issues

Lack of prior experience working together

Technology

Missing technical data

Use of unproven technology

Use of non-standard technology

Development approach

Level of complexity

Vendors and Suppliers

Contract types

Risk-reward elements

Procurement process

Experience with vendor/supplier

External factors

Changing weather conditions

Changes in legal and regulatory environment

Approvals from governmental agencies

Political changes

Business factors

Time-to-market

Mergers and acquisitions

Economic events

Market conditions

Assumptions and Constraints

May create schedule, costs, resource, or quality risks

Project management

Lack of experience

Poor leadership

Poor communications

Lack of contingency plans

Inadequate risk management

caution

As the project size and complexity increases (see size and complexity factors in Table 14.3), the level of risk can increase exponentially.

While most sources of risk are inherent attributes of project initiatives or are outside the project manager's control (as the preceding table summarized), there is another common source of project risks that is generally self-inflicted. These are the project risks we create by not performing adequate project definition or detail project planning. For a complete listing and explanation of those factors, you can review Part II of this book. For a quick review, many of the key factors are listed in Table 14.4. Please note that some risk source categories are listed again in this table. This is intentional. In some areas, there are universal, inherent factors that contribute to project risk, and there are other risk factors that are introduced due to inadequate project planning. One example is the project schedule. Estimate assumptions not holding true and inadequate contingency buffer are inherent risks on any project. However, a poorly developed schedule is self-inflicted and a result of project planning deficiencies. Yet, it can be as devastating to your project critical success factors as anything.

caution

Unidentified or unacknowledged project planning defects are the most popular source of unknown risks.

Table 14.4. Common Project Planning Sources of Risk

Risk Source Category

Examples/Factors

Project management

Improperly defined project deliverables;

Incomplete planning;

Improper procedures;

Not defining clear roles and responsibilities;

Lack of contingency plans;

Inadequate risk management;

Inadequate attention to the right details;

Inadequate resource staffing

Project Definition

Unrealistic objectives;

Inconsistent objectives;

Incomplete scope definition;

Inconsistent scope definition;

Improperly defined project deliverables

WBS (and Project Schedule)

Not reviewed and approved by stakeholders;

Missing tasks;

Lack of team understanding;

Missing project management activities;

External dependencies not identified and understood

Project Schedule

Missing task dependencies;

Tasks not clearly assigned;

Resources over-allocated;

Calendar realities not factored;

Inadequate contingency or reserve

Project budget

Poorly developed cost estimates;

Missing cost sources;

Inadequate contingency or reserve

Requirements

Incomplete requirements;

Poorly defined requirements

Assumptions and Constraints

Not completely defined

Technically, these factors are actually planning defects. They only become project risks if they are not corrected before planning is complete.

Категории