Escolar Documentos
Profissional Documentos
Cultura Documentos
(102)
What is Risk Management What is Integrated Risk Management Barriers to achieving integration Summary
Risks
to the execution of Federal programs that provide security and civil services
y Financial, Market, Investment, Credit y Health y Environmental y Business Compliance y Safety y Project (Types of Project) y Security (Cyber, Physical) y Mission Assurance
Supports Decision Analysis Portfolio Management Resource Allocation
Establishes five core stages for project risk management: Planning, Identification, Analysis, Response, Monitor and Control. Standard practices and processes for OUSD AT&L programs. Generally augmented by Defense Acquisition University (DAU) practices. Requires risk-adjusted cost data be part of investment decisions and standard risk rating methodologies be applied to capital planning projects. Establishes standards for DoD and Intel Community Milestone Decision Authority Programs. Requires risk management information for Key Decision Points Establishes standards for creation of DoD program Work Breakdown Structures (WBS) in order to identify program risks at lowest program level. Establishes strategies and structures for implementing management controls, which include the processes for planning, organizing, directing, and controlling program operations
Risk is a measure of future uncertainties in achieving program performance goals and objectives within defined cost, schedule, and performance constraints. y ...an uncertain event or condition that, if it occurs, has a positive or negative effect on a project objective.
y
and practices to the tasks of identifying, assessing, responding to, and monitoring risk y A structured, iterative process with defined scope and objectives y Proactive and anticipatory y Objective is to decrease the probability and/or impact of negative events OR increase the probability and/or impact of positive events
What is Risk Management What is Integrated Risk Management Barriers to achieving integration Summary
PMs should ensure their integrated risk management process includes all disciplines required to support the life cycle of their system (e.g., systems safety, logistics, systems engineering, producibility, in-service support, contracts, test, earned value management, finance).
systematic process to understand, manage and communicate risk from an organization-wide perspective. It is about making strategic decisions that contribute to the achievement of an organization's overall corporate objectives. into a functioning or unified whole
Program Performance Combines previously disparate program analysis and execution into an actionable framework for the program manager Requires dialog and collaboration between engineering, scheduling and management groups Creates a total risk profile for programs to fully assess potential delays to delivery and increases in cost Program Investment Provides a framework to develop detailed plans for risk mitigation and identify associated costs Tracks progress of investment against specific mitigation activities Assists decision makers in prioritizing investment dollars against high impact risks and effects
Program Oversight Responds to government policy guidance and industry best practices in risk management Provides auditable trail of risks, cost changes and schedule progress for industry and government clients Creates transparency in developing program budget and reserve requirements when used prior to program start date
Characteristics
A clear and consistent Risk Management champion Requirements supported by leadership and stakeholders A close partnership with users and stakeholders Mature risk management processes Established thresholds and criteria for proactively implementing defined risk mitigation plans Resourced risk mitigation plans Periodic risk assessments Integrated data environments that maximize participation
Successful Approaches
A documented and mature risk
management process
Quantitative assessments of risk impacts estimated against cost and schedule baselines Defined risk filtration criteria Risk reduction at the lowest level of the organization A defined set of risk consequence definitions for performance, schedule, and cost Structured approached for communicating risk across multiple programs/organizational levels
What is Risk Management What is Integrated Risk Management What are the Barriers Summary
Barriers
Lack of a clear and consistent Risk Management champion Unclear or non-existent Decision rights Silos of analyses and reporting of different risk types Maturity Technology, governance, process and people Communication internal and external to the program/organization Culture (How does the organization operate?) Perception of a risk manager and roles/responsibilities Every PM wants to do it their way Organizational barriers regarding focal point of risk management
The underlying mechanics of how and by whom decisions are truly made in an organization
Clear Decision Rights Result in Clear decision-making authority results in effective and efficient decisionmaking Places decision rights with those with the knowledge and information to make the best decision Reduces the risk of poor decisions Reduces inefficient second-guessing
Unclear Decision Rights Causes Unclear decision-making authority results in senior management involvement in too many issues while lack of empowerment at the front-line can result in poor customer service and reduced employee satisfaction
Risk Analysis
Program Manager
Cost Analysis
Schedule Analysis
Decision
RISKS
- How does a risk to one program affect the delivery of other related programs? - Which external stakeholders have the ability to influence the success of one or more programs? - How can a successful risk mitigation strategy for one program be leveraged by other programs?
Enterprise Level
Program Level
- Is the project on track to meet or exceed its threshold requirements? - How do current risk levels impact the ability to meet critical schedule milestones? - Which design solution provides the optimal balance between capital and operating costs?
Project Level
- What are the technical performance risks associated with delivering a given requirement or capability? - How will assembly, integration, and test schedules be impacted by a given risk event? - What are the cost impacts of delays in subcontractor deliveries?
Subproject Level
Risks ultimately should be filtered to the lowest level possible for ownership and mitigation
y What is Risk Management y What is Integrated Risk Management y What are the Barriers y Summary
Questions
What are most vulnerable areas of the business/organization/acquisition/program/project/capability and what are the key risks that these areas face? Is there a systematic and comprehensive approach for identifying and assessing these risks and is it communicated? Is there a consistent and well defined approach to risk prioritization? Does the process add value to decision analysis or is it merely a reporting mechanism? Are decision rights aligned appropriately with risk tolerance?
Level of risk assessed can determine required level of decision-making within the organization
Demonstrate how resources will be saved or more efficiently applied Demonstrate how information will be more widely shared
Establish working group or other forum Gather feedback prior to go-live Promotes buy-in Sustains participation
COMMUNICATION
y Executive sponsorship does not use risk management as a blunt instrument y Management team must be informed and committed y Accurately size the risk management effort to the Project y Do not bury the risk management functions in the bowels of the