Thursday, September 20, 2012

Lecture 28 - Risk Management


Figure 1: Risk Management
In the long run, we get no more than we have been willing to risk giving.

As stated by Ibc (2012) "Risk management ensures that an organization identifies and understands the risks to which it is exposed. Risk management also guarantees that the organization creates and implements an effective plan to prevent losses or reduce the impact if a loss occurs.
A risk management plan includes strategies and techniques for recognizing and confronting these threats. Good risk management doesn’t have to be expensive or time consuming; it may be as uncomplicated as answering these three questions:
  1. What can go wrong?
  2. What will we do, both to prevent the harm from occurring and in response to the harm or loss?
  3. If something happens, how will we pay for it?"

Learning from class:

Lecturer started off the lecture by stating that anyone who doesn't like to take risk will work under person who willing to take risk. All the entrepreneurs are can be considered as risk takers. Since they took some kind of risk before been successful. Basically successful people up to some extent are risk takers.

What is a Risk?

Some activity that results positive outcome or negative outcome

Then lecturer stated that risk is a part of human endeavor and every major advance in human civilization, from the caveman’s invention of tools to gene therapy, has been made possible because someone was willing to take a risk and challenge the status quo basically to change from the current standards. Ex:- Shops normally open 9.00 am - 7.00 pm. If a shop open 24/7 which means it has gone beyond the status quo and someone has taken a risk.

Then lecturer noted what is Uncertainty and the ways of addressing a risk. According to him Uncertainty is peoples mind set of not sure about the outcome relating to an activity . 

4 Ways of addressing Risk,
  • Risk Detection/Identification - Identify the risk. Ex:- Smoke detectors for detect a fire
  • Risk Avoidance - Protecting from the risk up to certain extent or completely. Ex:- air bag, seat belt for human protection in accident
  • Risk Accepts - Consequence that result in minimal impact. Ex:- Tsunami - Cannot avoid the Tsunami because it is a natural disaster
  • Risk Reduction - Reduce the probability of risk occurrence,  reduce the impact of risk event 
And Uncertainty avoidance means precautions that take before any risk happen and its a standard to reduce uncertainty. As an example in certain cultures they want to alter these uncertainty as whole based on statistics in Germany there is a reasonable high uncertainty avoidance (65) compared to countries as Singapore (8) and neighboring country Denmark (23). Germans are not to keen on uncertainty, by planning everything carefully they try to avoid the uncertainty. In Germany there is a society that relies on rules, laws and regulations.        

Then lecturer moved the lecture into risk management concept align into projects.

Risk management is important because,
  • Projects are, by definition, risky enterprises
Project success relies on complication within the time frame and the budget when there are uncertain situations come across and if there are no measures placed it will  affect to the entire project timeline and the success. Anyway the projects meant to be risky since people trying to achieve a goal by catering to ever changing customer requirements/expectations. Because of that project are called risky business.
  • Implications of project ‘failure’
This happens mainly because of improper requirement identification. The other problem is unable to address project plan properly due to risks.
  • Use of estimates/assumptions
The budget and the time is realized based on estimation and forecast. These both variables are not accurate since it based on predicted calculation where it involves some uncertainty risk in it.


After stating above artifacts lecturer said Project Risk can be categorized in to two aspects. They are, 
  • Strategic Risk
Project Abandonment - Clients can close down the company. Because of that development company need to bare the cost. This can eliminate to some extent by out sourcing some components of the project to another company.

Massive over-run/over-spend - After failure it takes some time to recover from that in financially. Since it takes time to recover it will inquire new cost that takes over the budget.

Loss of client confidence/future business - System that provided will not satisfy customers expectation that results in restricting further business with the company.            
  • Operational Risk
Constant change/replanning/inefficiency - In the middle of the project new requirements need to be included (feature creep). This is a risk because need to change the entire project plan. The best way to handle this by negotiating with the customer.

Over-run/over-spend - Extending the time period and budget known to be an operational risk.

