Risk Management Plan for Large IT Projects: Analysis and Strategies
VerifiedAdded on 2023/01/13
|9
|2334
|32
Report
AI Summary
This report presents a detailed risk management plan designed for large IT projects. It begins with an executive summary, followed by an introduction that underscores the importance of proactive risk management in IT. The core of the report focuses on risk assessment, including identification, analysis, and evaluation of potential risks, such as unavailability of the steering committee, inadequate funding, and staff rejection of new procedures. The analysis categorizes risks based on their likelihood and potential impact, assigning grades to prioritize mitigation efforts. The plan then outlines specific risk mitigation strategies, detailing preventative and contingency actions, along with associated costs and responsible parties. A section on risk monitoring describes the frequency and methods for reviewing risks, emphasizing the roles of the project manager, team members, and sponsor in the process. The report also defines roles and responsibilities for key stakeholders, including the steering committee, project manager, project team, sponsor, and consultant, highlighting their contributions to effective risk management. The report concludes with a list of references. This risk management plan provides a practical guide for managing and mitigating risks throughout the lifecycle of IT projects.
RISK MANAGEMENT
PLAN
PLAN
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
TABLE OF CONTENTS
EXECUTIVE SUMMARY.............................................................................................................1
INTRODUCTION...........................................................................................................................1
RISK ASSESSMENT......................................................................................................................1
Identification................................................................................................................................1
Analysis and Evaluation..............................................................................................................2
RISK MITIGATION.......................................................................................................................3
RISK MONITORING.....................................................................................................................4
ROLES AND RESPONSIBILITIES...............................................................................................4
Steering Committee.....................................................................................................................4
Project manager...........................................................................................................................4
Project Team................................................................................................................................5
Sponsor........................................................................................................................................5
Consultant....................................................................................................................................5
REFERENCES................................................................................................................................6
EXECUTIVE SUMMARY.............................................................................................................1
INTRODUCTION...........................................................................................................................1
RISK ASSESSMENT......................................................................................................................1
Identification................................................................................................................................1
Analysis and Evaluation..............................................................................................................2
RISK MITIGATION.......................................................................................................................3
RISK MONITORING.....................................................................................................................4
ROLES AND RESPONSIBILITIES...............................................................................................4
Steering Committee.....................................................................................................................4
Project manager...........................................................................................................................4
Project Team................................................................................................................................5
Sponsor........................................................................................................................................5
Consultant....................................................................................................................................5
REFERENCES................................................................................................................................6
EXECUTIVE SUMMARY
This risk management plan had focused on process that had adopted to analyse, identify
and evaluate risk during the remainder of the project. Risk register had been developed to
identify type of risk and impact it will have on the project. Mitigation actions that are required to
be taken as preventive or contingency plan to be used when risk occurs. These risk mitigation
strategies had been developed with the help of risk assessment in which risk identification,
assessment and evaluation had been done so that proper measures that are required to be taken
can be identified. Other than this, risk management pan had also helped in understanding risk
monitoring process in which what kind of risk will be reviewed by whom, who much frequently
it will be reviewed will be identified. There are three main members of risk management plan
who had separate roles and responsibilities to manage the he risk and how they will work on risk
mitigation strategies to change the status of the risk.
INTRODUCTION
Risk management plan is a kind of document which is used by project managers to
identify risk, analyse its impact on project, actions that are required to be taken to manage the
risk and person who will be responsible for management of that risk (Hopkinson, 2017). The
main objective of risk management of large projects in IT is to identify, analyse and mitigate risk
throughout the remaining project so that so that any kind of risk identified at any time period can
be managed so that their impact on large IT projects can be reduced or eliminated. All the risk
identified are managed by the project managers so that it does not impact whole project and
project can be completed in a timely manner. Whenever any risk is identified carious kinds of
stakeholders such as project manager, project members, steering committee are involved to
develop an action plan.
RISK ASSESSMENT
Identification
In large IT projects it is important to identify all kinds of risk that can affect a project and
can work as a barrier in successful completion of the project should be identified at initial stage
of the project itself (Fontaine, 2016). In this large IT project various kinds of risk were identified.
In order to identify the risk various categories were made with the help of which it became easy
to identify risk and at the same time it is identified that will be involved in the process.
