SlideShare a Scribd company logo

It_Club_NCP_Risk_Management_26_03_2013

Download as PPT, PDF
IT Club GTA
IT Club GTA

Narasimhan Bhagavan (BN), Kompusys Consultants Inc. “Risk Management in Today’s IT World”

1 of 26
• Introduction game • What is Risk and Risk Management? • Identifying risks • Categorize risks - Extreme, High, Medium and Low • Risk-based requirement writing • Risk-based testing • Defects / bugs / issues in IT projects • Software vs. Review defects • Impact of identifying and resolving review defects • Intro to Disaster Risk Management & Green Risk Management • Q&A Kompusys Consultants 2
Introduction Game Let’s play a game by introducing ourselves • Name • Area of specialization Kompusys Consultants 3
What is Risk? Risk: Is the probability that a particular threat will exploit a particular vulnerability of the system Damage (consequences / impact, loss) – Direct loss: financial, environmental, market, etc. – Technical: impact on other projects / products or services – Loss of (faith of) clients, damage to corporate identity, like hacking – Legal, loss of license, due to regulatory lapses – Technical: detection and repair time, e.g. underground – Probability of use – Lost morale Probability of failure – Depends on the knowledge of development project and product (just before testing) Kompusys Consultants 4
Risk Management • Risk identification: Is the process of determining risks that could potentially prevent the project, enterprise, or investment from achieving its objectives. It includes documenting and communicating the concern to the stakeholders • Risk estimation: The likelihood of occurrence and consequences of each risk identified • Risk evaluation: Risks evaluated against its risk thresholds and placed in priority ordering - criteria determined by stakeholders. Contingency plans should be developed for all risks above their thresholds Kompusys Consultants 5
Risk Management (contd..) • Risk treatment: Involves the selection, planning, monitoring, and controlling of actions to decrease risk exposure • Risk mitigation: The process of elimination or reduction of the severity, frequency or magnitude of exposure to risks or minimization of the impact of a threat • Risk management: It’s a continuous process for systematically addressing risk throughout the life-cycle of a project or service • Risk management plan: A plan that defines how the risk management activities are implemented and supported during a project. It is always PROACTIVE. Kompusys Consultants 6
Risk Management (contd..) Managing risks is of no value without understanding what risks to take and why! Risks Threats Consequence Vulnerability Kompusys Consultants 7
Identifying risks Catalysts to identify risk Types of IT risks • Strategic – long-term • Stakeholders – opportunities people on a project • Regulatory – Changes by local • Experience – lessons government learnt • Training – project / product • Location – country, • Operational – late shipment, industry incomplete project or obsolete process • Funding • Financial – not getting paid • Technology • Inherent – meetings, • Environment documentation, sign-off, etc. Kompusys Consultants 8
Categorize risks - Extreme, High, Medium and Low Risk = Probability * Impact • Simply put: How LIKELY it is to happen and how BAD it would be if it ever happened • Without uncertainty or damage, there is no risk • Every individuals perspective of IMPACT is different The biggest single risk for any organization is the risk management doesn’t really work – leading to rising failed projects Kompusys Consultants 9
Categorize risks – Risk matrix – Extreme, High, Medium and Low IMPACT ANALYSIS  Very high High Moderate Low Most likely EXTREME EXTREME HIGH HIGH Likely EXTREME HIGH HIGH MEDIUM Less likely HIGH HIGH MEDIUM LOW Least likely HIGH MEDIUM LOW LOW Unlikely MEDIUM LOW LOW LOW Probability means Likelihood Impact Analysis is Consequence Kompusys Consultants 10
Traditional requirement Kompusys Consultants 11
Risk-based requirement writing • Requirements should be • Encourages development malleable – flexible till teams to negotiate risk project / product end mitigation strategies with • Requirement changes, stakeholders which create significant risk • Helps to identify and • It allows business analysts resolve inconsistencies in to decide what requirement requirements additions are valid from a • Ensures consistency policy or development between the requirements, standpoint all policies, and the • Provides platform to system’s functionality negotiate with the • Stakeholder involvement is customer key to this Kompusys Consultants 12
Risk-based requirement (contd..) • Offers developers and customers, the opportunity to compromise on four variables (cost, time, scope, quality) • Customers are allowed to choose the desired values for three of these four variables, and the developers determine the value of the last variable Examples • Customer might state that they want “a high quality release” on May 1 for $x, and the developers can tell them which of the customer-prioritized requirements might make it into that release • Customer might state that they want a “high quality release” with specified features for $y, and the developers will determine when they can deliver the release. Kompusys Consultants 13
Risk-based testing (RBT) More testing will not result in stable deliveries • Traditional testing is finding the right bugs, whereas RBT involves deferring the right bugs, by employing right skills • Helps to find the right level of quality that can be delivered within a short schedule and limited skilled resources • Completely based on identifying business and technical requirements for an application • Demonstrated improvement in the project success factor • RBT allows QA teams to make informed decisions while setting a clear test exit criteria Kompusys Consultants 14
Risk-based testing (RBT) More testing will not result in stable deliveries • Industry specific – Healthcare, Insurance, Financial, Construction, Mining, … • Test according to the risk matrix with a 3rd dimension – SCENARIO; customer-focused • Schedule test for all risk-based requirements • Test all EXTREME / CRITICAL and HIGH risk items • Validate risk matrix with known situations • Test all medium risks during slack time or between cycles • Document medium and low untested risks during lessons learnt (project closure) Kompusys Consultants 15
RBT- Scenario Driver is driving a car • Loss of control – vehicle manufacturers • Meets with an accident – insurance • Either dies or is injured – health services Probability for losing control is greater than accident, which is greater than the impact Kompusys Consultants 16
RBT – Project Scenario Project Manager is driving the project • Unclear scope – sponsor • Several defects – test team • Kill project or delay – stakeholders Reversing this Probability for successful project delivery is greater when defects are fixed, which is greater when the risks are addressed earlier Kompusys Consultants 17
Defects / bugs / issues in IT projects • Defects are anomalies in the functionality • Incidence of risk occurrence – known defects • Considering the risk means considering the defects • The defects should be analyzed and classified • Action is REACTIVE • RBT focuses on detecting issues much earlier during planning Kompusys Consultants 18
Risks and review defects found Kompusys Consultants 19
Software vs review defects SOFTWARE DEFECTS REVIEW DEFECTS • Traditionally found bugs • Found while inspection or issues or review of documents • Identified only during • Identified throughout execution & monitoring the project lifecycle phase • Early detection starts • Logged and managed from planning stage between cycles • Classified by Severity • Categorized with • Linked with risk Severity & Priority • Proven to save • Rarely linked to risks substantial $s Kompusys Consultants 20
Impact of identifying and resolving review defects Addresses risks and saves money Advantages • Universal across all industries • Risk based approach • Cost is quite low to fix any defects / bugs • Most defects lead to clarification and close • Resource training is uniform and the turnaround cycles are quite aggressive Kompusys Consultants 21
Intro to Disaster Risk Management Involves 4Rs – Readiness, Response, Recovery & Reduction •Disaster risk reduction (DRR) is a systematic approach to identifying, assessing and reducing the risks of disaster •DRR if not acted upon quickly may turn out to be hazardous / critical •Helps build better infrastructure •DRR is an avoidance or delayed method Kompusys Consultants 22
Intro to Green Risk Management Greening IT infrastructure  reducing the risks of failure  lowers maintenance costs •Green Risk Management is highly proactive •Returns on investment is sustainable •Better and faster infrastructure •Improved business results – Legacy IT migrations •Marketplace mandate – Current trends like Cloud computing •Environmental impacts are reduced Kompusys Consultants 23
Kompusys Consultants 24
References • IEEE Standards • Project experience - • BS standards myself • EN standards • Several intl. papers • PMI • Online discussions • DRM articles / papers • Research results • Green & Sustainable • LinkedIn articles Project Management • Google images Kompusys Consultants 25
Contact for future consultancy Narasimhan Bhagavan - CPRM, CIPM, MPM, MQM, CIA, CLA Principal Consultant Kompusys Consultants Phone: 647-248-1398 eMail: Bhagavan.Narasimhan@Gmail.Com LinkedIn: http://www.linkedin.com/in/bnweb Kompusys Consultants 26

