As with all projects, a BPPM implementation project will bring changes and risk is a prominent aspect of changes. Project risk management helps you identify, describe, prioritize, quantify, respond, and manage the risks.
A risk is a future event that, if it occurs, will affect one or more project objectives. It is much better to start your risk management in the planing phase so that you can anticipate future problems to avoid being surprised in the middle of implementation phase and have an action plan to solve problems or prevent problems from happening.
BPPM implementation project risk management discussed in this post is a simplified version for the purpose of illustration. BPPM implementation project risk management in real life can be much more complex.
1. Risk identification
In a BPPM implementation project, a risk can be product related, resource related, or environment related. Review all project documents and pay special attention to WBS (Work Breakdown Structure) and project assumptions. Identify all risks that may impact project scope, time, cost, and quality. Document causes and effects for each risk.
Because each version of BPPM introduces quite a lot of brand new features but not all BPPM documents are updated with these new features, product related risks are inevitable. One example of product related risks is that you may not be able to configure a PATROL KM in CMA because the configuration steps described in KM document are for PATROL console only. Now your scheduled 1-day task in WBS would take you 3 days to complete because you have to get BMC support involved. This will obviously impact your project completion date and cost.
Resource related risks can be caused by the lack of experienced employees/consultants as BPPM expertise is still rare. This is especially true if you rely on a consulting firm to supply you consultants but had no opportunity to evaluate their competencies in advance.
Environment related risks can be caused by the dependency on another project - for instance, automated BPPM ticketing depends on the completion of Remedy incident management project.
2. Risk analysis
In risk analysis, you evaluate each risk and decide on its likelihood/probability of occurrence and its impact magnitude. You can use 5-level scale (very low, low, medium, high, very high) or 3-level scale (low, medium, high) for likelihood and impact. The result of likelihood x impact is risk exposure. Risk exposure helps to prioritize each risk.
For example, if the risk of not being able to configure a PATROL KM in CMA without contacting BMC support has a very high likelihood of occurrence, and the magnitude of its impact is also very high (delaying project completion for 2 days), the risk exposure will be very high and you need to assign a very high priority to this risk.
3. Risk response
In risk response, you determine options and select actions to reduce the threats to project objectives. These include mitigation plans to reduce the likelihood of risk occurrence, contingency plans to reduce the impact, fallback plans, and workarounds.
For example, for the risk of lacking experienced consultants when you rely on a consulting firm to supply you the resources, you may want to interview the assigned consultants before the project starts and also ensure they are dedicated resources to your project.
4. Risk monitoring and control
Risk management is an on-going process. During BPPM implementation project, you need to update the risks that have occurred and that will no long occur, update risk analysis and response as needed, evaluate the effectiveness of risk response actions, and identify new risks.
No comments:
Post a Comment