It is possible to meaningfully manage risks in IT project management. However for one to successfully mange risks, it is important to adequately define what can be termed as a risk since overlooking of one risk may lead to a failure. In IT project management, it is important that we manage risks since in most cases, risks cannot be totally avoided that is why management is important to reduce them. A risk can be defined as the possibility of meeting danger or getting harm (Yusuff, 2006). A risk can also be defined as an unforeseen or unexpected event or happening which can have a negative impact on the project (SmartWorks, 2008). Risks are the highest uncertainties which a project can suffer from. Successful risk management can be achieved through correct and adequate assessment and then coming up with the right strategy to manage them.
Different organizations carrying out IT project management can define risks differently. Therefore, it is important for each organization to correctly identify the potential risks and define them adequately to avoid accidental overlook of some risks. The first step in risk management is risk anticipation and identification (SmartWorks, 2008). In risk identification, one is able to pinpoint the potential risks which may have impact on the project at any stage of the project cycle (Yusuff, 2006). Risk identification cannot be done one but it should be done continuously and at regular intervals through out the project life cycle. When doing risk identification, it is crucial that one looks at both internal and external factors affecting the project since risks can arise from any of the two factors. In many cases, internal factors can be adequately managed by those dealing with the project. Internal factors may include; delegation of work, freezing of vacation leaves, budget allocation, and attrition (Yusuff, 2006). However, external factors cannot be adequately managed by those undertaking the project. They are far beyond the control of the project personnel and include; economic fluctuations like inflation, government policies, and natural disasters like earthquakes among others (Yusuff, 2006).
Risk identification should be done step by step for accuracy purposes. In the process of project identification, the project manager associates the risks with a specific parameter of the project and identifies the impact of that particular risk to the particular project parameter (SmartWorks, 2008). Risk assessment is also crucial in risk identification since it helps in pinpointing the potential risks to the project (Yusuff, 2006). Experience has been found to work effectively in risk identification. The project manager can look for information from similar IT project management in order to identify risks associated with that kind of a project (SmartWorks, 2008). Project managers are responsible for every aspect of project management and therefore, they are responsible for defining the risks. In addition to the project managers, there is usually a team of risk management experts which has the required knowledge, practice and experience to successfully and accurately define project risks. Therefore, project managers and risk management experts are responsible for defining risks.
There are various considerations looked at in allocating costs and benefits of risks across individuals and organizations within the organization. Benefit and cost allocation is done based on prioritization. Prioritization is done based on the likelihood of the risk to occur and the amount and intensity of damage the risk is likely to cause when it occurs. Benefits and cost allocation is also based on how prone the project area is to a particular risk. For instance, the areas where earthquakes are frequent, the management of earthquakes is likely to receive a high benefit and cost (SmartWorks, 2008). To meaningfully manage risks in IT project management, it is crucial to be realistic and allocate costs and benefits depending on the likelihood, frequency and the damage which can be cause by the risk. It is a waste to allocate a lot of money to a risk whose probability of occurring is very low. In addition, there are some risks which cause a lot of damage once they occur, than others. That is why it is important to allocate risks which come with a lot of damage a high cost and benefit.
Particular risks can be associated with particular projects rather than associating general risks with overall climate with the company. This is due to the fact that in a company there are different projects of which each comes with its own different risks (Kwon, 2003). Mostly risks are associated with specific projects. For instance, one cannot talk of a risk of being buried in the tunnels and yet they are being involved in an IT project which does not involve digging of tunnels. Risks which may be associated directly with technology involve issues like new invention of technology which renders that particular IT project outdated (SmartWorks, 2008). This is a risk which cannot be associated with any other IT unrelated project in the company. For this reason, we can conclude that, in risk management, it is not advisable to make general assumption based on the company environment but define risks based on specific projects. This is the only way one can IT project management can succeed in risk management.
To avoid any negative consequences, it is advisable that risks are identified accurately and adequately. This is based on the fact that if risks are identified wrongly or are overlooked, they result to huge losses. In other words, the negative consequences which can result from identifying risks may be due to overlooking of some risks during identification (Yusuff, 2006). Risk identification can also lead to delays because once a risk is identified, an intervention must be implemented which may create some delays. Risk identification is a very crucial aspect in IT project management and if done adequately and correctly, it brings a lot of benefits to the organization.
Management of risks in IT project management can sometimes be very emotional especially when one figures out the damage which is likely to occur in case the risk strikes. It is possible to consider potential risks to an IT project management unemotionally. This can be achieved through acceptance that though risks cannot be avoided, they can be minimized to some acceptable levels. Since risks cannot be avoided, this is the first step which to reduce any worry (Kwon, 2003). To consider risks unemotionally, it also crucial to set aside money when doing budget for the project which will be used for the entire IT project management. Also project managers should set aside time for fixing any identified risk. Project managers should also not be terrified about any risk or assume that due to the risks, they may look incompetent because they cannot handle the risks (Yusuff, 2006). The project management team should know that, they may not be qualified in managing all the risks and therefore should seek help from experts. They should be ready to fix the risk no matter what and this is the only way in which they can succeed.
A lot can be learned from this case of IT project management. Risks can be meaningfully managed in IT project management through proper planning, risk assessment, identification and management. Since risks are unavoidable and sometimes occur without knowing, it is important to do a risk assessment to identify all potential risks and fix them before they occur. In budgeting, risk management cost should be included. Accurate and adequate risk identification is very crucial and it should be done at all stages of the project life cycle. It should be continuous and at regular intervals since it can occur at any time (Yusuff, 2006). Risks are specific to particular projects hence generalization depending on the company environment should be avoided. Care should be taken to avoid accidental overlook of some risks.
Kwon, R. (2003). How Do You Know Your Project Will Work? A Quick-And-Dirty Way To Assess How Risky Your Project Really Is. Retrieved June 6, 2011 from http://www.baselinemag.com/article2/0,1540,1111289,00.asp]
SmartWorks. (2008). Managing Risks in your project – A practitioner’s approach. Retrieved June 6, 2011, from http://www.smartworks.us/htm/managerisks.htm
Yusuff M.N. (2006). Contemporary Approaches to Project Risk Management: Assessment & Recommendations. Retrieved June 6, 2011 from http://hosteddocs.ittoolbox.com/my5.17.06.pdf