The KISS Principle for Risk Management

Posted by admin_mf on Jun. 21, 2013  /  Risk Management  /   0

There’s usually one rule concerning risk management within many companies; if we do not discuss it there is no reason to talk about it. Many companies turn a blind but hopeful eye to the practice of having sound risk management methodology on their projects. Why? For many reasons and some of them include:

  • It takes considerable time to focus on risk, and we already have enough to do.
  • It takes a specialized skill set and we do not have it internally.
  • Money it tight enough; how can we allot more for things that probably won’t happen?
  • Positive risks? Aren’t all risks negative?

Sound familiar? There is no good reason not to have a risk management methodology for your projects. First, no one ever said you had to do everything outlined in the PMBOK. Remember, it is a “framework.” Risk management also adds value to your projects in a variety of ways. What if you could save money by ordering project resources in bulk? That’s a positive risk, or opportunity. What about moving liability to a 3rd party? That’s a risk transference strategy. Still sound convoluted? Let’s examine some easy steps to getting your risk management program off the ground!

First, use the KISS Principle, as in Keep it Simple Stupid. We already know people push back against change so start small and grow it over time as acceptance grows. Get a sponsor or risk champion to provide executive support. The sponsor should walk the walk and talk the risk talk to show support. Develop a simple risk plan template and ask the sponsor to disseminate for feedback and changes.  Once decided upon it should be posted for all to see. Buy-in here is critical, and use the power of parallel processing. Many people are smarter than a select few!

Next, use the methodology on a small project and keep it simple. Consider risk identification with 2-3 techniques and add to a risk register. Then conduct risk qualification to find low, medium and high risks. Develop appropriate, and simple, responses, then respond and track. Just skip quantification for now and stick to the basics. I know it still sounds like a ton of work but you can work the growing pains out on a small project. Do you really want to try it on an enterprise project? I thought not.

Then discuss risk often. Bring it up during your weekly meetings with the team and with the boss. Discuss it with the team to highlight near-term risks. Keep it on the front of everyone’s mind. As soon as you stop talking about it you’ll find a way to stop doing it. Post it on the top of your status report and highlight activities in the Tracking Grant with risk scores. Make it so common that stakeholders will immediately notice when you forget to bring it up. Celebrate risk response successes!

I guarantee you one thing; as soon as you save money or time, or someone’s life, everyone in the company will know that it was a result of your risk management practices. Or, there is the alternate. They could all be standing around asking you what could have been done to prevent that new eye patch Steve is wearing! Start small, aim high and Keep it Simple Stupid. 

Bob Mahler
[email protected]

Return to list



    Leave a Reply