Recommended

Wagster
WagsterWagster
WagsterNASAPMC
 
A world in which all projects succeed - but not without risk management, pres...
A world in which all projects succeed - but not without risk management, pres...A world in which all projects succeed - but not without risk management, pres...
A world in which all projects succeed - but not without risk management, pres...Association for Project Management
 
IIA Facilitated Risk Workshop
IIA Facilitated Risk Workshop IIA Facilitated Risk Workshop
IIA Facilitated Risk Workshop Ersoy AKSOY
 
Options based decisions processes
Options based decisions processesOptions based decisions processes
Options based decisions processesGlen Alleman
 
Risk analysis for project decision-making, presented by Keith Gray, 10th Oct ...
Risk analysis for project decision-making, presented by Keith Gray, 10th Oct ...Risk analysis for project decision-making, presented by Keith Gray, 10th Oct ...
Risk analysis for project decision-making, presented by Keith Gray, 10th Oct ...Association for Project Management
 
Notional cam interview questions (update)
Notional cam interview questions (update)Notional cam interview questions (update)
Notional cam interview questions (update)Glen Alleman
 
Social Enterprise Learning Toolkit (Risk Management Module)
Social Enterprise Learning Toolkit (Risk Management Module)Social Enterprise Learning Toolkit (Risk Management Module)
Social Enterprise Learning Toolkit (Risk Management Module)Enterprising Non-Profits
 
Project value risk management achieving the wow factor on your projects
Project value risk management achieving the wow factor on your projectsProject value risk management achieving the wow factor on your projects
Project value risk management achieving the wow factor on your projectsAllan Cytryn
 

Recommended

Wagster
WagsterWagster
WagsterNASAPMC
 
A world in which all projects succeed - but not without risk management, pres...
A world in which all projects succeed - but not without risk management, pres...A world in which all projects succeed - but not without risk management, pres...
A world in which all projects succeed - but not without risk management, pres...Association for Project Management
 
IIA Facilitated Risk Workshop
IIA Facilitated Risk Workshop IIA Facilitated Risk Workshop
IIA Facilitated Risk Workshop Ersoy AKSOY
 
