Risk Management (OBJ 5.2)

Risk Management

• Fundamental process involving identification, analysis, treatment, monitoring, and reporting of risks

Risk Management Lifecycle

• Risk Identification

  • Proactive process recognizing potential risks that can negatively impact an organization's ability to operate its objectives
  • Goal
    • Create a comprehensive list based on events hindering objectives

• Risk Analysis

  • Evaluate likelihood and potential impact
  • Qualitative or quantitative methods
  • Outcome
    • Prioritized list for guiding risk treatment

• Risk Treatment

  • Develop strategies
    • Avoidance
    • Reduction
    • Sharing
    • Acceptance
  • Strategy choice based on potential impact and risk tolerance
  • Goal
    • Reduce potential impact to an acceptable level

• Risk Monitoring

  • Ongoing process tracking identified risks, monitor residual risks, identify new risks, and review risk management effectiveness
    • Tracking
    • Monitoring
    • Identifying
    • Reviewing
  • Ensures dynamic responsiveness to organizational changes

• Risk Reporting

  • Communicate risk information and effectiveness of risk management to stakeholders
  • Various forms
    • Dashboards
    • Heat Maps
    • Detailed Reports
  • Crucial for accountability and informed decision-making

Risk Assessment Frequency

• Types
  • Ad-hoc
  • Recurring
  • One-time
  • Continuous
• Varies
  • Based on organization nature and types of risks involved

Risk Identification

• Process
  • Identify potential risks; perform business impact analysis.
• Concepts
  • Recovery Time Objective
  • Recovery Point Objective
  • Mean Time to Repair
  • Mean Time Before Failure

Qualitative Risk Analysis

• Assess and prioritize risks based on likelihood and impact
• Using descriptive or categorical scales.

Quantitative Risk Analysis

• Numerically estimate probability and potential impact on project objectives
• Uses numerical data and statistic techniques to calculates risk levels.

Risk Management Strategies

• Types
  • Risk Transfer
  • Risk Acceptance
  • Risk Avoidance
  • Risk Mitigation

Risk Monitoring and Reporting

• Crucial Steps
  • Continuous tracking and regular reporting
• Long-Term Impact
  • Significant for the effectiveness of the risk management process