IS 425

IS 425

Enterprise Information ILECTURE 9

Autumn 2004-2005 2004 Norma Sutcliffe

IS425 Autumn 2004-2005 Norma Sutcliffe

Session 9 2

Sourcing Decisions & Risk Management

Exercise Quiz Lecture


Session 9 3

Exercise

Each team is given Leadership Effectivenesstasks

For each task: Give one example of the wording of the task in:

Directive Style and who is the appropriate audience Interactive Style and who is the appropriate audience Nondirective Style and who is the appropriate

audience


Session 9 4

Quiz

DL students have homework assignment on COL


Session 9 5

Risk Management

DefinitionThe process in which potential risks to a business are identified, analyzed and mitigated, along with the process of balancing the cost of protecting the company against a risk vs. the cost of exposure to that risk.

Or, "What imperils getting benefits from effort?"


Session 9 6

General Categories of Risks:

Economic Risks

Technical Risks

Organizational Risks

Legal Risks

Terrorist Risks


Session 9 7


Economic Risks applies to risks that can potentially impact the business. These risks could result to failure or loss of business. business environment changes vendor survival


Session 9 8


Technical Risks applies to the risks that can impact the development, implementation, and the operation of a system. Sources of these risks can come from the project team’s degree of familiarity with the technology, familiarity with the application, security and project size. integrating technology with existing portfolio poor training poor monitor/control


Session 9 9


Organizational Risks applies to the risks that could potentially impact the acceptance of the project. Problems arise when there is potential reduction of manpower, changing the way business process is performed, and when there is increase of workload. Consequences to these risks are defined below: resistance to the system low morale of personnel lack of political support possible rejection of the system poor procedures lack of trained support lack of trainers ineffective use by users poor help desk


Session 9 10


Legal Risksapplies to risks arising from potential lawsuits and liabilities associated with the implementation of a project. fiduciary responsibility of managers laws and regulations inappropriately

administered personal financial and criminal liability (from

shareholder lawsuits and FCPA)


Session 9 11


Terrorist Risks

applies to risks arising from intentional destruction or malevolent modification of the physical equipment data and information files communication links software


Session 9 12

Sources of Project Risks

Project Work Project Team and Leader Management Business Situation Other Projects External Factors Technology Vendors and Contractors Business Processes Business Units Customers and Suppliers


Session 9 13


Project Work – quality and completeness of the work

Project Team and Leader – personality issuesallocation of resourcestrust issues

Management – poor or no decision makinglack of attention

Business Situation -- assumptions change-- conditions change


Session 9 14


Other Projects-- Changes in priorities

External Factors-- regulatory changes, -- union pressures, -- consumer groups-- various special interest groups

Technology-- changes that can make project irrelevant


Session 9 15


Vendors and Contractors-- reliability -- quality-- sustainability

Business Processes-- reengineering changes power bases

Business Units-- management changes-- organization changes-- staffing changing

Customers and Suppliers-- changes in mix


Session 9 16

Keeping Track of Risks

Projects Economic Technical Organizational

Keep a count of the OPEN RISKS by type for each project –Update regularly

Keep track of your progress in mitigating / resolving risksREMEMBER – MANY RISKS WILL COME TOWARDS THE END OF THE PROJECT – SO THINK / PLAN AHEAD


Session 9 17

Constraints on Taking Actions

Before taking actions to resolve/mitigate risks keep in mind— Symptoms seen as Problems

symptoms can be treated leaving the underlying problem unresolved & growing

Seen as panicking If you constantly bring the risks to management’s attention – may be seen as crying wolf

Look before you leap – get enough facts first


Session 9 18

Risk Strategies

Deal only with critical factors – need to monitor all problems and catch those before they balloon

React quickly to issues – need to know enough about what causes issues

Proactive but still conservative – use a method that will help you know you have enough to act and then act


Session 9 19

Preferred Project Risk Strategy Method

Group issues by Impact if not solved Time pressure to do something

Use your judgment and experience on positioning issues


Session 9 20

Issues to be Addressed

Issues 23 and 27 must be addressed Issue 10 has time pressure so investigate


Session 9 21

Time Marches on

Some issues go away Some issues emerge Some get more troublesome


Session 9 22

Risk Issue Management Process

1. Create project risk issue database200+ commonly known problems

2. Identify 20-30 most likely based on experience

3. Present potential issues to management with project proposal

4. In estimating project tasks – more issues may emerge

5. All issues relate to tasks – if not find the missing tasks


Session 9 23

Risk Issue Management Process

6. Phase beginning -- team meetings on near term issues-- discuss impact of issues-- track the issues-- develop issues resolution table-- use 1-page project summary to Mgt.

7. Create table of issues versus projectsCreate GANTT chart (major tasks / issues)-- follow-up on resolved issues (no reappearance)-- implement actions when known or appropriate

8. When resolved -- celebrate


Session 9 24

Management Communications

Focus on informal communications with management on risk issues

Focus on getting management slowly on board with knowledge of problem growing

Then on presenting alternatives Then on getting approval for actions


Session 9 25

Project Risk Portfolio Approach

Same issues database for all major projects Common issues reporting method Periodically prepare new table of issues versus

projects Support / facilitate

Meetings Analysis on issues

When issue resolved -- take the decisions, then-- identify action items for each impacted project-- follow up on action items across project-- report to management


Session 9 26

AFTER PROJECT DEPLOYMENT

RISKS CONTINUE andMUST BE HANDLED


Session 9 27

OTHER RISK APPROACHES

For IT investments – not project management Portfolio approach – manage risks by treating IT

resources such as hardware, software, services and personnel as collection of investments. Decisions are made based from the potential return of investment or payoff against the level of risks.

Interdisciplinary Approach – applies an integrated assessment of the risks from various groups in a company to determine and assess all dimensions of risks.


Session 9 28

NEXT WEEK

REVIEW DEBATE WORKSHOP

Date post:	31-Dec-2015
Category:	Documents
Upload:	hilary-shannon
View:	17 times
Download:	0 times

IS 425

Documents