Options based decisions processes
Options based decisions processesOptions based decisions processes
Options based decisions processesGlen Alleman
 
Risk analysis for project decision-making, presented by Keith Gray, 10th Oct ...
Risk analysis for project decision-making, presented by Keith Gray, 10th Oct ...Risk analysis for project decision-making, presented by Keith Gray, 10th Oct ...
Risk analysis for project decision-making, presented by Keith Gray, 10th Oct ...Association for Project Management
 
Notional cam interview questions (update)
Notional cam interview questions (update)Notional cam interview questions (update)
Notional cam interview questions (update)Glen Alleman
 
Social Enterprise Learning Toolkit (Risk Management Module)
Social Enterprise Learning Toolkit (Risk Management Module)Social Enterprise Learning Toolkit (Risk Management Module)
Social Enterprise Learning Toolkit (Risk Management Module)Enterprising Non-Profits
 
Project value risk management achieving the wow factor on your projects
Project value risk management achieving the wow factor on your projectsProject value risk management achieving the wow factor on your projects
Project value risk management achieving the wow factor on your projectsAllan Cytryn
 
The Art and Science Behind Successful Risk Workshops
The Art and Science Behind Successful Risk WorkshopsThe Art and Science Behind Successful Risk Workshops
The Art and Science Behind Successful Risk WorkshopsAcumen
 
Project mngmnt risks3.2
Project mngmnt risks3.2Project mngmnt risks3.2
Project mngmnt risks3.2Ananya Indrajith
 
Agile project management and normative
Agile project management and normativeAgile project management and normative
Agile project management and normativeGlen Alleman
 
Project Management - Introduction
Project Management - IntroductionProject Management - Introduction
Project Management - IntroductionSAINBAYAR Bayarsaikhan
 
Workshop project risk management (29 june 2012)
Workshop project risk management (29 june 2012)Workshop project risk management (29 june 2012)
Workshop project risk management (29 june 2012)bfriday
 
Canga.m.wood.j
Canga.m.wood.jCanga.m.wood.j
Canga.m.wood.jNASAPMC
 
Graham Winch
Graham WinchGraham Winch
Graham WinchSvenskt Projektforum
 
Bradshaw.myron
Bradshaw.myronBradshaw.myron
Bradshaw.myronNASAPMC
 
Exploration of risks and risk management in construction project delivery
Exploration of risks and risk management in construction project deliveryExploration of risks and risk management in construction project delivery
Exploration of risks and risk management in construction project deliveryMECandPMV
 
D team weekly powerpoint presentation spqm
D team weekly powerpoint presentation spqmD team weekly powerpoint presentation spqm
D team weekly powerpoint presentation spqmMiraj Mhaisuria
 
Risk Management Basics for Globalization Projects
Risk Management Basics for Globalization ProjectsRisk Management Basics for Globalization Projects
Risk Management Basics for Globalization Projectsvanessa_wilburn
 
Introduction to Business Continuity Management
Introduction to Business Continuity ManagementIntroduction to Business Continuity Management
Introduction to Business Continuity ManagementProf. David E. Alexander (UCL)
 
Software IT risk-management
Software IT risk-managementSoftware IT risk-management
Software IT risk-managementgufranresearcher
 
CAPM Muzette Charles Chapter11-13
CAPM Muzette Charles Chapter11-13CAPM Muzette Charles Chapter11-13
CAPM Muzette Charles Chapter11-13Muzette Charles, PMP
 
Project risk analysis
Project risk analysisProject risk analysis
Project risk analysisNur E Alam Siddike
 
Practical project risk assessment, presented by Simon White, 10th Oct 2016, A...
Practical project risk assessment, presented by Simon White, 10th Oct 2016, A...Practical project risk assessment, presented by Simon White, 10th Oct 2016, A...
Practical project risk assessment, presented by Simon White, 10th Oct 2016, A...Association for Project Management
 
Program Risk Management for Integrated Resorts
Program Risk Management for Integrated ResortsProgram Risk Management for Integrated Resorts
Program Risk Management for Integrated ResortsDr. Benjamin H. Mammina
 
IT Risk managment combined
IT Risk managment combinedIT Risk managment combined
IT Risk managment combinedGlen Alleman
 
Slide 3_Arpita
Slide 3_ArpitaSlide 3_Arpita
Slide 3_ArpitaArpita Ghosh
 
Risk
RiskRisk
Riskkieran122
 
Protecting Your Online Persona
Protecting Your Online PersonaProtecting Your Online Persona
Protecting Your Online PersonaJesse Laffen
 
Light it up
Light it upLight it up
Light it uppawel_divante
 

More Related Content

What's hot

The Art and Science Behind Successful Risk Workshops
The Art and Science Behind Successful Risk WorkshopsThe Art and Science Behind Successful Risk Workshops
The Art and Science Behind Successful Risk WorkshopsAcumen
 
Agile project management and normative
Agile project management and normativeAgile project management and normative
Agile project management and normativeGlen Alleman
 
Workshop project risk management (29 june 2012)
Workshop project risk management (29 june 2012)Workshop project risk management (29 june 2012)
Workshop project risk management (29 june 2012)bfriday
 
