Qualitative Project Risk Analysis - 2

What do you mean by probability and severity scales, and how do I use them?

Assessing Probability

Probability is best assessed on a five point scale as follows:

1. Highly unlikely: p = 0.1

2. Unlikely: p = 0.3
3. Possible: p = 0.5
4. Moderately probable: p = 0.7
5. Highly probable: p = 0.9

Assessing Severity

Severity is also best assessed on a five point scale as follows:

1. Insignificant: s = 0.05

2. Moderate: s = 0.10
3. Medium: s = 0.20
4. Severe: s = 0.40
5. Catastrophic: s = 0.80

·         Note the ratio scale

The Risk Event Status or Rating Matrix

Red = serious concern; Grey = concern; Green = awareness

Assessing Probability

·      Strive for range, not accuracy!

·      Ask Questions like:

·         Are our chances above or below 50%?

·         If above (below) better than 90% (worse than10%)?

·         If below 90% (above 10%) then above or below 70% (30%)?

·      Donít ask "What is the longest time this activity could take?"

·         The inevitable answer will be "Forever"!

·      Deal with the Impact scale the same way

·         Except note that it is a ratio scale, not linear

Other techniques - 1

Testing the project's assumptions

·         Your project does have a list of assumptions, I hope?!

·         Test them against two criteria:

·         Stability: How true will the assumption remain through the project life span?

·         Consequences: What if the assumption proves to be false?

·         Alternative assumptions should also be identified

Other techniques - 2

Data precision review

·         Qualitative risk analysis requires reliable and unbiased data

·         If the result is to be meaningful

·         Evaluate the data against the following criteria

·         Extent of understanding of the risk event

·         Availability of data, how much do we really know?

·         The quality of the data we have

·         Its reliability and integrity

Beware of the Fatal Flaw!

·      Always watch out for the risk event with the "fatal flaw"

·         It may look very unlikely

·         But it could be devastating!

·      A "fatal flaw" project risk event is one that presents a situation that simply cannot be recovered

·         The technology proves to be inappropriate

·         A key knowledge worker moves on

·         Political climate changes dramatically

and so on. . .

What have we accomplished?

You should end up with:

·         An overall risk ranking for the project

·         Perhaps as a basis for proceeding further

·         A prioritized list of project risks

·         For closer scrutiny, perhaps for association with scope, quality, time, cost or functionality, etc

·         Priority risks for further analysis

·         I.e. Quantitative Risk Analysis