Low morale/unacceptable working conditions - Employees may dissatisfy with working environment and company policies.

Figure 2: Risk Continuum
Then lecturer driven the lecturer into Risk Continuum.
According to lecture as stated in the above Figure 2 dagram illustrated the spectrum of risks and its 3 stages of risk continuum.

Total Risk - No any clue about what the outcome is.

Uncertainty - Outcome may compromise with many consequences

No risk - Outcome can clearly define

After that lecturer stated about Risk Management Process.

Disaster recovery plan (DRP) helps companies for over come or reduce the negative impact from a disaster. After the huge  9/11 attack many organizations started implement DRPs for their companies.

Risk planning
               adopt risk management approach/policy
               identify  mechanisms to identify risk factors

Risk identification
               identify tasks
               predict effect on baseline plan

Risk analysis
                assess likelihood of specific risks 
                assess impact of specific risks

Risk response
                plan possible responses to risk occurrence
                develop contingency/fallback measures

Risk action
                implement risk reduction measures
                monitor risk factors

Process should be part of 'Project office'

The reason is project office consisted of experienced employees. As an example project manager. Project manager is a one who has more experience of risk an can well cater to risk that can rise in the process of a project.

Must be applied to each Project

                 individual objectives/features of project
                 ‘ownership’ of risks by project team members

Maintain a risk database
                       
               Include all the risks that face during projects. So in future project teams can go through and avoid the risks that can happen in the projects. Risk database include followings,

Identifier
keyed to task etc. on WBS by reference 
Title/description
of risk and to what task(s) it could apply
Potential impact(s)
in quantifiable terms (time/cost/quality) if possible
Risk owner
tracks/protects against risk
Risk actions
what actions planned
Action log
record of avoidance/reduction/acceptance actions taken

Link(s) to quality/monitoring process
                           
                Use milestones and ISO files in risk management and get the feedback to project plan.

And lecturer spoke about Procedures/Steps of Risk Identification 
    
  • Must be a precise definition - Need to be clear on what the risk is.
  • Must be capable of being measured - Able to measure the risk basically impact or the outcome of the risk.
  • Must have measurable impact - The impact can be measure to protect from it. 
Risk Identification
  • Must be a precise definition
  • Must be capable of being measured
  • Must have measurable impact
There are certain things to look in risk identification they are,

Weak commercial background
  • uncertain funding/justification
  • too much competition
Imprecise objectives/charter
  • uncertain objectives/deliverables/acceptance criteria
  • penalties for delay/under-performance
Unhelpful clients/users
  • too powerful client(s)
  • uninvolved/uncommitted client(s)
unfamiliar/innovative technology
external dependencies
all tasks on critical or near-critical paths!!!

What need to watch out in risk identification...
  • key member(s) of staff on many critical tasks
  • project manager(s) on critical path
  • ‘external’ dependencies without good contracts
  • responses which take to long to ‘ramp up’
  • unfounded assumptions about threshold resources
  • reliance on ‘silver bullets’ & ‘white knights’ 
After risk identification lecturer discussed about Silver Syndrome.

Silver syndrome occurs when the project team too much reliance on methodologies or technology and this too much of reliance of methodologies and technology leads to a risk. Because project team cannot fully depend on the methodology or technology to solve all the problems that identifies in the project.

Analyzing Risk
There are three types of question need to ask when analyzing a risk. They are,
  • Primary question
  • Secondary factor
  • Tertiary factor
Primary questions are the ones or aspects which depend on the successfulness of the project. Secondary and tertiary factors are which encounter from the primary question.

Risk Assessment
In risk assessment seek for the which have high probability of occurring and which have large impacts if those risk occur
These risk can be measured as followed.
-Probability of risk occurring
-Impact on project
-Urgency of the risk
To identify or measure risks project team can use risk assessment map. Below has showed the risk assessment map.

Figure 3: Risk Assessment Map
From above mentioned risk assessment map can identify which have more probability of risk occurring, which have high impact and which risk need to take urgent actions. As example risks that are categorized into high like hood of occurrence and larger probable scale of impact are the risks that need to take actions as soon as possible.

