There are lots of benefits of managing risk, many of which are discussed elsewhere on this site. But ‘risk management’ can be an abstract unless you work with your teams to implement the changes required to deliver on those benefits.
When you are setting up new risk management processes, it’s important to get the right people involved. Unless you have the buy in and support of a wide range of colleagues, you will find it difficult to manage risk professionally and effectively across your portfolio of projects.
These are the roles involved in implementing and supporting an enterprise approach to project risk management.
It shouldn’t be a surprise that the culture of risk management gets set by the people at the top of the organization. Your exec team should be bought into the idea of using best practice, tried-and-tested approaches to identifying, managing, tracking and controlling risk on all project activities.
There is very little to lose through this approach and an awful lot to gain: better insights, better management information, better clarity for budgeting and estimating and the very strong likelihood of better project results.
If your management team aren’t yet 100% supportive of setting up risk management, we can help convince them!
Project/Program/Portfolio Management Office
Whatever you call your PMO, it is crucial in implementing robust and sustainable risk management practices. There isn’t any point spending time reviewing and choosing systems that work for your business only to find that in six months the PMO is doing something else. As the PMO is the hub of project activity, the team there need to be supportive of the idea and have the skills to follow through and support others using the methods and tools.
The whole organization should be aligned to the risk management approaches you implement and on a day-to-day basis, this starts with the PMO.
Project and Program Managers
The project and program managers in your organization are the ones responsible for following the risk management processes, once they are in place, and doing the work to ensure that project risk is managed and escalated appropriately. They will live and breathe the process, using it on their projects every day.
You may choose to involve them in how the risk management processes are set up and implemented in your business. As they will be the ones using the tools and techniques most often, they will have useful feedback on what fits best with the other project management processes they use and how they work. This will enable your implementation team to tailor your approach so that it is truly ‘right-sized’ for your business. Too much bureaucracy, or not enough control, will see your risk management efforts falter as they won’t naturally fit into your organizational culture or approach to doing work.
Your project teams are likely to be made up of lots of diverse individuals who either work full-time or part-time on project work. They won’t have much, if any, influence over the way the risk management process works but they should be aware of what it is and able to use it in an efficient manner.
That’s because everyone should be able to raise risks when they spot them, and they may also be delegate actions or ownership of risks by their project manager. If this group is not on side with what you are trying to achieve then you will struggle to see any traction at a grassroots level.
Your supplier population is likely to be very welcoming of your focus on risk management, because anything that makes it more likely that your teams will hit deadlines, be aware of and responsive to potential issues and deliver their tasks will make your suppliers’ lives easier.
They are also likely to have their own approaches to managing risks, and you can work with them to ensure your approach dovetails and feeds into what they need to manage risk on their side. For example, if a project team identifies a risk, and the analysis shows this could have an implication for a supplier, it’s important to have the channels and relationships in place to pass this information on. Then you can work together to address it as one cohesive team.
If your project environment involves customers, be they internal or external, it’s worth making sure that they are aware of your risk management activities and methodology. Anyone should be able to raise a risk to the project team, or higher if they feel it immediately needs escalation. Everyone on the team should know what to do when a customer or client points out that there could be a problem with something.
Customers are your “eyes on the ground” and they can often pick up on possible issues before anyone else has thought about them. Don’t ignore what they try to tell you and make it as easy for them as possible to interact with the project team about risks!
These are the main groups to consider when implementing a risk management approach in your organization, but every business is different. There may well be other stakeholder groups who would definitely need to be involved or consulted. The best approach is one that works for you and at Ten Six Consulting we can help you design and tailor a way of managing risk that fits seamlessly into your existing business processes. Get in touch to find out how we can support you deliver projects better.