All projects involve risk and risk involves both threat and opportunity. In today's world of project management, perhaps the single most important skill that a project manager can possess is risk management. Organizations that better understand the nature of the risks can manage them more effectively.
This book provides a framework for integrating risk management into the management of projects. It explains how to do this through the definition of generic risk management processes and shows how these processes can be mapped onto the stages of the project life cycle.
Another feature is the risk management processes provided can be used for either project or product management because of the fine granularity of the project life cycle used - instead of the typical 6-stage Requirements, Design, Build, Test, Implement and Operate stages the authors use an 8-stage project life cycle that begins with conception and includes post-planning allocation and post-delivery review milestones. Moreover, the typical risk management cycle of Identify, Analyze and Quantify, Prioritize and Manage is expanded into a much more detailed cycle that includes focusing, clarifying ownership issues, and scenario analysis. In particular, the scenario analysis sub process is an excellent approach and allows going well beyond the typical expected monetary value and probability & impact types of analyses.
The authors have set main emphasis on processes rather than analytical techniques. This book provides the reader with a fundamental understanding of project risk management processes but avoids being over prescriptive in the description of the execution of these processes. Instead, there is positive encouragement to use these generic processes as a starting point for elaboration and adaptation to suit the circumstances of a particular application, to innovate and experiment, to simplify and streamline the practical implementation of the generic processes to achieve cost-effective and efficient risk management.
The Authors have made good comparisons between their work and both PRAM and RAMP, as well as with the Project Management Institute's PMBOK 2000. They have developed and named the generic framework SHAMPU (Shape, Harness, and Manage Project Uncertainty) process and compare it with PRAM, RAMP, and PMBOK 2000.
The notion of risk efficiency is central to the theme. All risk management processes consume valuable resources and can themselves constitute a risk to the project that must be effectively managed. The level of investment in risk management within project must be challenged and justified on the level of expected benefit to the overall project.
The Authors document numerous examples drawn from real project experience to substantiate the benefits of a formal process-oriented approach. Ultimately, project risk management is about people making decisions to try to optimize the outcome, being proactive in evaluating risk and the possible responses, using this information to best effect, demonstrating the need for changes in project plans, taking the necessary action and monitoring the effects. Balancing risk and expectation is one of the most challenging aspects of project management. It can also be exciting and offer great satisfaction, provided the project manager is able to operate in a climate of understanding and openness about project risk. The cultural change required in organizations to achieve this can be difficult and lengthy, but there is no doubt that it will be easier to accomplish if risk management processes are better understood and integrated into the practice of project management.
The interesting part of the book is the large number of insights imparted through cases and real-life situations and these are thought provoking. This book is largely about how to achieve effective and efficient risk management in the context of a project. This book is an excellent literature on risk management and will be of interest to all involved in project management.