Sunday, May 5, 2013

Types of Risk









Types of Risk
  • Positive Risk - If it occurs there could be Opportunities
  • Negative Risk - If it occurs there could be Threats
  • Known Risk - Risks that have been identified and analyzed. Use Contingency Reserve.
  • Unknown Risk - Unknown risks are not known until they happen. Use Management Reserve.
  • Residual Risk - Risks remaining after implementation of planned responses (Mitigation Plan).
  • Secondary Risk - Risk resulting due to implementation a risk response. If the risk response was not taken, the secondary risk would not exist.

Known-Known -> Known Risk - Known Impact
Have a mitigation plan which reduces either the Probability of occurrence or level of Impact. E.g build this plan into design, development, QC, process, skill set such that this Known Risk is mitigated as much as possible.

Known-Unknown -> Known Risk - Unknown Impact
Try to build a mitigation plan to the best possible extent. Have a Contingency Plan. E.g. add buffer to schedule &/or cost essentially consume project Contingency Reserves.

Unknown-Unknown -> Unknown Risk - Unknown Impact
Unknown risks are unknown; they are not known until they happen. You cannot make a response plan for these risks, and you cannot manage them proactively since they are not identified during the planning phase. Unknown risks are managed through the workaround, and to manage these kinds of risks, you will use the management reserve.
 
Residual Risks: Residual Risks are those risks that are expected to remain after planned responses (Mitigation Plan) of risks have been taken, as well as those that have been deliberately accepted.
For example, let’s say you are constructing a building in an earthquake prone zone. You constructed the building by assuming that the highest degree of earth quake that can happen is 6 on Richter Magnitude Scale. But what if an earth quake happens at 7 on the Richter Magnitude Scale? The Building might collapse.

Secondary Risks: A secondary risk can be defined as a risk created by the response to another risk. In other words, the secondary risk is a consequence of dealing with the original risk. A secondary risk is a risk that arises as the result of implementing a risk response. If the risk response was not taken, the secondary risk would not exist. Example
You are planning the annual employee recognition event. It will be an outdoor luau-themed event. Because there is a chance of rain, you decide to mitigate the risk of the employees getting wet and not having fun by putting up a tent.
There is still some residual risk that the employees will get wet walking from the parking lot to the tent.
There is also a secondary risk that someone will trip over the tent poles and get injured.

For identified Risk project creates Mitigation Plan.
Even after having put in the Mitigation plan the Risk happens. This is called Residual Risk then while the Residual Risk is happening or triggered implement the Contingency Plan.

In case even after the Mitigation plan and Contingency plan is implemented a Risk is existing then implement the Fallback Plan.

Just because the Mitigation &/or Contingency plan were implemented a new Risk would emanate. This Risk is called Secondary Risk. If the Mitigation &/or Contingency plan were not implemented this Risk would not have happened.

For Accepted Risk or Unknown Risks for which no planning was done a Workaround Plan is implemented.


Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)