Project Risk Management Purpose
Project risk management planning involves deciding how risk management activities will be conducted over the life of a project. The output of project risk management planning is the project risk management plan. Risk management is an iterative process. The risk management plan should be updated when any substantial changes to the project are made and/or when a risk event occurs.
Describe the purpose of a project risk management plan. (2–3 paragraphs)
Describe the components of a risk management plan. Your description should include at least four components. (4–5 paragraphs)
Project Risk Management Approach and Process
The project risk management process is designed to provide proactive and continuous focus on the uncertainty that exists in all projects. It is critically important to first identify and analyze potential risks to a project using a well-defined and structured approach to ensure accuracy and completeness. It is also important to avoid under- or over-estimating project risks. Under-estimated risks may jeopardize project success. When risks are over-estimated, opportunities may be lost.
Describe at least four steps in the project risk management process that will be used to identify, analyze, and respond to risks for the Pepsi Refresh project. (4–5 paragraphs)
Explain how risk management will be approached for the Pepsi Refresh project. (3–4 paragraphs)
Project Risk Identification
Once the approach and process for managing project risks have been determined, it is time to identify potential project risks and document them in a risk register. It is helpful to think about possible sources or categories of project risks as a way to organize the risk list. It may not be possible to identify every risk that could occur during the project but risk management is an iterative process. Over the life of the project you will review risks often, and you will update the risk register as needed.
Describe the process you will use to identify risks for the Pepsi Refresh project. (3–4 paragraphs)
Describe three types of risks you will identify for the Pepsi Refresh project, such as operational, technical, regulatory, etc. (3–4 paragraphs)
Describe three sources of project risks you will identify for the Pepsi Refresh project, such as weather, vendor, staffing, technology, etc. (3–4 paragraphs)
Document the project risks identified for the Pepsi Refresh project in the risk register in columns A–F.
Project Risk Assessment (Qualitative)
Once project risks have been identified, the project team must analyze them to try to determine the likelihood (probability) of occurrence and the effect to the project (impact) should a given risk event occur. All risk analysis begins with qualitative analysis. To ensure accuracy and completeness, the project team should study both the risk event itself and the interactions between risk events.
Explain how risk measurement scales will be developed for the Pepsi Refresh project. Will you use a standard organizational set of measurements or define your own? (3–4 paragraphs)
Explain how risks will be prioritized for the Pepsi Refresh project based on the defined qualitative measurement scales. (3–4 paragraphs)
Document the risk measurement scales and their meaning in the project risk register in columns H–J. For example:
What does a “2” mean for probability? Is that 20% or 20–40%?
What does a “4” mean for impact? Is that “project fails to meet one objective” or “project exceeds budget or timeline by 20%”?
Project Risk Assessment (Quantitative)
Once project risks have been qualitatively assessed, the project team must review those with the highest risk factor scores (probability x impact) and further analyze them using quantitative risk analysis methods.
For this project, use expected monetary value (EMV) as your quantitative method.
Explain how risks will be prioritized for the Pepsi Refresh project based on the EMV method. (3–4 paragraphs)
Document the EMV risk measurement information in the project risk register in column K.
Project Risk Response
Risk responses and action steps are defined during the risk response planning phase.Here the project team must plan the actions that will be taken should any identified risk actually materialize. This is typically done for some subset of the total population of risk issues identified—most likely those that are of the highest probability and/or impact. Risks can be both negative (threats) and positive (opportunities).The possible strategies for responding to negative risks include: avoid, transfer, mitigate, and accept. The possible strategies for responding to positive risks include: exploit, enhance, share, and accept.
Summarize the approach for developing risk response strategies. For example, which risks will you first attempt to avoid? Will you do it based on the risk factor score (P*I) or EMV? (3–4 paragraphs)
Describe the process you will use to determine risk triggers (the event that tells you that the risk event is imminent). (3–4 paragraphs)
Document the risk triggers in the project risk register in column G.
Document risk response strategies (plans) for each risk in the project risk register in columns L–M. The risk response strategies should be derived from the eight strategies in thePMBOK® Guide.
Risk Management Scenario
Scenario Background
Company:
Pepsi
Pepsi’s Product Portfolio
Fun for you
Better for you
Good for you
Pepsi’s Target Markets
Millennial
Generation X
Baby Boomer
Internal Environment
Board of Directors
Risk management director at board level
Multiple levels of corporate management
Chief risk officer at corporate management level
Multiple divisions
Multiple management levels within divisions
Executive risk manager at divisional level
Wholly owned subsidiaries
Multiple divisions within subsidiaries
Multiple management levels within divisions
External Environment
Bottling companies
Distributers
Point of sale locations
Community relations
Strategic alliances
Competitors
Risk Environment
Appetite
High degree of risk acceptance for marketing programs
High degree of risk acceptance related to return on investment timeline
Moderate degree of risk acceptance for distinction between lines on product portfolio
Low degree of risk acceptance regarding company reputation
Tolerance
High tolerance for risks related to relations with bottlers and distributers
Moderate tolerance for community relations
Low tolerance for risks related to brand image
Threshold
Defined by risk policies and procedures at the corporate and division levels
Scenario
Pepsi has concluded that continuing the Pepsi Refresh Program will, in fact, be profitable in the medium-term and is worth the investment outlined in the board’s subcommittee report. The board has directed the company executives to execute a pilot that will roll out the redesigned program for a period of 1 year. After 1 year, the board will analyze the results and make a determination on continuing, tweaking, or halting the program altogether.
The initial plan was to reduce focus on social media and focus more on traditional and sports marketing vehicles; however, the board received an industry report that shows companies are realizing increased revenue through increases in earned media value, and companies increase earned media value by combining traditional marketing vehicles with social media. Pepsi will increase focus on this one area during this 1-year pilot. The chief executive officer (CEO) assigned a program manager to implement the redesigned Pepsi Refresh Program and a project manager to focus on the combination of traditional marketing vehicles and social media.
The project manager assembled a project team with a project risk management professional (RMP) to manage project risks. The RMP will develop a project risk management plan that will integrate with the program risk management plan of the pilot program. The risk management plan will define procedures to identify risks throughout the phases of the project. The plan will lay out the major categories of risks associated with the project, how each category will affect the project’s stakeholders, and how stakeholders will be engaged in the risk management process.
The risk management framework, detailed in the strategic plan, will serve as the foundation for the risk management plan employing corporate and division policies and procedures to manage risks to the project schedule, budget, and scope. The RMP will detail the risks to organizational assets and outline the environmental factors that the program and project managers should consider as they plan, execute, and monitor the project. Risk impacts and probability scales must show alignment with the organization’s risk appetite and tolerance—and set thresholds used to manage monitoring and response strategies. These strategies must allow for responses leveraging both external factors and relationships and internal corporate and divisional resources.