Canga.m.wood.j
Canga.m.wood.jCanga.m.wood.j
Canga.m.wood.jNASAPMC
 
Bradshaw.myron
Bradshaw.myronBradshaw.myron
Bradshaw.myronNASAPMC
 
Exploration of risks and risk management in construction project delivery
Exploration of risks and risk management in construction project deliveryExploration of risks and risk management in construction project delivery
Exploration of risks and risk management in construction project deliveryMECandPMV
 
D team weekly powerpoint presentation spqm
D team weekly powerpoint presentation spqmD team weekly powerpoint presentation spqm
D team weekly powerpoint presentation spqmMiraj Mhaisuria
 
Risk Management Basics for Globalization Projects
Risk Management Basics for Globalization ProjectsRisk Management Basics for Globalization Projects
Risk Management Basics for Globalization Projectsvanessa_wilburn
 
Software IT risk-management
Software IT risk-managementSoftware IT risk-management
Software IT risk-managementgufranresearcher
 
Practical project risk assessment, presented by Simon White, 10th Oct 2016, A...
Practical project risk assessment, presented by Simon White, 10th Oct 2016, A...Practical project risk assessment, presented by Simon White, 10th Oct 2016, A...
Practical project risk assessment, presented by Simon White, 10th Oct 2016, A...Association for Project Management
 
Program Risk Management for Integrated Resorts
Program Risk Management for Integrated ResortsProgram Risk Management for Integrated Resorts
Program Risk Management for Integrated ResortsDr. Benjamin H. Mammina
 
IT Risk managment combined
IT Risk managment combinedIT Risk managment combined
IT Risk managment combinedGlen Alleman
 

What's hot (20)

The Art and Science Behind Successful Risk Workshops
The Art and Science Behind Successful Risk WorkshopsThe Art and Science Behind Successful Risk Workshops
The Art and Science Behind Successful Risk Workshops
 
Project mngmnt risks3.2
Project mngmnt risks3.2Project mngmnt risks3.2
Project mngmnt risks3.2
 
Agile project management and normative
Agile project management and normativeAgile project management and normative
Agile project management and normative
 
Project Management - Introduction
Project Management - IntroductionProject Management - Introduction
Project Management - Introduction
 
Workshop project risk management (29 june 2012)
Workshop project risk management (29 june 2012)Workshop project risk management (29 june 2012)
Workshop project risk management (29 june 2012)
 
Canga.m.wood.j
Canga.m.wood.jCanga.m.wood.j
Canga.m.wood.j
 
Graham Winch
Graham WinchGraham Winch
Graham Winch
 
Bradshaw.myron
Bradshaw.myronBradshaw.myron
Bradshaw.myron
 
Exploration of risks and risk management in construction project delivery
Exploration of risks and risk management in construction project deliveryExploration of risks and risk management in construction project delivery
Exploration of risks and risk management in construction project delivery
 
D team weekly powerpoint presentation spqm
D team weekly powerpoint presentation spqmD team weekly powerpoint presentation spqm
D team weekly powerpoint presentation spqm
 
Risk Management Basics for Globalization Projects
Risk Management Basics for Globalization ProjectsRisk Management Basics for Globalization Projects
Risk Management Basics for Globalization Projects
 
Introduction to Business Continuity Management
Introduction to Business Continuity ManagementIntroduction to Business Continuity Management
Introduction to Business Continuity Management
 
Software IT risk-management
Software IT risk-managementSoftware IT risk-management
Software IT risk-management
 
CAPM Muzette Charles Chapter11-13
CAPM Muzette Charles Chapter11-13CAPM Muzette Charles Chapter11-13
CAPM Muzette Charles Chapter11-13
 
Project risk analysis
Project risk analysisProject risk analysis
Project risk analysis
 
Practical project risk assessment, presented by Simon White, 10th Oct 2016, A...
Practical project risk assessment, presented by Simon White, 10th Oct 2016, A...Practical project risk assessment, presented by Simon White, 10th Oct 2016, A...
Practical project risk assessment, presented by Simon White, 10th Oct 2016, A...
 
Program Risk Management for Integrated Resorts
Program Risk Management for Integrated ResortsProgram Risk Management for Integrated Resorts
Program Risk Management for Integrated Resorts
 
IT Risk managment combined
IT Risk managment combinedIT Risk managment combined
IT Risk managment combined
 
Slide 3_Arpita
Slide 3_ArpitaSlide 3_Arpita
Slide 3_Arpita
 
Risk
RiskRisk
Risk
 

Viewers also liked

Protecting Your Online Persona
Protecting Your Online PersonaProtecting Your Online Persona
Protecting Your Online PersonaJesse Laffen
 
Slingshot SEO Client presentation Dec 21 2011
Slingshot SEO Client presentation Dec 21 2011Slingshot SEO Client presentation Dec 21 2011
Slingshot SEO Client presentation Dec 21 2011Jesse Laffen
 
Mongodb in-anger-boston-rb-2011
Mongodb in-anger-boston-rb-2011Mongodb in-anger-boston-rb-2011
Mongodb in-anger-boston-rb-2011bostonrb
 
Copycopter Presentation by Joe Ferris at BostonRB
Copycopter Presentation by Joe Ferris at BostonRBCopycopter Presentation by Joe Ferris at BostonRB
Copycopter Presentation by Joe Ferris at BostonRBbostonrb
 
