A great deal of the projects and risk management literature out in the world states that a detailed risk analysis is required if you deal with a large project and a big budget. However, since these terms are relative, you or another member of your team or organization must define what a large project and a big budget are. Also, even though I agree with this approach, I prefer to base my decision on whether to execute a detailed risk analysis on the level of concern of the key stakeholders, including myself. For example, some might say that performing a quantitative risk analysis and the qualitative risk analysis is too much for a $20,000 or $30,000 project, which is mostly a safe bet, but if this is a new client. You hope to get more work from them, and with perhaps much higher budgets, than performing a detailed risk analysis is key.
We once submitted a proposal to develop a Project Management Office (PMO), which had the potential to generate many high impact risks, both positive and negative. However, our consulting fee was not exorbitant. However, the client was unsure of what they needed, making developing the scope challenges. Also, the client and other stakeholders had a very ambitious schedule, and their selection process for hiring the right consultant was based in great part on the overall fee proposed. In other words, the potential for several tasks and objectives going off the rails was high, as was the potential for more work if we performed to the client’s satisfaction. Therefore, we decided to pursue the work based on a quick risk analysis, which showed that we could perform satisfactorily as long as we mitigated, transferred, escalated, and placed the appropriate risk responses.
One of the critical factors to consider in performing risk analysis is stakeholder attitude towards risk. Some stakeholders can go with the proverbial flow, but others need more structure, assurances, and guidance through the project process and its uncertainties. Therefore, the size, duration budget, quality, and other project requirements do not need to be too stringent to require qualitative and quantitative risk analyses. The qualitative risk analysis, for example, stresses the need to establish the probability and impact levels of each identified risk. However, as its name implies, the quantitative risk analysis takes the first analysis a step further and quantifies each risk based on a currency amount. And although the latter, as mentioned earlier, is dependent on the size of the project, it should also be dependent on the needs of your stakeholders, even if it is only useful for providing some sense of security and confidence in the project processes.
To learn more about risk analysis and management, please get in touch with us for consultation and training services, which will assist you and your team address risks on all your projects. Also, in addition to preparing for risks turning into issues, monitoring and controlling the process will help you meet your project’s success criteria.