Home > Articles > Software Development & Management

  • Print
  • + Share This
From the author of

Fold 'Em, Check, or Raise: Risk Analysis

Once you've identified your risks, it's time for qualitative risk analysis. Qualitative risk analysis qualifies the risks for in-depth analysis. Basically, you and the project team discuss the identified risks, the probabilities of those risks occurring, and their impact if the risks actually do occur.

The most common approach to this process is to create a risk rating matrix. Here's a quick sample of a risk rating matrix using an ordinal scale:

Risk

Impact

Probability

Score

Vendor

Very high

Medium

High

Developer skills

High

Medium

High

Firmware changes

Medium

Very low

Low

Asteroid

High

Very low

Low

Travel delays

Low

High

Medium

Within your project, you have to determine which of these risks deserve additional analysis. Typically you'd say the risks with a medium score or higher should be taken seriously and are promoted to quantitative risk analysis.

Quantitative risk analysis is fun, fun, fun! Not really. Quantitative risk analysis requires the project manager; the project team; and, in some cases, business analysts and subject matter experts to quantify the risk exposure. This can be accomplished in a bunch of different ways:

  • Interviews with stakeholders. Discussing the risk with stakeholders can help you to capture the true risk impact.
  • Prototypes. A prototype can test the project's deliverable before it goes into production. Obviously, this isn't always feasible with IT projects, construction, and other scenarios where there's no such thing as a pristine environment.
  • Simulations. Simulations and experiments are ideal for "what if" scenarios. With scenarios, you can monkey around with conditions, delays, and sequencing of events to capture the true risk of conditions within your project.
  • Expert judgment. Expert judgment is one of the best tools in project management. It means that the project manager is relying on someone with more experience to help make the best decision.
  • Monte Carlo simulations. Monte Carlo, named after the world-famous city for games of chance (really, it is) allows the project manager to enter all of the different conditions into a computer program to see the most probable outcome of events.

Quantitative risk analysis can also use a risk rating matrix, but it usually uses a cardinal scale rather than ordinal. A cardinal scale is simply hard numbers based on your analysis.

  • + Share This
  • 🔖 Save To Your Account