Identifying and Managing Project Risk

Identifying and Managing Project Risk

Infobox Book |
name = Identifying and Managing Project Risk

author = Tom Kendrick
country = United States
language = English
genre = Business, Project Management, Risk Management
publisher = American Management Association
release_date = February 2003
media_type = Print (Hardcover)
pages = 335
isbn = ISBN 0-8144-0761-7


"Identifying and Managing Project Risk," by Tom Kendrick, is a book about identifying and managing risks on projects. Although the book is written in a very generic manner, it has a decidedly high-tech flavor. This partly because the author worked at Hewlett-Packard for twelve years. The book is geared to be used by a junior Project Manager and Kendrick aligns the chapters of the Book to the Project Management Institute's (PMI) "Guide to the Project Management Body of Knowledge", (PMBOK) 2000 edition. This text is designed to be used as a supplemental source of information when studying for the Project Management Professional (PMP) certification exam.

Kendrick's coverage of risk, and more prominently uncertainty, is complete in a general fashion focusing a majority of his discussion on risk in projects due to poor planning and change management processes.

He uses a collection of project elements from various projects his client's have conducted. He uses this data, Project Experience Risk Information Library (PERIL) database, to quantify and rank classes of risk. In the early part of his book he uses this significantly and the Appendix lists approximately 120 of the element's descriptions.

The book is structured to follow the PMBOK stages of a project — initiation, planning, controlling, executing and closure. Each chapter discusses a set of concepts and concludes with a bulleted "Key Ideas" section and an anecdote from the two attempts to construct the Panama Canal.


The introductory two chapters lay the groundwork for people that are new to project or risk management. He starts with the definition of risk as the "loss multiplied by the likelihood" and expands from there. He explains that this relates to uncertainty in estimates for duration and cost. He identifies the benefits as:
*Lowering cost and confusion
*Prioritization and stakeholder support
*Input for portfolio management
*Setting expectations and establishing reserves
*Communication and control

Project Risk Planning

Schedule is the second level of risks effecting project duration in the PERIL database. The top five (the book lists ten) categories are:
#Project Dependencies
#Parts Delays
#Estimation errors
#Decision Delay
#Hardware DelayDependency on external parties is the largest sub categorization of schedule risk in the database, (editors note: as might be expected since it is always safe to blame the other party) followed by poor estimations.

To assist in reducing these risks, Kendrick explains that the process should start with the WBS and apply estimates for effort and resources. This is an iterative process. A number of things should be kept in mind:
*Historical data should be used where applicable.
*Resources planning (done next) will effect these estimates so these processes will need to be iterative.
*Be cognizant of people hesitating to give estimates, it may imply additional uncertainty.
*If the durations are greater than two weeks they should be broken down further.
*Make sure to incorporate holidays, vacations and other non-project time.He summarizes a number of estimating techniques:
*Project-level Think-Do-Check based on project size.
*Historical data
*Prior experience
*Delphi Group Estimating (a form of Consensus estimates)
*Program Evaluation and Review Technique (PERT)He spends significant time through-out the book discussing the PERT method and clearing up misconceptions on the PERT process. He explains that the PERT method of estimation generates the expected duration of a task by adding the pessimistic, optimistic and four times the most likely durations and dividing them by six. The standard deviation is determined is the difference of the pessimistic and optimistic durations and dividing them by six. The standard deviation is a reflection of the uncertainty in the estimates.

After determining the durations and sequencing the critical path can be determined. The Critical Path is the longest contiguous path of tasks with no lag. The easiest way to do this is by using one of the many computerized tools on the market. He cautions that an increase in critical and near-critical paths will bias significantly increase the probability that the project will not complete by the projected time. This is due to the statistical probabilities of multiple paths causing failure.

As with many sections of the book, he provides lists of general items to use when planning.

Resource Risk

The key to assessing risk is determining the probability and impact of the risk and knowing when these values cannot be determined. Trying to make quantitative decisions from qualitative data is not sensible. To this end, Kendrick describes some standard and accepted methods of presenting non-quantifiable risks for the project. A majority of his time in spent discussing two methods in of quantitative analysis — two dimensional bubble charts and PERT analysis. As in previous areas on the book he presents beta-distributions of for risks and he lays the ground work for the understanding of why simulation products are important when analyzing risk in complex projects. He presumes a modicum of knowledge of statistics but no knowledge of beta-distributions is required.

