Project Practitioners > Told Ya So (Risk Management, Part 4)

Told Ya So (Risk Management, Part 4)

By Sinikka Waugh

Over the past few months, I’ve spent more than a few words on what I believe are the three components of effective risk management.  The first is to ensure that the risks are identified; the second is to prioritize and plan responses to the risks; and the third is to monitor the risks throughout the project lifecycle.  Let's talk more about the third component, monitoring and adjusting our approaches to risks throughout the project. 

In general practice, we should spend more time on the third than on the first two.  Too often, however, we get past the planning stage of whatever effort we’re working on, and then stop talking about the risks altogether.  What a shame!  You see, rarely in our lives do we have the chance to say “Told ya so” in a constructive manner.  Effective risk management is one of those rare opportunities, and I’m a big fan of taking advantage of it.  Rather than try to explain, I'll just illustrate with a couple of realistic examples...Hopefully you'll find something you can relate to, and will find a constructive way to say "told ya so" in the near future!

Situation 1:  In a consolidation of customers to a single service model:  Customer Group A is used to more hand-holding than Customer Group B, and the new service model more closely resembles what Customer Group B is used to.

RiskIf Customer Group A does not understand or appreciate the value of the new service model and does not feel that their needs are being met, then adoption rates will be low and the anticipated benefits will not be realized.

Ongoing Risk Management: 

  1. Assemble a focus group from Customer Groups A and B to get their input about what they value most in their service model.

  2. Identify areas of similarity within the values of Group A and Group B, and review/update the risk’s probability and impact (and therefore priority).

  3. Initiate change management activities to influence Customer Group A.

  4. Monitor the relative success of change management activities with Customer Group A, and review/update the risk’s probability and impact (and therefore priority).

  5. Discuss anticipated adoption rates and identify how they will impact the anticipated benefits of the end solution.

  6. Communicate adjusted benefits to sponsors and other key stakeholders.  Review/update the risk’s probability and impact (and therefore priority).

  7. After the new service model is implemented, observe the lower adoption rates by Customer Group A, but take comfort in the fact that expectations around benefits have been adjusted as well. (told ya so)


Situation 2:   In a data migration effort:  A large volume of data is being migrated to a new platform, which will allow for new data mining and targeted analytics.

Risk:  If the source data is not complete and accurate, then the data in the new system will be incomplete, and the data mining or targeted analytics may produce inaccurate results.

Ongoing Risk Management:

  1. Make a plan to identify current gaps or errors in the data early on in the project.

  2. As gaps are identified, quantify the work effort to correct them, and prioritize the corrections. Review/Update the risk’s probability and impact (and therefore priority).

  3. Begin correcting the high priority items as soon as possible.

  4. Monitor the data cleanup efforts, and adjust priorities and remaining hours appropriately.  Review/Update the risk’s probability and impact (and therefore priority).

  5. If, at the point of conversion, not all data clean-up is complete (so the new system will also be incomplete) point out that the critical components have been cleaned-up, and that the remaining items are not important to go-live. (told ya so)

  6. Once the data is clean or clean enough, close the risk


Situation 3:  In a new build:  The Architecture Review Board (ARB), which meets monthly, will review the architectural design of the solution at the end of month 3. 

Risk:  If the ARB does not approve the design of the new solution, then we will have to redo the design to meet their requirements, go back to the ARB for review again, and the project will be delayed by at least one month. 

Ongoing Risk Management: 

  1. Engage representatives from the ARB in the design from the beginning to ensure ARB standards are being met to the greatest extent possible.

  2. Identify any areas where the design may not correspond with ARB standards.  Compare those items with the functional priorities for the project.  Review/Update the risk’s probability and impact (and therefore priority).

  3. Consult with other project teams who’ve done something similar, and get their input/advice/lessons learned.

  4. Submit early design ideas to the ARB if they are not directly addressed by ARB standards.

  5. Identify work that is independent of the architectural design that can begin prior to the ARB approval.

  6. Determine impacts to the rest of the project schedule if ARB approval is delayed by one month, and define a contingency plan.  Review/Update the risk’s probability and impact (and therefore priority).

  7. If the ARB does not approve within the original time line, implement the contingency plan.  (told ya so)

  8. Once the ARB has approved, close the risk.


Situation 4: In a vendor implementation:  The vendor is new, unknown, and does not appear to be following the same process or methodology as the core project team. 

Risk:  If the vendor does not deliver within the expected time lines, then the “go-live” date is at risk.

Ongoing Risk Management:

  1. Include process or methodology language and expectations into contractual discussions with the vendor.

  2. Seek to understand the vendor’s process maturity.  Once that has been understood, review/update the risk’s probability and impact (and therefore priority).

  3. Define time lines and milestones collaboratively with the vendor to ensure they are realistic, attainable, and committed to.  Review/update the risk’s probability and impact (and therefore priority).

  4. Establish interim go/no-go decision points in advance of the “go-live” date.  Ensure that clear acceptance criteria with consequences and contingencies are defined and agreed to by key stakeholders including the vendor.  Review/Update the risk’s probability and impact (and therefore priority).

  5. When the first milestone is missed, implement the contingency plan that has been defined. (told ya so)

Read more from Sinikka's 4-part series:
Part 1: Crystal Ball, Anyone?
Part 2: What Could Possibly Go Wrong?
Part 3: The Project Manager and the Glass
Part 4: Told Ya So

Related Links
Figure out how much your risks could actually cost you by calculating their expected monetary value. Monitor and manage risks with a detailed risk management plan and process. Use a Risk Strategy Selection Matrix to find ways to mitigate two (or more) risks at once.

Not all comments are posted. Posted comments are subject to editing for clarity and length.

The comments to this entry are closed.

©Copyright 2000-2017 Emprend, Inc. All Rights Reserved.
About us   Site Map   View current sponsorship opportunities (PDF)
Contact us for more information or e-mail
Terms of Service and Privacy Policy

Stay Connected
Get our latest content delivered to your inbox, every other week. New case studies, articles, templates, online courses, and more. Check out our Newsletter Archive for past issues. Sign Up Now

Follow Us!
Linked In Facebook Twitter RSS Feeds

Got a Question?
Drop us an email or call us toll free:
7am-5pm Pacific
Monday - Friday
We'd love to talk to you.

Learn more about ProjectConnections and who writes our content. Want to learn more? Compare our membership levels.