The Profession of Risk Management and Its Value to Project Success
Glen Alleman MSSM
Vetern, Applying Systems Engineering Principles, Processes & Practices to Increase the Probability of Program Success for Complex Systems in Aerospace & Defense, Enterprise IT, and Process and Safety Industries
I've had an engagement on social media recently, where it was clear there is a low level of understanding of how managing in the presence of uncertainty is sorely missing in the agile development community, where the focus is on?coding stories and features to produce outcomes. I observed an approach that ignores the need to estimate and the near-willful ignorance of developing software in the presence of uncertainty and the risk that uncertainty creates on the project's success.
It's become clear in some parts of the agile community that there is little understanding of risk management.
I and two colleagues have two chapters in a risk management book. I and another colleague are finishing another risk book from the same publisher (Taylor Francis) Risk Management: Managing Tomorrow's Threats.
Both books start with the foundation that all risk comes from uncertainty - reducible (Epistemic) and irreducible (Aleatory).
Risk Management provides a comprehensive overview of the people, principles, processes, and practices needed to increase the probability of project success.
There are four primary root causes of project failure, created by uncertainties, that in turn, create risk:
- Unrealistic performance expectation, with missing Measures of Effectiveness and Measures of Performance for the Capabilities needed to accomplish the Mission or fulfill the Strategy
- Unrealistic cost and schedule estimates based on inadequate risk-adjusted growth models.
- Inadequate assessment of the uncertainties and unmitigated exposure to these uncertainties create risk without proper handling strategies.
- Unanticipated technical issues without alternative plans and solutions to maintain the effectiveness of the project and technical development processes and its deliverables.
Continuous Risk Management is the basis of increasing the probability of project success by:
- Preventing problems before they occur with a premortem to identify the cause of the uncertainties and take preventive and corrective actions to remove this condition and activity of the root cause before the risk becomes an issue.
- Improving the quality of the project's outcomes by focusing on project objectives and consciously looking for risks that affect Cost, Schedule, and Performance throughout the project's lifecycle.
- Enabling better use of resources through early identification of problems provides input to management decisions regarding resource allocation.
- Promoting teamwork by involving personnel at all levels of the project and focusing their attention on a shared vision of the Mission to provide a mechanism for achieving the needed Measures of Effectiveness and Measures of Performance.
To this end, here's a list of papers, books, and articles that have informed our work in our Complex System of Systems domain. Not all these will interest everyone, but they cover nearly every aspect of risks created by uncertainty that will impact the probability of your project's success. This list is augmented by another list, with some overlap, on risk management resources focused on agile development - A Compendium of Risk Management Resources. Each of these can be found with a Google search. With this list and the larger one of agile software development, there should be NO reason for failing to understand how risk management works and the processes of managing risks generated by reducible and irreducible uncertainties. Ultimately, the only reason is willful ignorance of the topic and its application. Don't be one of those who ignore the principles, practices, and processes of risk management.