Managing Activity Risk

This section is an assortment of activities that Project Managers may do to align the project team and the stakeholders for the upcoming project. These items include:
* A recommended list of documentation that summarize general best practices for a project, cautioning that quality, not quantity, is the measure.
*A project start-up workshop; including its preparation and execution. The goal is to align people to the goals and educate them on the challenges.
*Determining the appropriate metrics for the project, ensuring they are not burdensome and effect behavior in a positive manner. Too often, metrics change behavior to provide better metrics not better performance.
*Setting the amounts and conditions for use of the project reserves.
*Negotiating the final objectives of the project with stakeholders to improve the chances of project success.
*Validate that all team members and stakeholders accept the plan of record.
*Describe to all team members and stakeholders the change management process and how it will be enforced.

Monitoring and Controlling Risky Projects

Execution of the project entails the Project Manager applying the plan, leading the team and monitoring the project status looking for trends that can indicate variations (good and bad) in the project execution. Results of the analysis need to be communicated and adjustments made through a change management and/or issue resolution process.

Communication is imperative. Kendrick describes a variety of tools to aid in communication and notes where challenges may be become more difficult (remote projects, multiple languages, large number of stakeholders with differing goals). He also provides the obligatory how-to-run-a-meeting discussion.

Project traceability is important and Kendrick outlines the needs and requirements of a Project Management Information System. This system should be a repository for all project documents and appropriately accessible to all people.

For longer projects Kendrick suggests a periodic project review and assessment. He provides a checklist of the items this should include and show to conduct the meeting.

Closing Projects

Proper closure of a project has significant benefits for reducing risk on future projects. Whether the project is considered a success or a failure the results should be documented and reviewed. These data can then be used in future planning processes to improve planning and reduce risk.

A project retrospective should be conducted and actions taken on the suggestions to improve processes for the future. Lack of action will reduce participation in subsequent retrospectives.


As mentioned in the summary, "Identifying and Managing Project Risk," is most valuable to the junior Project Manager and, as Kendrick points out, can be used as a study text for the PMP exam. Unfortunately, the book has numerous typos that should have been caught in the editing process and tends to detract from the value of the content.

It contains a number of valuable "check lists" and other tools that can be used but glosses over some of the theory that might allow the reader to become knowledgeable on a subject.

The use of the PERIL database is interesting but gives the feel of objectivity where there should not be. He mentions the limitations of the data in Chapter 2, but neglects to quantify his use of data in later chapters.

His negative treatment of iterative (i.e. agile) processes and complete neglect of Critical Chain miss many areas where risk can be addressed through process and looking for root cause. The reader should investigate these methodologies if interested in other ways to avert risk,

Complete Table of Contents

:Acknowledgments :Introduction Chapter 1: Why Project Risk Management? :The Doomed Project Risk :Benefits and Uses of Risk Data :The Risk Management Process :Anatomy of a Failed Project: The First Panama Canal Project Chapter 2: Planning for Risk Management :Project Selection :Overall Project Planning Processes :Defining Risk Management for the Project :The PERIL Database :Key Ideas for Project Risk Planning :A Second Panama Canal Project: Sponsorship and Initiation (1902-1904) Chapter 3: Identifying Project Scope Risk :Sources of Scope Risk :Defining Deliverables :High-Level Risk Assessment Tools :Setting Limits :Work Breakdown Structure (WBS) :Other Risks :Document the Risks :Key Ideas for Identifying Scope Risks :Panama Canal: Setting the Objective (1905-1906) Chapter 4: Identifying Project Schedule Risk :Sources of Schedule Risk :Activity Definition :Estimating Activity Duration :Activity Sequencing :Document the Risks :Key Ideas for Identifying Schedule Risks :Panama Canal: Planning (1905-1907) Chapter 5: Identifying Project Resource Risk :Sources of Resource Risk :Resource Planning :Staff Acquisition :Procurement Planning and Source Selection :Cost Estimating :Cost Budgeting :Document the Risks :Key Ideas for Identifying Resource Risks :Panama Canal: Resources (1905-1907) Chapter 6: Managing Project Constraints and Documenting Risks :Analyze Constraints :Scope Options and Opportunity Management :Resource Options :Schedule Options :Assess Options and Update Plans :Seek Missing Risks :Document the Risks :Key Ideas for Constraint Management and Risk Discovery :Panama Canal: Improving the Plan (1906) Chapter 7: Quantifying and Analyzing Activity Risks :Quantitative and Qualitative Risk Analysis :Risk Probability :Risk Impact :Qualitative Risk Analysis :Quantitative Risk Assessment :Key Ideas for Activity Risk Analysis :Panama Canal: Risks (1906-1914) Chapter 8: Managing Activity Risks :Root Cause Analysis :Categories of Risk :Risk Response Planning :Managing a Specific Risk :Key Ideas for Managing Activity Risks :Panama Canal: Risk Plans (1906-1914) Chapter 9: Quantifying and Analyzing Project Risk :Project-Level Risk :Aggregating Risk Responses :Questionnaires and Surveys :Instructions for the Project Risk Questionnaire :Project Simulation and Modeling :Analysis of Scale :Project Appraisal Project Metrics :Key Ideas for Project Risk Analysis :Panama Canal: Overall Risks (1907) Chapter 10: Managing Project Risk :Project Documentation Requirements :Project Start-Up :Selecting and Implementing Project Metrics :Management Reserve :Project Baseline Negotiation :Project Plan Validation :Specification Change Management :Key Ideas for Managing Project Risk :Panama Canal: Adjusting the Objective (1907) Chapter 11: Monitoring and Controlling Risky Projects :Applying the Plan :Project Monitoring :Collecting Project Status :Metrics and Trend Analysis :Responding to Issues :Communication :Project Archives :Project Reviews and Risk Reassessment :Key Ideas for Risk Monitoring and Control :Panama Canal: Risk-Based Replanning (1908) Chapter 12: Closing Projects :Project Closure :Project Retrospective Analysis :Key Ideas for Project Closure :Panama Canal: Completion (1914) Chapter 13: Conclusion :Panama Canal: The Next Project :Appendix: Selected Detail from the PERIL Database :Selected Bibliography :Index

