One of the roles of the Project Manager is to identify risks to the project and create a Risk Register. Once the risks have been identified their responsibility is then to work on strategies for managing those risks downwards or out of their project. Below I present 5 key risk management strategies.
- Prevention: by termination of the risk: by doing things differently and thus removing the risk, where it is feasible to do so. Countermeasures are put in place that either stop the threat or problem from occurring or prevent it having any impact on the project or business. For example if you need to relocate a network server you may identify that there is a high risk of disk failure or some other form of hardware failure while the server is in transit. You may decide to prevent this risk by avoiding the move entirely – this could be done by taking a backup on the existing server and restoring it onto a brand new server at the new location. A process that can be easily rehearsed and perfected ahead of the final move.
- Reduction: Treat the risk – take action to control it in some way whether the actions either reduce the likelihood of the risk developing or limit the impact on the project to acceptable levels. To continue the above example, when relocating many servers to a new office you could reduce the risk by moving the servers one at a time.
- Transference: This is a specialist form of risk reduction where the management of a risk is passed to a third party via, for instance, an insurance policy or penalty clause, such that the impact of the risk is no longer an issue for the health of the project. Not a lll risks can be transferred in this way. Continuing the above example again, when moving servers you might decide that contracting the work out to a firm who specialise in this type of work would be a good idea. This would transfer the risk to a specialist but also likely reduce the risk by using people who carry out this type of work all the time and who therefore know the potential problems that may occur and ways of avoiding them.
- Acceptance: Tolerate the risk – perhaps because nothing can be done at a reasonable cost to mitigate it or the likelihood and impact of the risk occurring are at an acceptable level. Bad Weather is a good example of a risk you may decide to accept. For example some outside events can be ruined by bad weather. While it may be possible to take out insurance against this the cost of doing so may be too high to be considered worth while.
- Contingency: These are actions planned and organised to come into force as and when the risk occurs. For example if it rains the concert will be held in the village hall instead of on the green.
If you have alternative ways of managing risks in projects then I’d love to hear from you. In a future blog I’ll look at the best way to present a risk register and communicate how you are managing risks in your project.