Risk Identification (use to brainstorm risks)
Think about the follow categories when creating a list of risks:
Technical: Requirements, Technology, Interfaces, Performance, Quality
External: Customer, Contract, Market, Supplier
Organizational: Project Dependencies, Logistics, Resources, Budget
Project Management: Planning, Schedule, Estimation, Controlling, Communication
Part delivery is much slower than expected, pushing back testing and therefore project deadlines
Members miss deliverable due to increased work load
Schedule didn’t allow for multiple iterations to occur, now we’re stuck with a less-than-ideal product
Risk Analysis (use to understand impact)
The risk score is based on two axis, Probability and Impact. Use the following chart to understand where a risk falls based on these two factors.
SEVERITY | |||
---|---|---|---|
PROBABILITY | ACCEPTABLE | TOLERABLE | EXTREME |
IMPROBABLE (0%-30%) | Score: 3 (low) | Score: 15 (low) | Score: 30 (Medium) |
UNLIKELY (30%-60%) | Score: 6 (low) | Score: 30 (Medium) | Score: 60 (High) |
POSSIBLE (60%-80%) | Score: 8 (low) | Score: 40 (Medium) | Score: 80 (Extreme) |
PROBABLE (80%-100%) | Score: 10 (Low) | Score: 50 (High) | Score: 100 (Extreme) |
Use the following table to analyze each risk brought up in the “Risk Identification” stage
Risk Event | Related Subteam | Probability % (P) | Severity Rating (S) | Risk Score (P*S) |
---|---|---|---|---|
XXX |
Risk Response (use to mitigate risks)
Any “High” or “Extreme” risks should have an action plan to mitigate any impacts. “Extreme” risks should also have layers of redundancy.
Risk Event | Risk Response | Assignee (RSE) |
---|---|---|
Andy fucks up | Don’t let Andy touch anything |
Risk Monitoring (use to document risks)
What risks actually happened? Document them and add them to the risk analysis for insight on future deadlines.
Risk Event | Risk Impact | Future Mitigation |
---|---|---|