IT Club GTA - Working with IT Recruiters: Top Strategies in 2015
IT Club GTA - Working with IT Recruiters: Top Strategies in 2015IT Club GTA - Working with IT Recruiters: Top Strategies in 2015
IT Club GTA - Working with IT Recruiters: Top Strategies in 2015IT Club GTA
 
You're Doing It Wrong
You're Doing It WrongYou're Doing It Wrong
You're Doing It Wrongbostonrb
 
Leveraging LinkedIn For Your Small Business
Leveraging LinkedIn For Your Small BusinessLeveraging LinkedIn For Your Small Business
Leveraging LinkedIn For Your Small BusinessAstek Consulting
 
IT Club @ NCP - Sheldon D’Cunha - Technical Writing: A Growing Sector in IT
IT Club @ NCP - Sheldon D’Cunha - Technical Writing: A Growing Sector in ITIT Club @ NCP - Sheldon D’Cunha - Technical Writing: A Growing Sector in IT
IT Club @ NCP - Sheldon D’Cunha - Technical Writing: A Growing Sector in ITIT Club GTA
 
IT Club GTA - Project Management - Introduction
IT Club GTA - Project Management - IntroductionIT Club GTA - Project Management - Introduction
IT Club GTA - Project Management - IntroductionIT Club GTA
 
русь великая
русь великаярусь великая
русь великаяhoianseku
 
Proposal for a Tech Incubator in Peel Region
Proposal for a Tech Incubator in Peel RegionProposal for a Tech Incubator in Peel Region
Proposal for a Tech Incubator in Peel RegionIT Club GTA
 
Presentation 10-20
Presentation 10-20Presentation 10-20
Presentation 10-20Jesse Laffen
 
Karyotyping
KaryotypingKaryotyping
Karyotypingwildask
 
Marketing Monster Energy Drink Presentation
Marketing Monster Energy Drink PresentationMarketing Monster Energy Drink Presentation
Marketing Monster Energy Drink Presentationjderemo
 
IT Club @ NCP - Sumedh Nene - Linkedin: Smarter Ways to Your Next Job - March...
IT Club @ NCP - Sumedh Nene - Linkedin: Smarter Ways to Your Next Job - March...IT Club @ NCP - Sumedh Nene - Linkedin: Smarter Ways to Your Next Job - March...
IT Club @ NCP - Sumedh Nene - Linkedin: Smarter Ways to Your Next Job - March...IT Club GTA
 
Ad Campaign for Monster Energy Drink
Ad Campaign for Monster Energy DrinkAd Campaign for Monster Energy Drink
Ad Campaign for Monster Energy DrinkLucy Ye
 

Viewers also liked (20)

Protecting Your Online Persona
Protecting Your Online PersonaProtecting Your Online Persona
Protecting Your Online Persona
 
Light it up
Light it upLight it up
Light it up
 
Slingshot SEO Client presentation Dec 21 2011
Slingshot SEO Client presentation Dec 21 2011Slingshot SEO Client presentation Dec 21 2011
Slingshot SEO Client presentation Dec 21 2011
 
MacRuby
MacRubyMacRuby
MacRuby
 
Mongodb in-anger-boston-rb-2011
Mongodb in-anger-boston-rb-2011Mongodb in-anger-boston-rb-2011
Mongodb in-anger-boston-rb-2011
 
Copycopter Presentation by Joe Ferris at BostonRB
Copycopter Presentation by Joe Ferris at BostonRBCopycopter Presentation by Joe Ferris at BostonRB
Copycopter Presentation by Joe Ferris at BostonRB
 
IT Club GTA - Working with IT Recruiters: Top Strategies in 2015
IT Club GTA - Working with IT Recruiters: Top Strategies in 2015IT Club GTA - Working with IT Recruiters: Top Strategies in 2015
IT Club GTA - Working with IT Recruiters: Top Strategies in 2015
 
You're Doing It Wrong
You're Doing It WrongYou're Doing It Wrong
You're Doing It Wrong
 
Leveraging LinkedIn For Your Small Business
Leveraging LinkedIn For Your Small BusinessLeveraging LinkedIn For Your Small Business
Leveraging LinkedIn For Your Small Business
 
IT Club @ NCP - Sheldon D’Cunha - Technical Writing: A Growing Sector in IT
IT Club @ NCP - Sheldon D’Cunha - Technical Writing: A Growing Sector in ITIT Club @ NCP - Sheldon D’Cunha - Technical Writing: A Growing Sector in IT
IT Club @ NCP - Sheldon D’Cunha - Technical Writing: A Growing Sector in IT
 
IT Club GTA - Project Management - Introduction
IT Club GTA - Project Management - IntroductionIT Club GTA - Project Management - Introduction
IT Club GTA - Project Management - Introduction
 
русь великая
русь великаярусь великая
русь великая
 
Proposal for a Tech Incubator in Peel Region
Proposal for a Tech Incubator in Peel RegionProposal for a Tech Incubator in Peel Region
Proposal for a Tech Incubator in Peel Region
 
