Project Management is all about managing risk
A project is a set of coordinated activities to deliver a unique product, service or result within finite time and cost constraints.
If a project could run itself without communication, coordination or collaboration, we wouldn’t need the discipline of Project Management. A simple one-off task which you’re doing for yourself doesn’t need Project Management, because there isn’t that much that can go wrong. But in projects, several things could go wrong, so everything we do in Project Management is in some way or the other about managing risk.
It stands to reason, then, that Project Risk Management is one of the 10 Knowledge Areas of the PMBOK® and an important theme in every other Project Management method or framework.
Project Risk Management includes recording risks in a Risk Register, and planning what to do about them.
We can’t manage risks if we don’t know about them, though. If people don’t report risk, we must spend time and resources investigating what’s happening and breathing down everyone’s neck. Inspections and inquisitions sometimes only reveal what is happening by the time that it’s too late. Managing risk is easier when everyone is committed to reporting risks.
The advantages of the Rule for Risk
The Rule for Risk™ is a tool for entrenching risk reporting within a team.
Entrenching risk reporting has advantages for everyone. When people report risks as they arise, a project manager can keep the Risk Register up to date and respond to risks in a timely manner. Planning becomes more accurate. People get briefed ahead of time rather than having things jumped on them at the last minute. Senior managers can take strategic decisions if they know what the problems are.
Entrenching a culture of risk reporting is a slow process, and it doesn’t happen overnight. It takes wisdom, respect and consistency.
When people who agreed to the Rule don’t follow it
Entrenching risk reporting starts with understanding the obstacles.
There are several reasons why people may not think of risks or of reporting them, and several more reasons why they many not want to. If we find that people aren’t reporting risk, we need to understand why. What prevented them from doing so? Didn’t they understand the importance? Didn’t they care? Were they scared? (And so on.) Once we know, we can start addressing those challenges.
Here are some questions we can ask to identify the obstacles:
- What prevents me from following the Rule for Risk with specific people, and in specific situations?
- What prevents other people from following the Rule for Risk with me? Do I think I know, or do I really know? Did I ask them?
- What is it about our collective organisational culture (the way we do things around here) that keeps us from following the Rule for Risk?
Answering these questions does not always immediately dissolve the problems, but it’s a point of departure.
Raising the issue
In the video below, we assume that the Rule for Risk is being implemented in a specific context (such as an organisation or a project team). We talk about how to raise the issue when it becomes clear that someone hasn’t been following the Rule for Risk.