Date post: | 31-Dec-2015 |
Category: |
Documents |
Upload: | hilary-shannon |
View: | 17 times |
Download: | 0 times |
IS425 Autumn 2004-2005 Norma Sutcliffe
Session 9 2
Sourcing Decisions & Risk Management
Exercise Quiz Lecture
IS425 Autumn 2004-2005 Norma Sutcliffe
Session 9 3
Exercise
Each team is given Leadership Effectivenesstasks
For each task: Give one example of the wording of the task in:
Directive Style and who is the appropriate audience Interactive Style and who is the appropriate audience Nondirective Style and who is the appropriate
audience
IS425 Autumn 2004-2005 Norma Sutcliffe
Session 9 5
Risk Management
DefinitionThe process in which potential risks to a business are identified, analyzed and mitigated, along with the process of balancing the cost of protecting the company against a risk vs. the cost of exposure to that risk.
Or, "What imperils getting benefits from effort?"
IS425 Autumn 2004-2005 Norma Sutcliffe
Session 9 6
General Categories of Risks:
Economic Risks
Technical Risks
Organizational Risks
Legal Risks
Terrorist Risks
IS425 Autumn 2004-2005 Norma Sutcliffe
Session 9 7
General Categories of Risks:
Economic Risks applies to risks that can potentially impact the business. These risks could result to failure or loss of business. business environment changes vendor survival
IS425 Autumn 2004-2005 Norma Sutcliffe
Session 9 8
General Categories of Risks:
Technical Risks applies to the risks that can impact the development, implementation, and the operation of a system. Sources of these risks can come from the project team’s degree of familiarity with the technology, familiarity with the application, security and project size. integrating technology with existing portfolio poor training poor monitor/control
IS425 Autumn 2004-2005 Norma Sutcliffe
Session 9 9
General Categories of Risks:
Organizational Risks applies to the risks that could potentially impact the acceptance of the project. Problems arise when there is potential reduction of manpower, changing the way business process is performed, and when there is increase of workload. Consequences to these risks are defined below: resistance to the system low morale of personnel lack of political support possible rejection of the system poor procedures lack of trained support lack of trainers ineffective use by users poor help desk
IS425 Autumn 2004-2005 Norma Sutcliffe
Session 9 10
General Categories of Risks:
Legal Risksapplies to risks arising from potential lawsuits and liabilities associated with the implementation of a project. fiduciary responsibility of managers laws and regulations inappropriately
administered personal financial and criminal liability (from
shareholder lawsuits and FCPA)
IS425 Autumn 2004-2005 Norma Sutcliffe
Session 9 11
General Categories of Risks:
Terrorist Risks
applies to risks arising from intentional destruction or malevolent modification of the physical equipment data and information files communication links software
IS425 Autumn 2004-2005 Norma Sutcliffe
Session 9 12
Sources of Project Risks
Project Work Project Team and Leader Management Business Situation Other Projects External Factors Technology Vendors and Contractors Business Processes Business Units Customers and Suppliers
IS425 Autumn 2004-2005 Norma Sutcliffe
Session 9 13
Sources of Project Risks
Project Work – quality and completeness of the work
Project Team and Leader – personality issuesallocation of resourcestrust issues
Management – poor or no decision makinglack of attention
Business Situation -- assumptions change-- conditions change
IS425 Autumn 2004-2005 Norma Sutcliffe
Session 9 14
Sources of Project Risks
Other Projects-- Changes in priorities
External Factors-- regulatory changes, -- union pressures, -- consumer groups-- various special interest groups
Technology-- changes that can make project irrelevant
IS425 Autumn 2004-2005 Norma Sutcliffe
Session 9 15
Sources of Project Risks
Vendors and Contractors-- reliability -- quality-- sustainability
Business Processes-- reengineering changes power bases
Business Units-- management changes-- organization changes-- staffing changing
Customers and Suppliers-- changes in mix
IS425 Autumn 2004-2005 Norma Sutcliffe
Session 9 16
Keeping Track of Risks
Projects Economic Technical Organizational
Keep a count of the OPEN RISKS by type for each project –Update regularly
Keep track of your progress in mitigating / resolving risksREMEMBER – MANY RISKS WILL COME TOWARDS THE END OF THE PROJECT – SO THINK / PLAN AHEAD
IS425 Autumn 2004-2005 Norma Sutcliffe
Session 9 17
Constraints on Taking Actions
Before taking actions to resolve/mitigate risks keep in mind— Symptoms seen as Problems
symptoms can be treated leaving the underlying problem unresolved & growing
Seen as panicking If you constantly bring the risks to management’s attention – may be seen as crying wolf
Look before you leap – get enough facts first
IS425 Autumn 2004-2005 Norma Sutcliffe
Session 9 18
Risk Strategies
Deal only with critical factors – need to monitor all problems and catch those before they balloon
React quickly to issues – need to know enough about what causes issues
Proactive but still conservative – use a method that will help you know you have enough to act and then act
IS425 Autumn 2004-2005 Norma Sutcliffe
Session 9 19
Preferred Project Risk Strategy Method
Group issues by Impact if not solved Time pressure to do something
Use your judgment and experience on positioning issues
IS425 Autumn 2004-2005 Norma Sutcliffe
Session 9 20
Issues to be Addressed
Issues 23 and 27 must be addressed Issue 10 has time pressure so investigate
IS425 Autumn 2004-2005 Norma Sutcliffe
Session 9 21
Time Marches on
Some issues go away Some issues emerge Some get more troublesome
IS425 Autumn 2004-2005 Norma Sutcliffe
Session 9 22
Risk Issue Management Process
1. Create project risk issue database200+ commonly known problems
2. Identify 20-30 most likely based on experience
3. Present potential issues to management with project proposal
4. In estimating project tasks – more issues may emerge
5. All issues relate to tasks – if not find the missing tasks
IS425 Autumn 2004-2005 Norma Sutcliffe
Session 9 23
Risk Issue Management Process
6. Phase beginning -- team meetings on near term issues-- discuss impact of issues-- track the issues-- develop issues resolution table-- use 1-page project summary to Mgt.
7. Create table of issues versus projectsCreate GANTT chart (major tasks / issues)-- follow-up on resolved issues (no reappearance)-- implement actions when known or appropriate
8. When resolved -- celebrate
IS425 Autumn 2004-2005 Norma Sutcliffe
Session 9 24
Management Communications
Focus on informal communications with management on risk issues
Focus on getting management slowly on board with knowledge of problem growing
Then on presenting alternatives Then on getting approval for actions
IS425 Autumn 2004-2005 Norma Sutcliffe
Session 9 25
Project Risk Portfolio Approach
Same issues database for all major projects Common issues reporting method Periodically prepare new table of issues versus
projects Support / facilitate
Meetings Analysis on issues
When issue resolved -- take the decisions, then-- identify action items for each impacted project-- follow up on action items across project-- report to management
IS425 Autumn 2004-2005 Norma Sutcliffe
Session 9 26
AFTER PROJECT DEPLOYMENT
RISKS CONTINUE andMUST BE HANDLED
IS425 Autumn 2004-2005 Norma Sutcliffe
Session 9 27
OTHER RISK APPROACHES
For IT investments – not project management Portfolio approach – manage risks by treating IT
resources such as hardware, software, services and personnel as collection of investments. Decisions are made based from the potential return of investment or payoff against the level of risks.
Interdisciplinary Approach – applies an integrated assessment of the risks from various groups in a company to determine and assess all dimensions of risks.