Presentation 10-20
Presentation 10-20Presentation 10-20
Presentation 10-20
 
Knowledge mgt
Knowledge mgtKnowledge mgt
Knowledge mgt
 
Karyotyping
KaryotypingKaryotyping
Karyotyping
 
AMP Energy Drink Media Plan
AMP Energy Drink Media PlanAMP Energy Drink Media Plan
AMP Energy Drink Media Plan
 
Marketing Monster Energy Drink Presentation
Marketing Monster Energy Drink PresentationMarketing Monster Energy Drink Presentation
Marketing Monster Energy Drink Presentation
 
IT Club @ NCP - Sumedh Nene - Linkedin: Smarter Ways to Your Next Job - March...
IT Club @ NCP - Sumedh Nene - Linkedin: Smarter Ways to Your Next Job - March...IT Club @ NCP - Sumedh Nene - Linkedin: Smarter Ways to Your Next Job - March...
IT Club @ NCP - Sumedh Nene - Linkedin: Smarter Ways to Your Next Job - March...
 
Ad Campaign for Monster Energy Drink
Ad Campaign for Monster Energy DrinkAd Campaign for Monster Energy Drink
Ad Campaign for Monster Energy Drink
 

Similar to It_Club_NCP_Risk_Management_26_03_2013

Where do risks (threats and opportunities) arise from?, presented by Lynn Sta...
Where do risks (threats and opportunities) arise from?, presented by Lynn Sta...Where do risks (threats and opportunities) arise from?, presented by Lynn Sta...
Where do risks (threats and opportunities) arise from?, presented by Lynn Sta...Association for Project Management
 
Project Risk Management
Project Risk ManagementProject Risk Management
Project Risk ManagementKaustubh Gupta
 
Risk management concepts and learning
Risk management concepts and learningRisk management concepts and learning
Risk management concepts and learningVanita Ahuja
 
Integration Of Prince2® And M O R® 1 John Fisher
Integration Of Prince2® And M O R® 1 John FisherIntegration Of Prince2® And M O R® 1 John Fisher
Integration Of Prince2® And M O R® 1 John FisherBPUG Congress
 
Mastering Information Technology Risk Management
Mastering Information Technology Risk ManagementMastering Information Technology Risk Management
Mastering Information Technology Risk ManagementGoutama Bachtiar
 
Software risk analysis and management
Software risk analysis and managementSoftware risk analysis and management
Software risk analysis and managementONE BCG
 
Software Engineering (Risk Management)
Software Engineering (Risk Management)Software Engineering (Risk Management)
Software Engineering (Risk Management)ShudipPal
 
Agile-Risk-Management in Project Management
Agile-Risk-Management in Project ManagementAgile-Risk-Management in Project Management
Agile-Risk-Management in Project ManagementNajmul Hussain
 
Unit 8-risk manaegement (1) -
Unit 8-risk manaegement (1) - Unit 8-risk manaegement (1) -
Unit 8-risk manaegement (1) - Shashi Kumar
 
Introduction to risk management
Introduction to risk managementIntroduction to risk management
Introduction to risk managements. Akhlaque
 
Microsoft InfoSec for cloud and mobile
Microsoft InfoSec for cloud and mobileMicrosoft InfoSec for cloud and mobile
Microsoft InfoSec for cloud and mobileVijayananda Mohire
 
Projectriskmanagement pmbok5
Projectriskmanagement pmbok5Projectriskmanagement pmbok5
Projectriskmanagement pmbok5Dhamo daran
 
Agile and the nature of decision making
Agile and the nature of decision makingAgile and the nature of decision making
Agile and the nature of decision makingDennis Stevens
 
Risk Management
Risk ManagementRisk Management
Risk ManagementSaqib Raza
 
PROJECT RISK MANAGEMENT
PROJECT RISK MANAGEMENTPROJECT RISK MANAGEMENT
PROJECT RISK MANAGEMENTNeenu Babu
 
Online PMP Training Material for PMP Exam - Risk Management Knowledge Area
Online PMP Training Material for PMP Exam - Risk Management Knowledge AreaOnline PMP Training Material for PMP Exam - Risk Management Knowledge Area
Online PMP Training Material for PMP Exam - Risk Management Knowledge AreaGlobalSkillup
 
Risk Management.ppt
Risk Management.pptRisk Management.ppt
Risk Management.pptAHMED Hegab
 

Similar to It_Club_NCP_Risk_Management_26_03_2013 (20)

Where do risks (threats and opportunities) arise from?, presented by Lynn Sta...
Where do risks (threats and opportunities) arise from?, presented by Lynn Sta...Where do risks (threats and opportunities) arise from?, presented by Lynn Sta...
Where do risks (threats and opportunities) arise from?, presented by Lynn Sta...
 