1
This risk management plan had focused on process that had adopted to analyse, identify
and evaluate risk during the remainder of the project. Risk register had been developed to
identify type of risk and impact it will have on the project. Mitigation actions that are required to
be taken as preventive or contingency plan to be used when risk occurs. These risk mitigation
strategies had been developed with the help of risk assessment in which risk identification,
assessment and evaluation had been done so that proper measures that are required to be taken
can be identified. Other than this, risk management pan had also helped in understanding risk
monitoring process in which what kind of risk will be reviewed by whom, who much frequently
it will be reviewed will be identified. There are three main members of risk management plan
who had separate roles and responsibilities to manage the he risk and how they will work on risk
mitigation strategies to change the status of the risk.
INTRODUCTION
Risk management plan is a kind of document which is used by project managers to
identify risk, analyse its impact on project, actions that are required to be taken to manage the
risk and person who will be responsible for management of that risk (Hopkinson, 2017). The
main objective of risk management of large projects in IT is to identify, analyse and mitigate risk
throughout the remaining project so that so that any kind of risk identified at any time period can
be managed so that their impact on large IT projects can be reduced or eliminated. All the risk
identified are managed by the project managers so that it does not impact whole project and
project can be completed in a timely manner. Whenever any risk is identified carious kinds of
stakeholders such as project manager, project members, steering committee are involved to
develop an action plan.
RISK ASSESSMENT
Identification
In large IT projects it is important to identify all kinds of risk that can affect a project and
can work as a barrier in successful completion of the project should be identified at initial stage
of the project itself (Fontaine, 2016). In this large IT project various kinds of risk were identified.
In order to identify the risk various categories were made with the help of which it became easy
to identify risk and at the same time it is identified that will be involved in the process.
1
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
As here a large IT project is consent, at initial stage of the project brainstorming session
was involved which helped in identification of the risk. This process occurred whenever a
meeting was conducted. This risk identification process involved various project members,
project manager, Consultant, Sponsors of the project. Project manager with all the risk
identification members used to conduct a meeting where brainstorming was done and risk were
identified on the basis of risk categories like whether the identified risk was outside the project or
inside project boundaries, whether risk would occur during the project or during the delivery of
the project, whether the risk would create any kind of damage to the project or would not. With
the help of brainstorming session risk project manager was above to identify all the risk in a
better manner and was also able to access the likelihood of risk to occur and impact the project
was also identified. In this large IT project three types of risk were identified: Unavailability of
steering committee, inadequate funding to complete the project and rejection of new procedure
by the staff members.
Analysis and Evaluation
Risk analysis:
All the three identified risk can impact overall success of the project and had various
consequences. All the three risk has different consequences such as:
Unavailability of steering committee: It is a high risk as it can delay the project, impact
project outcomes in many ways, due to reduced time period or extended time period overall
quality of the project outcome can be reduced.
Inadequate funding to complete the project: Due to this risk, project outcome would not be
delayed but overall quality of the output might get degraded. Cost of the project will also be
increased for adequate funding of the project to complete it on time. If adequate required
funding is to made available on time, then it can increase the time frame in which project
would be completed.
Rejection of new procedure by the staff members: Due to this risk, it can delay the project,
impact project and can degrade the quality of project outcome. Other than this in order to
make staff members adopt new procedure, they would be required to train which would
increase both time period and cost of the project.
Risk evaluation:
2
was involved which helped in identification of the risk. This process occurred whenever a
meeting was conducted. This risk identification process involved various project members,
project manager, Consultant, Sponsors of the project. Project manager with all the risk
identification members used to conduct a meeting where brainstorming was done and risk were
identified on the basis of risk categories like whether the identified risk was outside the project or
inside project boundaries, whether risk would occur during the project or during the delivery of
the project, whether the risk would create any kind of damage to the project or would not. With
the help of brainstorming session risk project manager was above to identify all the risk in a
better manner and was also able to access the likelihood of risk to occur and impact the project
was also identified. In this large IT project three types of risk were identified: Unavailability of
steering committee, inadequate funding to complete the project and rejection of new procedure
by the staff members.
Analysis and Evaluation
Risk analysis:
All the three identified risk can impact overall success of the project and had various
consequences. All the three risk has different consequences such as:
Unavailability of steering committee: It is a high risk as it can delay the project, impact
project outcomes in many ways, due to reduced time period or extended time period overall
quality of the project outcome can be reduced.
