L9 Flashcards
There are 3 main risk categories that make it easier to bundle together, what are they?
- common cause (HR, vendors, tech, etc)
- business area (strategy change, market risk)
- technical area (design, production..)
What are the 5 further risk categories?
- Scope risks (scope creep, ill-defined scope, new legal req.)
- Schedule risks (task delays, estimation errors)
- Resource risks (cost est. errors, funding changes, team lacking skills)
- Tech risks (tech failures/feasibility)
- Commercial risks (ROI est. errors)
What is the name of the risk assessment?
Failure Mode and Effect Analysis (FMEA)
What is the goal of FMEA?
- risk prioritisation, power/interest map
- adapt strategy
What are the steps in FMEA?
- List all ways a project can fail
- Evaluate severity S
- Estimate likelihood L
- Estimate the inability to detect D
- Calculate risk priority number
- Consider ways to reduce S,L,D for each cause of failure
How do you calculate the risk priority number? RPN
RPN = S * L * D
Who does the FMEA?
You can do it internally or outsource
What is an alternative to FMEA?
A risk matrix.
Just looking at impact vs probability.
Low/med/high
What’s the simplest risk assessment method?
Traffic lights - high/med/low risk
High = formal risk mitigation plan
Med = careful monitoring
Low = ignore
When would we use a quantitative risk analysis?
For top priority risks
What are quantitative risk analysis methods?
- field/lab experiment
- probability/statistical analysis
- Monte Carlo simulation
- scenario analysis
What are the 6 risk mitigation techniques?
- Escalate the risk
- Avoid the risk
- Accept the risk
- Share the risk
- Limit the risk
- Transfer the risk
How do you escalate the risk?
Involve the project sponsor or client and make a change in strategy
How do you avoid the risk ?
Abandon possible causes: reliable sources
Choose projects based on risk profile
How do you accept the risk?
Understand that time/cost/scope could be compromised somewhat
For low priority risks
