Recognising that risk is inherent in every IT project is the first step towards managing it effectively.

“Would you like some risk with that?” Is something I almost never hear.  In the IT business, we tend to stress the positive and minimise the negative.

As the title of the piece states: Risk Is Like Fries – You Can’t Avoid it!”, people don’t like to think they are actually paying for risk — but like fries at a fast-food restaurant, it tends to come with everything.  It is simply not possible to run a project without risk, so (to continue with the fast-food analogy) better just to get the combo meal so at least you know what is coming.

My line of work is software implementation and over the years I have developed a fairly accurate idea of the kinds of risks that may arise.  My “standard risk set” is the fruit of lessons learned from different projects at a variety of customers.

SAME RISKS ALL OVER AGAIN!
What I find amazing is how frequently the same risks crop up time and again — and how often they are ignored.  You could probably put this down to the old “Not invented here” syndrome, or to “It won’t happen to us”.  Otherwise, known as the ostrich syndrome.

My top of the list is poor scope definition at the start of the project followed inevitably by scope creep.  This risk is identified at the kick off meeting by the words “That’s not what we wanted” from the customer.  This is a complaint that the retort “But that’s what you ordered” only partially resolves.

I – always! – get the team and the customer stakeholders into the same room to go through the contracted scope of the project, line by line.  It’s called: “Set and agree expectations”.  Most of the time, it works, unless someone outside of the process sets  unrealistic expectations, or where unwise conditions have been agreed to in a contract.  This type of scenario can leave the customer with unexpected costs – definitely not what is desired on any project.

Sam Goldwyn – of Metro Goldwyn Mayer (MGM) fame – was wrong.  A verbal agreement is worth the paper it’s written on.  There is a clause in our contracts which excludes external agreements and undertakings being included in the scope of the contracted project.  The lesson here is to get it down in writing either up front or as a documented change later.

My company has a methodology that works extremely well in today’s fast-moving world because it offers great guidance without being prescriptive.  It clearly states what I need to produce and it defines what checks and balances I need to put in place to ensure a successful outcome.  This method also gives me the freedom to fast-track certain stages and even to blur the boundaries between stages or break stages up into sub-stages, if appropriate and if the customer agrees to accept the risks inherent in making such a decision

THE KEY: RISK IDENTIFICATION AND RISK RESPONSE PLANNING
In my view, the key element of the method is risk identification and risk response planning. This works at two levels.  At the macro level, you identify risk by scoring major drivers, enabling you to assess what the project’s overall risk profile is.

The next stage is to build an inventory of all the risks and identifying the appropriate response.  This is where the real risks get sorted out, ideally in an open, participative forum.

Some people are more comfortable with denial of risk possibilities and end up sweeping it under the carpet but inevitably it comes out and bites you.  I prefer to think that identifying risk, agreeing how to deal with it and then planning for it, is the smarter option, and the mark of a good project manager.

Yes, I will certainly have risk with that!

Bio:

Philip Knagg has extensive experience of all aspects of IT.  Over the years he has worked in various areas of IT including: operations manager; business analyst, systems analyst, developer, designer and architect.  For the past fifteen years he has specialised in: artificial intelligence, project management and PPM consulting.  He is currently a project manager at CA Southern Africa – the sole representative of CA Technologies, in sub-Saharan Africa, and a member of JSE listed EOH group.