Project Risk management
Project Risk management Project Risk management
Project Risk management
 
Project Risk Management
Project Risk ManagementProject Risk Management
Project Risk Management
 
Risk management concepts and learning
Risk management concepts and learningRisk management concepts and learning
Risk management concepts and learning
 
Integration Of Prince2® And M O R® 1 John Fisher
Integration Of Prince2® And M O R® 1 John FisherIntegration Of Prince2® And M O R® 1 John Fisher
Integration Of Prince2® And M O R® 1 John Fisher
 
Mastering Information Technology Risk Management
Mastering Information Technology Risk ManagementMastering Information Technology Risk Management
Mastering Information Technology Risk Management
 
Software risk analysis and management
Software risk analysis and managementSoftware risk analysis and management
Software risk analysis and management
 
Software Engineering (Risk Management)
Software Engineering (Risk Management)Software Engineering (Risk Management)
Software Engineering (Risk Management)
 
Agile-Risk-Management in Project Management
Agile-Risk-Management in Project ManagementAgile-Risk-Management in Project Management
Agile-Risk-Management in Project Management
 
Unit 8-risk manaegement (1) -
Unit 8-risk manaegement (1) - Unit 8-risk manaegement (1) -
Unit 8-risk manaegement (1) -
 
16 Risk-final- V Imp.ppt
16 Risk-final- V Imp.ppt16 Risk-final- V Imp.ppt
16 Risk-final- V Imp.ppt
 
Introduction to risk management
Introduction to risk managementIntroduction to risk management
Introduction to risk management
 
Microsoft InfoSec for cloud and mobile
Microsoft InfoSec for cloud and mobileMicrosoft InfoSec for cloud and mobile
Microsoft InfoSec for cloud and mobile
 
Projectriskmanagement pmbok5
Projectriskmanagement pmbok5Projectriskmanagement pmbok5
Projectriskmanagement pmbok5
 
Agile and the nature of decision making
Agile and the nature of decision makingAgile and the nature of decision making
Agile and the nature of decision making
 
Risk Management
Risk ManagementRisk Management
Risk Management
 
PROJECT RISK MANAGEMENT
PROJECT RISK MANAGEMENTPROJECT RISK MANAGEMENT
PROJECT RISK MANAGEMENT
 
Online PMP Training Material for PMP Exam - Risk Management Knowledge Area
Online PMP Training Material for PMP Exam - Risk Management Knowledge AreaOnline PMP Training Material for PMP Exam - Risk Management Knowledge Area
Online PMP Training Material for PMP Exam - Risk Management Knowledge Area
 
Project risk analysis
Project risk analysisProject risk analysis
Project risk analysis
 
