The effectiveness of Project Risk Management depends upon the way the approved plans are carried out. These plans should be executed correctly, reviewed, and updated regularly. If this is carried out correctly, the invested effort will be rewarded and future projects will benefit from this project’s experience.
What is Risk Monitoring?
Monitor Risks is the process of monitoring the implementation of agreed-upon risk response plans, tracking identified risks, identifying and analyzing new risks, and evaluating risk process effectiveness throughout the project.
The key benefit of the monitor risks process is that it enables project decisions to be based on current information about overall project risk exposure and individual project risks.
In order to ensure that the project team and key stakeholders are aware of the current level of risk exposure, project work should be continuously monitored for new, changing, and outdated individual project risks and for changes in the level of overall project risk by applying the monitor risks process.
The effectiveness of all of the project risk management processes should be reviewed during the monitor risks process to provide improvements to the management of the current project.
Effective communication needs to be maintained between the risk owners and the project manager so that the designated stakeholders accept accountability for controlling the potential outcomes of specific risks.
The risk action owner should keep the risk owner aware of the status of the response actions so that the risk owner can decide when the risk has been effectively dealt with, or whether additional actions need to be planned and implemented.
Risk reassessment should be conducted as part of the monitoring risks process. Typical reasons for risk reassessment are the occurrence of a major or unexpected risk, the need to analyze a complex change request, phase-end review, project re-planning or major plan elaboration, and periodic review to ensure that the information remains current.
In addition to the regular status reviews, periodic audits should be performed to determine strengths and weaknesses in handling risks within the project. This should entail identifying any barriers to effectiveness or keys to success in risk management, recognition of which could lead to improvements in risk management of the current or future projects.
At the end of the project, an integrated analysis of the risk management process should be carried out with a focus on long-term process improvements.
This analysis consolidates the findings of the periodic audits to identify lessons that would be applicable in general to a large proportion of the organization’s projects in the future, such as appropriate levels of resources, adequate time for the analysis, use of tools, level of detail, etc.
At project closure, the project manager should ensure that a description has been given of the closure of every risk in the risk register, for example: (a) did not occur; (b) occurred and contingency plan invoked, or (c) occurred and impact to the project scope (i.e., time, cost, and quality).
The output of the audit of the risk management process should be consolidated with specific information with respect to the project’s experience risks, and any generally applicable guidelines for the organization should be highlighted and potential actions proposed for applying them. This can lead to an update to the corresponding organizational process assets.
Commonly used Tools and Techniques
Some of the most commonly used tools and techniques in monitoring risks process are listed below:
Technical performance analysis. As part of the monitor risks process, technical performance analysis compares technical accomplishments during project execution to the schedule of technical achievement.
It requires the definition of objective, quantifiable measures of technical performance, which can be used to compare actual results against targets. Such technical performance measures may include weight, transaction times, number of delivered defects, storage capacity, etc.
Reserve analysis: Throughout the execution of the project, some individual project risks may occur with positive or negative impacts on budget or schedule contingency reserves.
Reserve analysis compares the amount of the contingency reserves remaining to the amount of risk remaining at any time in the project in order to determine if the remaining reserve is adequate. This may be communicated using various graphical representations, including a burndown chart.
A risk reserves report is heavily used in the monitoring risks process, it keeps a running balance of the remaining reserve and helps the project manager control the reserve. In this report, money/time is added when activities are completed cheaper or faster, and money is deducted when it’s used for identified risks.
Risk Audits: Risk audits are a type of audit that may be used to consider the effectiveness of the risk management process. The project manager is responsible for ensuring that risk audits are performed at an appropriate frequency, as defined in the project’s risk management plan.
Risk audits may be included during routine project review meetings or may form part of a risk review meeting, or the team may choose to hold separate risk audit meetings. The format for the risk audit and its objectives should be clearly defined before the audit is conducted.
Risk reassessment: It is a tool you will rely on as part of the monitoring risks process. The primary objective is to ensure that the full risk management cycle is repeated as required to ensure effective control.
It involves identifying risks, qualitative risk analysis, quantitative analysis (If needed), and risk response planning. Risk reassessment might occur when new risks are identified, and when changes occur in the project.
Workaround: It’s an unplanned response to an unidentified risk that occurs. A high number of workarounds on a project indicates a lack of adequate project planning, and risk management is made to decrease the need for workarounds.
Workarounds are reactive while project management is supposed to be proactive. Project managers shall spend more time executing contingency and fallback plans than creating workarounds. Risk management is made to decrease the need for workarounds.
Risk Monitoring and Reporting
A collection of high-quality information about risks is required. Often this information is not available in any historic database and should be gathered through interviews, workshops, and other means using expert judgment.
Data gathered from individuals may be subject to reporting or intentional bias. When this occurs, the bias should be identified and remedied where possible, or a different, unbiased source of information should be found and used.
The project manager has particular responsibilities in relation to the Project Risk Management process. The project manager has overall responsibility for delivering a successful project which fully meets the defined objectives.
When it comes to monitoring and controlling risk on the project, the project manager is accountable for the day-to-day management of the project, including effective risk management.
This may include regular monitoring and reporting risk status to key stakeholders, with recommendations for appropriate strategic decisions and actions to maintain acceptable risk exposure.
Conclusion
The primary objectives of monitoring and controlling risk are to track identified risks, monitor residual risks, identify new risks, ensure that risk response plans are executed at the appropriate time, and evaluate their effectiveness throughout the project life cycle.
In addition to tracking and managing the risk response actions, the effectiveness of all of the Project Risk Management processes should be reviewed to provide improvements to the management of the current project as well as future ones.
If what we explained in this article is part of your day-to-day job, or if you are interested in improving your knowledge in the risk management field, we highly recommend you read about the PMI RMP certification exam.