Risk Ownership
Risk owners are the ones who take responsibility of a particular risk.
Risk owners need to have,

  • Sufficient task knowledge/expertise- The knowledge to solve a particular risk because risks are vary from the situation that take place.
  • Necessary resources/time to monitor risk- Able to gather necessary resources in-order to solve the risk
  • Sufficient authority to carry out risk action- Need to have permission to solve the risk.
Risk owners responsible of ,
  • Contributing data to risk assessment exercise
  • Reporting status of risk
  • Preparing  responses & actions for risk
Risk Plan
  • In risk plan need to define the scope of the project and mention the risks that can be occur during the process of the project
  • Need to mention different types of actions if a risk took place in the project in-order to reduce the negative impact on the project
  • Deliverable of risk management in a descriptive way
  • Theses situations can arise in projects,
-Risks arise, are ‘managed’, monitored & ‘archived’
-Some predicted risks never arise & are ‘cancelled’
-Unpredictable risks arise, are assessed & added to plan
 

Reality of the Lecture:

From this lecture I understood how Risk Management helps project teams and companies to overcome successfully from the potential risks that they face. In Industrial level most of the risk that faces need to to be properly manage. For accomplish those tasks effectively in many companies there is a role for Risk Managers. Risk Managers specialized in the area of risks and try to reduce the negative impact that courses from those activities. When this apply to project dimensions risk need to be eliminated because project need to be completed within budget and a time frame. When more risk involves it go beyond those consequences and end up with a project failure. Where customer surely shift to another company to accommodate their requirements that result the project development company a total lost. If a problem comes during the project it affects to the whole process of the project. I understood that risk assessment map as very useful component in risk management as it helps to identify the risks that have high impact and the risks that need to take quick actions. I also understood the role of risk owner like what he need to do if risk occur in the project or how to avoid the risk and the responsibilities of the risk owner. In personal content this topic helped me to clearly identify various types of risk that can occur during my final year project and the consequences that I can take to overcome from those risk by clearly stating risk management techniques before the start of my first final year project milestone. 
 

References:

Ibc. (2012). Risk Management. [Online]. Available at: http://www.ibc.ca/en/Business_insurance/risk_management/ [Accessed 20th September 2012]

Monday, September 17, 2012

Lecture 27 - Project Plan

Figure 1: Project Plan

Everyone needs Milestones and Deadlines in Projects. Isn't it?


Project planning is a procedural step in project management, where required documentation is created to ensure successful project completion. Documentation includes all actions required to define, prepare, integrate and coordinate additional plans. The project plan clearly defines how the project is executed, monitored, controlled and closed.

Learning from class:

Lecturer stated off the lecture by stating project characteristics. According lecturer Project is consist of,
  • Clear Time Frame - Specification of start to end date
  • Clear budget - Availability of resource and acquired necessary resource
  • Overall goal - What are consequences try to achieve from the project basically objectives  

Then lecturer noted 4 phases in Project. They are,
  • Initiation Stage
  • Planing Stage
  • Controlling Stage
  • Concluding / Completing Stage
After specifying above facts lecturer discussed about the necessity of project management,

Project management is all about managing the four pillars of management which are Planing, Controlling, Organizing and Controlling. In Project Management Triangle lecturer told that some people substitute the quality with scope basically quality and scope more or less reflects how it server the purpose or client requirements. When the quality/scope variable changes its affect to the project time and the cost.

Then lecturer moved the lecture into project planing discussion by stating when students focus on risk management, mitigation strategies should identified to overcome unexpected circumstances. In Virtusa example lecturer pointed out that "people at the bench" allocated for projects with high risk where it applicable for industrial level projects. In order to have better collaboration or for quickly adopt to the project track, each ones work can be share by using software like PEGA and case stools techniques enable programmers to write comments or to keep daily activity log in order for the knowledge management.