Inadequate funding to complete the project: Due to this risk, project outcome would not be
delayed but overall quality of the output might get degraded. Cost of the project will also be
increased for adequate funding of the project to complete it on time. If adequate required
funding is to made available on time, then it can increase the time frame in which project
would be completed.
Rejection of new procedure by the staff members: Due to this risk, it can delay the project,
impact project and can degrade the quality of project outcome. Other than this in order to
make staff members adopt new procedure, they would be required to train which would
increase both time period and cost of the project.
Risk evaluation:
2
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Likelihood of occurrence of all the risk and seriousness of the risk i.e. the manner in
which it can impact the project is completely different (Hillson, D., 2017). On the basis of
likelihood and seriousness of the risk it will be assessed and graded accordingly.
Likelihood
Seriousness
Low Medium High EXTREME
Low N D C A
Medium D C B A
High C B A A
Unavailability of steering committee: it is an ‘A’ grade risk i.e. as soon as the project starts it
is required to be taken care off and implementation of mitigation actions is required to be
implemented as priority.
Inadequate funding to complete the project: it is an ‘B’ grade risk i.e. to reduce likelihood
and seriousness of the risk mitigation actions would be taken during its execution
Rejection of new procedure by the staff members: it is an ‘A’ grade risk i.e. as soon as the
project starts it is required to be taken care off and implementation of mitigation actions is
required to be implemented as priority.
From the above evaluation it can be said that Unavailability of steering committee and
Rejection of new procedure by the staff members are ‘A’ grade risk for which risk mitigation
actions should be taken as first priority
RISK MITIGATION
Risk mitigation plan for all the three identified project, person responsible for it and cost
implications for project budget are as follows:
Unavailability of steering committee: Mitigation action proposed for it is preventative. There
is no cost implication associated with it. By confirming meeting schedule at the starting of
the project itself, by connecting project objective with strategic objectives of agencies can
reduce likelihood and seriousness of the risk. Project manager is responsible for this
mitigation action.
Inadequate funding to complete the project: Mitigation action proposed for it is Contingency.
There is no cost implication associated with it. By re-scoping the project and focusing
3
which it can impact the project is completely different (Hillson, D., 2017). On the basis of
likelihood and seriousness of the risk it will be assessed and graded accordingly.
Likelihood
Seriousness
Low Medium High EXTREME
Low N D C A
Medium D C B A
High C B A A
Unavailability of steering committee: it is an ‘A’ grade risk i.e. as soon as the project starts it
is required to be taken care off and implementation of mitigation actions is required to be
implemented as priority.
Inadequate funding to complete the project: it is an ‘B’ grade risk i.e. to reduce likelihood
and seriousness of the risk mitigation actions would be taken during its execution
Rejection of new procedure by the staff members: it is an ‘A’ grade risk i.e. as soon as the
project starts it is required to be taken care off and implementation of mitigation actions is
required to be implemented as priority.
From the above evaluation it can be said that Unavailability of steering committee and
Rejection of new procedure by the staff members are ‘A’ grade risk for which risk mitigation
actions should be taken as first priority
RISK MITIGATION
Risk mitigation plan for all the three identified project, person responsible for it and cost
implications for project budget are as follows:
Unavailability of steering committee: Mitigation action proposed for it is preventative. There
is no cost implication associated with it. By confirming meeting schedule at the starting of
the project itself, by connecting project objective with strategic objectives of agencies can
reduce likelihood and seriousness of the risk. Project manager is responsible for this
mitigation action.
Inadequate funding to complete the project: Mitigation action proposed for it is Contingency.
There is no cost implication associated with it. By re-scoping the project and focusing
3
resources and time can act as a mitigation action can reduce likelihood and seriousness of the
risk. Project manager is responsible for this mitigation action.
Rejection of new procedure by the staff members: Mitigation action proposed for it is
preventative. Cost implication associated with it is $3,000. By providing opportunity for staff
feedback/input prior to policy/procedure finalisation, developing training plan can reduce
likelihood and seriousness of the risk. Sponsor, project manager, consultant are responsible
for this mitigation action.
RISK MONITORING
The risk will be monitored in systematic way so that it can be minimised. So, in this project
risk monitoring will be done:
Risk issues and registers will be reviewed weekly so that risks are identified and accordingly
measures are taken. Also at initial stage risk monitoring is done weekly but in later stage of
project it will be done in monthly.