Other Books

*Lam, J., "Enterprise Risk Management: From Incentives to Controls" (2003). Wiley; 1 edition, ISBN 0-471430005
*Virine, L. and Trumper M., "Project Decisions: The Art and Science" (2007). Management Concepts. Vienna, VA, ISBN 978-1-56726-217-0
*Wideman, R.M. "Project and Program Risk Management" (1992). Newtown Square, PA: Project Management Institute. ISBN 978-1-880410066

External References

Kendrick's website []

[ Root Cause Analysis]

Wikimedia Foundation. 2010.

Нужен реферат?

Look at other dictionaries:

  • Risk — takers redirects here. For the Canadian television program, see Risk Takers. For other uses, see Risk (disambiguation). Risk is the potential that a chosen action or activity (including the choice of inaction) will lead to a loss (an undesirable… …   Wikipedia

  • Risk register — A risk register is a tool commonly used in project planning and organisational risk assessments. It is often referred to as a Risk Log (for eg in PRINCE2).This tool is widely used within Risk Management for identifying, analysing and managing… …   Wikipedia

  • Project management — is the discipline of planning, organizing, securing, and managing resources to achieve specific goals. A project is a temporary endeavor with a defined beginning and end (usually time constrained, and often constrained by funding or deliverables) …   Wikipedia

  • political risk insurance — USA One of several risk mitigation tools available to investors involved in cross border transactions, this insurance typically insures lenders and equity investors from and against losses incurred by the investors as a result of a political risk …   Law dictionary

  • Risk management — For non business risks, see risk, and the disambiguation page risk analysis Example of risk management: A NASA model showing areas at high risk from impact for the International Space Station. Risk management is the identification, assessment,… …   Wikipedia

  • Project governance — The term Project governance is used in industry, especially in the information technology (IT) sector (see Information technology governance), to describe the processes that need to exist for a successful project. Project Governance is an active… …   Wikipedia

  • Sustainability metrics and indices — Sustainable development indicators (SDI) have the potential to turn the generic concept of sustainability into action. Today, however, we are far from achieving this potential. We can t currently find a standardized set of indicators and several… …   Wikipedia

  • Business and Industry Review — ▪ 1999 Introduction Overview        Annual Average Rates of Growth of Manufacturing Output, 1980 97, Table Pattern of Output, 1994 97, Table Index Numbers of Production, Employment, and Productivity in Manufacturing Industries, Table (For Annual… …   Universalium

  • Occupational safety and health — is a cross disciplinary area concerned with protecting the safety, health and welfare of people engaged in work or employment. The goal of all occupational safety and health programs is to foster a safe work environment.[1] As a secondary effect …   Wikipedia

  • List of project management topics — This list of project management topics gives an overview of project management topics. Contents 1 Project management activities 2 Project management artifacts 3 Project management tools 3.1 …   Wikipedia

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”