Then lecture discussed about SSASM, Agile Methodologies and RUP and when to use it. According to lecturer,

SSADM (Structured System Analysis and Design Methodologies) - This method focus more on requirements analysis and it more document driven process such as Feasibility Study, Design Document, Design Specification, Requirements Document, Logical and Physical Design Document. But this methodology doesn't have a Development Phase. If students face to Develop a System SSADM can use with a conjunction with a another Methodology like prototyping which focuses more on the Development phase. The bottom line is hat SSADM is used when the requirements are uncertain/difficult to the project team. Theses methodologies follows a sequence of action so there is a less probability in en-counting problems. 

After that lecturer stated when breakdown the project into paths that all the information available in Gantt Chart and it also identified time allocated for each particular activity. Then lecturer stated when students try to schedule things should identify dependencies between tasks basically need identity for each activity what is the predecessor(previous task that dependent on).

And the lecturer stated the principles of Pert Chart. They are

Last node LCT equals to ECT
In the Dummy node it always starts with 0

Then lecturer discussed the importance of critical path. According to lecturer there is no possibility delay the critical path activities since its affects to the entire timeline. The total time duration stated by LCT. Slack is time out basically slack activities can consumes more time if their is a need arise. In project management its better to add some Slack activities because some activities may required some more time while without affect to the project timeline.

After that lecture pointed out how to realistically estimate the time. As stated by lecturer there are different estimation methods. They are,
  • Cocomo
  • Functional Points
The main purpose of those above methodologies to estimate by identity the optimistic time to complete a task.

Then lecturer driven the lecture in to functions of the project Manager/Supervisor. As students its required to identify the functions of the project manager basically to update the completed the work on time and to address any questions that students encounter as well as based on that project supervisors will motivate and encourage students to complete the project task.  

Before concluding the lecture, lecturer stated the purpose of the project manager is to advice on students project. When students goes to meet project supervisor, students need to provide a project log sheet. The project log sheet contain the information such as what are the questions that student currently encountered, What points need to discuss with supervisor.

The things that students going to discuss with supervisor,

Kiosk Boxes
In 1st Box - Write down the questions and the areas student need to discuss (list) with supervisor
In 2nd Box - Note down the things that been discuss during the project basically the actual discussion had during the project as well as can mention additional discussion that been done beside to the stated facts. 
In 3rd Box - Note down about the action that student going to perform after the meeting.

Then lecturer stated how to prepare for supervisory meeting. Those facts are,
  • Need to know about the work - Proper knowledge on the content been done
  • Prepare list of questions that planing to discuss at the meeting
  • Be clear on the project plan - How much of work completed so far, what stage currently working on, Whether the task is been done according to schedule or below the schedule, How far gone back in the schedule, What are the tasks still needed to do. What are the thing can be done to get back into schedule.
  • Know the in an out of the project and answer to the supervisors questions.

Activity Done:

As for the activity lecturer gave us a scenario as show in in Figure 2 to draw a Pert Chart for that . 

Figure 2: Pert Chart Scenario
 According to that I drew the Pert Chart diagram as shown in Figure 3.

Figure 3: Pert Chart

Then Lecturer stated that students need to calculate ECT (Earliest Completion Time) and  LCT (Last Completion Time). And the different between ECT and LCT is the stated to be Slack.

 According to above Figure 3 Diagram,
  • The ECT = 53 and LCT = 155.
  • Critical Path = A, C, E, H, J
  • Slack = 130 - 53 (LCT - ECT) = 77. 
Reality of the Lecture:
From this lecture I understood and gained experienced on Pert Charts, how to draw it and when to use it as well as to gain outcomes from the Pert Charts Principles such as LCT, ECT, Critical Path and Stack period which allows non critical paths to stretch the timeline. There are various methodologies to estimate optimistic time to complete a project which will really helps me to arrange my final year project time line in a realistic manner. The next important thing I understood was how to deal with project manger/supervisor during my final year project period, Preparation required for the supervisory meeting and how to get their maximum potential outcomes in align to my project scope to achieve my objectives.