– By Stephen Lyman, Bellevue University MPM Student
Although a risk officer may contact team members about risk-related tasks that have been ignored or gone overdue, a project manager is ultimately responsible for keeping team members focused on the right activity. For their relationship to work effectively, risk officers and project managers must coordinate the efforts of fellow team members.
Too much time spent on managing risks can cause projects to fall behind schedule. Likewise, an aggressive task schedule that ignores risk completely can result in catastrophe. Therefore, measuring a project’s progress against the resistance posed by risks helps remind leaders to keep activity in balance.
In some cases, a risk can be entirely eliminated or contained during the implementation and monitoring phases of the project cycle. Noting such a change in status can help project managers and risk officers reallocate resources to other risks or to main project tasks.
Some teams like to keep a live risk matrix, using a shared spreadsheet, database, or online tracking tool. Other teams prefer to task the risk officer with coordinating all communication related to risk management, and reporting in meetings or via memos on a regular basis. The severity of the risk and the importance of the project can help determine the right method for tracking risk (Jr., 2015).
If a risk event occurs during project execution, there is a likelihood it was identified sometime earlier, it was analyzed and an appropriate response action was planned to deal with it (captured in the Risk Register). For the most part, Risk Monitoring and Control is the process of putting into action all of the risk planning done earlier in the project life-cycle.
It is important to understand that risk monitoring is intended to be a daily, on-going process across the entire project lifecycle. Project team members and stakeholders should be encouraged to be vigilant in looking for risk symptoms, as well as for new project risks. Newly identified risks and symptoms of previously identified risks should be communicated immediately for evaluation and/or action (Balakian, 2010).
Monitoring the risk metrics and triggering events to ensure the planned risk actions are working are of the utmost importance in this step.
The goal from this step is threefold:
1. To monitor the status of your risk action plans, in other words, the progress towards the completion of contingency and mitigation plans
2. To monitor any project metrics associated with a risk that might trigger a contingency plan
3. And finally, to provide notification to the project team that a trigger, or triggers, have been exceeded so that a contingency plan can be initiated if needed
There are two main inputs that are going to help you achieve the three goals I’ve just mentioned.
1. Firstly, your risk action forms which contain the specific mitigation and contingency plans you created and which also specify the project metrics and trigger values to be monitored
2. And secondly, the relevant project status reports that are used to track progress within the standard project management structure
You may need to call on other sources of information depending on the specific project metrics being tracked. For example, you might need to use a project tracking database, or maybe even a human resources management system to provide the tracking data that you and your project team need.
In this tracking step of the risk management process, you and your team will execute the action plans in the mitigation plan as part of your overall team activity. Any progress made towards these risk-related action items, or in relation to any trigger values being used, will contribute towards the risk status that will be reported on.
Risk Status Reporting
The reporting element in this step operates at two levels. For your team, regular risk status reports will be very important and should consider four possible risk management situations for each risk:
1. First, when a risk is resolved, ensure the risk action plan is completed
2. Secondly, ensure these risk actions are consistent with your overall risk management plan
3. Third, understand that some risk actions are at variance to the risk management plan, in which case, corrective measures should be defined and implemented
4. And the final situation is if one or more risks have changed significantly. This usually ends in re-analyzing the risks or re-planning an activity.
For external reporting to stakeholders, you and your project team should report the top risks and then summarize the status of risk management actions. It’s also useful at this stage to show the previous ranking of risks and the number of times each risk has been in the top risk list.
Your output from this step should be a detailed status report that clearly communicates any changes in the status of a risk.
Here is some information you might want to include in this report:
1. Risk name
2. Risk classification
3. Risk probability, impact, and exposure from the identification step
4. Current risk probability, impact and exposure
5. Risk level, such as low, medium and high
6. A summary of your mitigation and contingency plans
7. Status toward completion of mitigation plans
8. Readiness of contingency plans
9. Trigger values
10. Planned actions
11. Risk owner
And don’t forget to include this report within the project status report that you create and circulate to others involved and interested in the project (O’Donnellan, 2016).
Balakian, W. (2010, September 21). Applying the Risk Monitoring and Control Process . Retrieved from project-management.truesolutions.com: http://project-management.truesolutions.com/2010/09/21/applying-the-risk-monitoring-and-control-process/
Jr., J. T. (2015, May 18). Risk Management: Keeping Track of Risk and Utilizing a Risk Manager. Retrieved from http://www.brighthubpm.com: http://www.brighthubpm.com/risk-management/14026-tracking-risk-in-project-management/
O’Donnellan, R. (2016, April 13). Should You Track & Report on Risks? Retrieved from http://www.brightwork.com: https://www.brightwork.com/blog/should-you-track-report-on-risks#.WfJrseR1q70