Here, project manager will be involved in review of risk and entire project. Moreover, team
members will also be engaged in monitoring of risk.
It is analysed that monitoring of risks will be done weekly and then its likelihood is identified.
This will allow in taking effective measure within appropriate time and reducing the impact of
risk. Moreover, by weekly monitoring emerging risk can be easily determined. so, it will enable
in dealing with it quickly and maintaining effective progress of project.
the risk register will be maintained in separate document. this is because it will provide a detailed
description of types of risk that can occur and what actions are to be taken.
The project sponsor will be provided with updated risk register on weekly basis. With help of
this, it will be easy for them to identify risk and take proper actions. Moreover, this information
will be forwarded to project team.
The risk status will be reported in project status in week. It will assist project manager in taking
effective decisions regarding how to minimise impact of risk.
ROLES AND RESPONSIBILITIES
Risk management is based on the practices for identifying potential risk in advance and also
analysing them while talking significant steps to minimize the risk (Sant and Raut, 2019).
Various risks come from different sources which may including financial markets, threat of
project failure, credit risk, natural disaster and legal liabilities. These are different types of risk
4
risk. Project manager is responsible for this mitigation action.
Rejection of new procedure by the staff members: Mitigation action proposed for it is
preventative. Cost implication associated with it is $3,000. By providing opportunity for staff
feedback/input prior to policy/procedure finalisation, developing training plan can reduce
likelihood and seriousness of the risk. Sponsor, project manager, consultant are responsible
for this mitigation action.
RISK MONITORING
The risk will be monitored in systematic way so that it can be minimised. So, in this project
risk monitoring will be done:
Risk issues and registers will be reviewed weekly so that risks are identified and accordingly
measures are taken. Also at initial stage risk monitoring is done weekly but in later stage of
project it will be done in monthly.
Here, project manager will be involved in review of risk and entire project. Moreover, team
members will also be engaged in monitoring of risk.
It is analysed that monitoring of risks will be done weekly and then its likelihood is identified.
This will allow in taking effective measure within appropriate time and reducing the impact of
risk. Moreover, by weekly monitoring emerging risk can be easily determined. so, it will enable
in dealing with it quickly and maintaining effective progress of project.
the risk register will be maintained in separate document. this is because it will provide a detailed
description of types of risk that can occur and what actions are to be taken.
The project sponsor will be provided with updated risk register on weekly basis. With help of
this, it will be easy for them to identify risk and take proper actions. Moreover, this information
will be forwarded to project team.
The risk status will be reported in project status in week. It will assist project manager in taking
effective decisions regarding how to minimise impact of risk.
ROLES AND RESPONSIBILITIES
Risk management is based on the practices for identifying potential risk in advance and also
analysing them while talking significant steps to minimize the risk (Sant and Raut, 2019).
Various risks come from different sources which may including financial markets, threat of
project failure, credit risk, natural disaster and legal liabilities. These are different types of risk
4
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
associated with IT project. sometimes, it can be classified into both positive as well as negative
aspects. Risk management standards were developed by different committee in order to achieve
the significant goals and objectives. In context of IT project, it must expose itself to determine
number of financial risks by different stakeholders.
Steering Committee
The committee should be assessed the information technology project risk within
organization so as they can identify in particular areas. In order to recommend to perform rating
procedures that how system will efficient for business expansion (Crispim, Silva and Rego,
2019). In this way, it can make IT policies for oversight and managing the business risk. The
committee must ensure that IT project taking appropriate measurement to balance risk in the
ongoing enterprise activities. Committee members always assists for directors to set up risk
strategies, frameworks, procedures and models to handle functionality of IT project effectively.
The steering committee tries to give assurance when IT related project must be implemented
within organization.
Project manager
The role of risk manager in IT project is to communicate with risk policies and
procedures in the organization. It should provide a hand-on development model that involves
credit, operational risk and assure controls. It is also performed the significant role to handle all
type of operational risk by manager. In another way, manager will try to use technique to analyse
and determine financial impact in IT project and how it directly affecting organizations.
