Event Risk is your typical ‘stuff happens’ risk that pops up over the course of a project. As part of ongoing planning you use the risk register to record them along with any agreed Decision Risks. The vast majority of these can be described in terms of future events with an impact on the project and occurrence uncertainty – once they are certain, i.e. either 100% or 0% probable, they graduate to something else.
There is a tremendous amount of material available on managing event risks so rather than provide a reinterpretation, let’s examine how to deal with your stakeholders on the topic. The challenge you both face is that time spent on risk management often feels ‘wasted’, i.e. why are we spending time on something that may not happen? This makes it a classic opportunity to get the maximum return out of the minimum investment by applying some thoughtful time management.
RISK FILTERING
A useful technique is filtering. As you prepare for a stakeholder review that includes a discussion of risks, I suggest applying three filters against your risk register in this sequence:
- Coarse – Which risks merit focus?
- Medium – How much do they matter to this stakeholder?
- Fine – Do these merit attention now or soon?
The usual technique for determining focus is the classic matrix as diagrammed below with my thoughts on how to manage each quadrant:
| Risk filtering matrix | Low probability of occurrence | High probability of occurrence |
| High impact on occurrence | Manage selected | Focus on most |
| Low impact on occurrence | Keep an eye on | Manage selected |
This is of course an unsophisticated approach but the point is some risks will consume a lot more of your time than others, so don’t feel obliged to treat them like your children and love them all equally. Keep in mind, though, sometimes the best-behaved one can get into a lot of trouble. Have a look here for an article by my colleague Mark Moore on gridding risks.
NOT ALL RISKS ARE CREATED EQUAL
Not all risks affect all stakeholders equally, so you filter further to select only those that are of interest to that particular individual. Lastly, filter out those that require no immediate attention.
This final filtration should then produce a list of particular risks that meet one of these two criteria for action:
- You need to increase the awareness of this risk with this stakeholder, for example, in anticipation of his or her receiving information about it that you want relayed to you.
- You want this stakeholder to take a specific action about this risk in the near future.
Consider the too frequent example of a vendor with a history of announcing delays on short notice. Normally you can work around their typical delay but it is much more difficult when you have too little time to react.
OPTIONS
Your stakeholder has good contacts inside the vendor’s organization. Here are ways the two criteria can play out in your meeting:
- Your assessment of the situation if a delay is possible and trending to likely. You want your stakeholder to let you know as soon as he or she hears anything in the course of normal interaction with the vendor, even if it is unofficial.
- You are nearly certain there will be a delay but its announcement date and duration are unknown. You want your stakeholder to call best buddy Joe at the vendor and get some unofficial but dependable guidance this week.
Stakeholders are not interested if you classify that call to the vendor as a ‘mitigation’ or an ‘avoidance’. That is for you and your risk register to argue about. What your typical stakeholder really wants is just this: what do I need to know, and what do I need to do. Be prepared for some ‘why this’, ‘why now’ and ‘what are you doing about it’ discussions, but these will subside as you get into a comfortable routine.
There is a presumption here that you have regular one on one meetings with key stakeholders. Even though this can be time-consuming, it’s a good practice if you can achieve it. For example, one classic risk is that a unit within an organization has a reputation for erratic performance on projects. You really do not that one being thrashed around in an open forum.
Besides, what’s better than a regular private meeting to demonstrate your insight and deepen your relationship with someone who is the perfect reference for your next assignment?
Bio:
Mark Jones is an experienced technologist with over 30 years of improving business operations with computing solutions. In addition, he is a published author (Project Management Competence – a Pragmatic Guide to Assessment for Project Managers, and Why You Need to Employ More People With Disabilities) and is working on other titles. His most recent PM accomplishment was leading a team building EHR management tools for Ehealth Ontario.
Prior to that he led large teams for IBM’s clients in public sector, retail, utility and telecommunications segments.