Risk Management.ppt
Risk Management.pptRisk Management.ppt
Risk Management.ppt
 

It_Club_NCP_Risk_Management_26_03_2013

  • 1.
  • 2. Introduction game • What is Risk and Risk Management? • Identifying risks • Categorize risks - Extreme, High, Medium and Low • Risk-based requirement writing • Risk-based testing • Defects / bugs / issues in IT projects • Software vs. Review defects • Impact of identifying and resolving review defects • Intro to Disaster Risk Management & Green Risk Management • Q&A Kompusys Consultants 2
  • 3. Introduction Game Let’s play a game by introducing ourselves • Name • Area of specialization Kompusys Consultants 3
  • 4. What is Risk? Risk: Is the probability that a particular threat will exploit a particular vulnerability of the system Damage (consequences / impact, loss) – Direct loss: financial, environmental, market, etc. – Technical: impact on other projects / products or services – Loss of (faith of) clients, damage to corporate identity, like hacking – Legal, loss of license, due to regulatory lapses – Technical: detection and repair time, e.g. underground – Probability of use – Lost morale Probability of failure – Depends on the knowledge of development project and product (just before testing) Kompusys Consultants 4
  • 5. Risk Management • Risk identification: Is the process of determining risks that could potentially prevent the project, enterprise, or investment from achieving its objectives. It includes documenting and communicating the concern to the stakeholders • Risk estimation: The likelihood of occurrence and consequences of each risk identified • Risk evaluation: Risks evaluated against its risk thresholds and placed in priority ordering - criteria determined by stakeholders. Contingency plans should be developed for all risks above their thresholds Kompusys Consultants 5
  • 6. Risk Management (contd..) • Risk treatment: Involves the selection, planning, monitoring, and controlling of actions to decrease risk exposure • Risk mitigation: The process of elimination or reduction of the severity, frequency or magnitude of exposure to risks or minimization of the impact of a threat • Risk management: It’s a continuous process for systematically addressing risk throughout the life-cycle of a project or service • Risk management plan: A plan that defines how the risk management activities are implemented and supported during a project. It is always PROACTIVE. Kompusys Consultants 6
  • 7. Risk Management (contd..) Managing risks is of no value without understanding what risks to take and why! Risks Threats Consequence Vulnerability Kompusys Consultants 7
  • 8. Identifying risks Catalysts to identify risk Types of IT risks • Strategic – long-term • Stakeholders – opportunities people on a project • Regulatory – Changes by local • Experience – lessons government learnt • Training – project / product • Location – country, • Operational – late shipment, industry incomplete project or obsolete process • Funding • Financial – not getting paid • Technology • Inherent – meetings, • Environment documentation, sign-off, etc. Kompusys Consultants 8
  • 9. Categorize risks - Extreme, High, Medium and Low Risk = Probability * Impact • Simply put: How LIKELY it is to happen and how BAD it would be if it ever happened • Without uncertainty or damage, there is no risk • Every individuals perspective of IMPACT is different The biggest single risk for any organization is the risk management doesn’t really work – leading to rising failed projects Kompusys Consultants 9
  • 10. Categorize risks – Risk matrix – Extreme, High, Medium and Low IMPACT ANALYSIS  Very high High Moderate Low Most likely EXTREME EXTREME HIGH HIGH Likely EXTREME HIGH HIGH MEDIUM Less likely HIGH HIGH MEDIUM LOW Least likely HIGH MEDIUM LOW LOW Unlikely MEDIUM LOW LOW LOW Probability means Likelihood Impact Analysis is Consequence Kompusys Consultants 10
  • 11. Traditional requirement Kompusys Consultants 11
  • 12. Risk-based requirement writing • Requirements should be • Encourages development malleable – flexible till teams to negotiate risk project / product end mitigation strategies with • Requirement changes, stakeholders which create significant risk • Helps to identify and • It allows business analysts resolve inconsistencies in to decide what requirement requirements additions are valid from a • Ensures consistency policy or development between the requirements, standpoint all policies, and the • Provides platform to system’s functionality negotiate with the • Stakeholder involvement is customer key to this Kompusys Consultants 12
  • 13. Risk-based requirement (contd..) • Offers developers and customers, the opportunity to compromise on four variables (cost, time, scope, quality) • Customers are allowed to choose the desired values for three of these four variables, and the developers determine the value of the last variable Examples • Customer might state that they want “a high quality release” on May 1 for $x, and the developers can tell them which of the customer-prioritized requirements might make it into that release • Customer might state that they want a “high quality release” with specified features for $y, and the developers will determine when they can deliver the release. Kompusys Consultants 13
  • 14. Risk-based testing (RBT) More testing will not result in stable deliveries • Traditional testing is finding the right bugs, whereas RBT involves deferring the right bugs, by employing right skills • Helps to find the right level of quality that can be delivered within a short schedule and limited skilled resources • Completely based on identifying business and technical requirements for an application • Demonstrated improvement in the project success factor • RBT allows QA teams to make informed decisions while setting a clear test exit criteria Kompusys Consultants 14
  • 15. Risk-based testing (RBT) More testing will not result in stable deliveries • Industry specific – Healthcare, Insurance, Financial, Construction, Mining, … • Test according to the risk matrix with a 3rd dimension – SCENARIO; customer-focused • Schedule test for all risk-based requirements • Test all EXTREME / CRITICAL and HIGH risk items • Validate risk matrix with known situations • Test all medium risks during slack time or between cycles • Document medium and low untested risks during lessons learnt (project closure) Kompusys Consultants 15
  • 16. RBT- Scenario Driver is driving a car • Loss of control – vehicle manufacturers • Meets with an accident – insurance • Either dies or is injured – health services Probability for losing control is greater than accident, which is greater than the impact Kompusys Consultants 16
  • 17. RBT – Project Scenario Project Manager is driving the project • Unclear scope – sponsor • Several defects – test team • Kill project or delay – stakeholders Reversing this Probability for successful project delivery is greater when defects are fixed, which is greater when the risks are addressed earlier Kompusys Consultants 17
  • 18. Defects / bugs / issues in IT projects • Defects are anomalies in the functionality • Incidence of risk occurrence – known defects • Considering the risk means considering the defects • The defects should be analyzed and classified • Action is REACTIVE • RBT focuses on detecting issues much earlier during planning Kompusys Consultants 18
  • 19. Risks and review defects found Kompusys Consultants 19
  • 20. Software vs review defects SOFTWARE DEFECTS REVIEW DEFECTS • Traditionally found bugs • Found while inspection or issues or review of documents • Identified only during • Identified throughout execution & monitoring the project lifecycle phase • Early detection starts • Logged and managed from planning stage between cycles • Classified by Severity • Categorized with • Linked with risk Severity & Priority • Proven to save • Rarely linked to risks substantial $s Kompusys Consultants 20
  • 21. Impact of identifying and resolving review defects Addresses risks and saves money Advantages • Universal across all industries • Risk based approach • Cost is quite low to fix any defects / bugs • Most defects lead to clarification and close • Resource training is uniform and the turnaround cycles are quite aggressive Kompusys Consultants 21
  • 22. Intro to Disaster Risk Management Involves 4Rs – Readiness, Response, Recovery & Reduction •Disaster risk reduction (DRR) is a systematic approach to identifying, assessing and reducing the risks of disaster •DRR if not acted upon quickly may turn out to be hazardous / critical •Helps build better infrastructure •DRR is an avoidance or delayed method Kompusys Consultants 22
  • 23. Intro to Green Risk Management Greening IT infrastructure  reducing the risks of failure  lowers maintenance costs •Green Risk Management is highly proactive •Returns on investment is sustainable •Better and faster infrastructure •Improved business results – Legacy IT migrations •Marketplace mandate – Current trends like Cloud computing •Environmental impacts are reduced Kompusys Consultants 23
  • 25. References • IEEE Standards • Project experience - • BS standards myself • EN standards • Several intl. papers • PMI • Online discussions • DRM articles / papers • Research results • Green & Sustainable • LinkedIn articles Project Management • Google images Kompusys Consultants 25
  • 26. Contact for future consultancy Narasimhan Bhagavan - CPRM, CIPM, MPM, MQM, CIA, CLA Principal Consultant Kompusys Consultants Phone: 647-248-1398 eMail: Bhagavan.Narasimhan@Gmail.Com LinkedIn: http://www.linkedin.com/in/bnweb Kompusys Consultants 26