Project Team
The basic responsibilities of project team is to give assurance where IT project completed
without any risk (Burtonshaw-Gunn, 2017). Generally, there are limited possibilities to reduce
risk. In this way, Project team perform significant roles for oversees project effectiveness while
approve risk management policies and define the framework of IT project. Project team is group
of people, who always participants to handle risk management in the organization. On regular
basis, it is monitoring the functionality of project where how they can perform well manner.
Sponsor
In context of IT project, the sponsor plays important role for maintaining relationship with
stakeholders. Sometimes, it affected by development, completion and initiation in project. It will
arise risk related lack of resource availability which increased major issues or problem. So that
5
aspects. Risk management standards were developed by different committee in order to achieve
the significant goals and objectives. In context of IT project, it must expose itself to determine
number of financial risks by different stakeholders.
Steering Committee
The committee should be assessed the information technology project risk within
organization so as they can identify in particular areas. In order to recommend to perform rating
procedures that how system will efficient for business expansion (Crispim, Silva and Rego,
2019). In this way, it can make IT policies for oversight and managing the business risk. The
committee must ensure that IT project taking appropriate measurement to balance risk in the
ongoing enterprise activities. Committee members always assists for directors to set up risk
strategies, frameworks, procedures and models to handle functionality of IT project effectively.
The steering committee tries to give assurance when IT related project must be implemented
within organization.
Project manager
The role of risk manager in IT project is to communicate with risk policies and
procedures in the organization. It should provide a hand-on development model that involves
credit, operational risk and assure controls. It is also performed the significant role to handle all
type of operational risk by manager. In another way, manager will try to use technique to analyse
and determine financial impact in IT project and how it directly affecting organizations.
Project Team
The basic responsibilities of project team is to give assurance where IT project completed
without any risk (Burtonshaw-Gunn, 2017). Generally, there are limited possibilities to reduce
risk. In this way, Project team perform significant roles for oversees project effectiveness while
approve risk management policies and define the framework of IT project. Project team is group
of people, who always participants to handle risk management in the organization. On regular
basis, it is monitoring the functionality of project where how they can perform well manner.
Sponsor
In context of IT project, the sponsor plays important role for maintaining relationship with
stakeholders. Sometimes, it affected by development, completion and initiation in project. It will
arise risk related lack of resource availability which increased major issues or problem. So that
5
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
sponsor agreed with scope of project and provide better resources for increasing the quality of
services. Therefore, it is better way to deal with problem of risk.
Consultant
It plays an important role within Information technology project related risk management.
When consultant directly coordinate with project team for identifying multiple risk that effects
on the entire IT project. Many external consultants have knowledge about the business continuity
for making a plan to deals with threats as well as challenging situation.
6
services. Therefore, it is better way to deal with problem of risk.
Consultant
It plays an important role within Information technology project related risk management.
When consultant directly coordinate with project team for identifying multiple risk that effects
on the entire IT project. Many external consultants have knowledge about the business continuity
for making a plan to deals with threats as well as challenging situation.
6
REFERENCES
Books and Journals
Burtonshaw-Gunn, S.A., 2017. Risk and financial management in construction. Routledge.
Crispim, J., Silva, L.H. and Rego, N., 2019. Project risk management practices: the
organizational maturity influence. International journal of managing projects in business.
Fontaine, M., 2016. Project risk management. Enterprise Risk Management, pp.47-58.
Hillson, D., 2017. Managing risk in projects. Routledge.
Hopkinson, M., 2017. The project risk maturity model: Measuring and improving risk
management capability. Routledge.
Sant, V. and Raut, D.N., 2019. Implementation of Risk Management in IOCL Tender Driven
Project–A Case Study. Global Journal of Management And Business Research.
7
Books and Journals
Burtonshaw-Gunn, S.A., 2017. Risk and financial management in construction. Routledge.
Crispim, J., Silva, L.H. and Rego, N., 2019. Project risk management practices: the
organizational maturity influence. International journal of managing projects in business.
Fontaine, M., 2016. Project risk management. Enterprise Risk Management, pp.47-58.
Hillson, D., 2017. Managing risk in projects. Routledge.
Hopkinson, M., 2017. The project risk maturity model: Measuring and improving risk
management capability. Routledge.
Sant, V. and Raut, D.N., 2019. Implementation of Risk Management in IOCL Tender Driven
Project–A Case Study. Global Journal of Management And Business Research.
7
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
1 out of 9
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.