If the risk ends with the discoverer, it cannot be referred to as "Risky Management". It must be planned under the standard process. This is the initial stage of risk management.
1. To cultivate risk awareness (risk awareness), you must train team members to actively discover risks at all stages of development, report the risks, and communicate with relevant personnel. The entire process may lack the process definition and has no restrictions, but it is the starting point of the establishment of the team's risk culture and also the basis for establishing risk management.
2. Early risk management from the risk awareness to take action will be a great breakthrough. A basic risk management process can be established: There are many and different terms in risk management, so a standard should be developed within the Organization to standardize future applications.
The entire risk identification and tracing process is an iterative process that repeats throughout the project process (iamt cycle ):
Like the PDCA, the idea is similar.
As for the complete risk management, as defined by PMI, the risk management methods involved in the risk management knowledge field are the complete risk management model. Of course there are other models:
In addition, risk management is divided into many levels. From the project level to the enterprise level, the risk escalation process also needs to be defined.
3. A risk classification method is provided in <applied software risk management> to define the risk attributes as needed. The following is a reference for risk classification:
Atrri.pdf |
Class |
Origin |
Internal |
|
External |
Nature |
Business |
|
Technical |
Domain |
Project |
|
Process |
|
Product |
Affected |
Hazard |
|
Constraint |
|
Nominal |
|
Trivial |
|
Cost |
Affected Pa |
Requirement |
|
Design |
|
Coding |
|
Testing |
|
Training Management |
|
Facilities Management |
|
Quality Management |
|
Project Management |
* Selected from <applied software risk management> 4. After the risk identification and registration risks are identified (for the identification method, refer:
Project Risk Management), which needs to be recorded for tracking. The main elements are as follows: risk ID: a unique identifier risk probability: the likelihood of occurrence. You can use numeric values to quantify 0 ~ 1, 1 is 100%. The number of levels depends on the situation. Some materials are also called likelihood. Risk impact: the size of the affected material. You can also use numeric quantization. Some materials are called consequence. Risk Exposure: This is also called aen, indicating the level of risk. The value is multiplied by probability and impact. Risk origin: the source of risk. Internal or external segments can also be subdivided. Risk category: risk classification. Risk owner: who is responsible for the risk.
Some people also give the 4w1h definition method as follows: http://www.noweco.com/risk/riske03.htm
5. Risk Response Plan the risk response at the project level should have the following policies for specific risks: A. Are there any appropriate avoidance measures? (For example, changing the design) B. How to mitigate (reduction/mitigation) (for example, adding unit tests) C. Can risks be transferred out (transfer? (E.g. outsourcing or demand change) D. If this risk has already occurred, what measures have been taken to mitigate the impact (Contingency Plan )? (For example, change the database to be used immediately)
Develop response plans, assign owners, and specify time for identified risks. These constitute the core risk management forms.
6. Risk tracking risks should be reviewed and updated on a regular basis. Some visualization methods can be used to clearly display the risk priority. Such as lighting or risk view. Lighting is divided into three categories for aen. Red is a high-priority problem. Yellow indicates the risk to be treated with caution, while other risks are green. The more complex illustration is as follows:
According to the 80/20 principle, it is important to effectively differentiate the risks with high priority.
Reprinted please indicate the source:
Http://blog.csdn.net/horkychen