OpenUP/openup/guidances/guidelines/risk_management.xmi - epf/org.eclipse.epf.libraries - Git at Google

 <?xml version="1.0" encoding="UTF-8"?>
 <org.eclipse.epf.uma:ContentDescription xmi:version="2.0"
     xmlns:xmi="http://www.omg.org/XMI" xmlns:org.eclipse.epf.uma="http://www.eclipse.org/epf/uma/1.0.5/uma.ecore"
     xmlns:epf="http://www.eclipse.org/epf" epf:version="1.5.0" xmi:id="-HhGIkAPjHSIxnPzI3cyDnQ"
     name="new_concept,_VNxL4ACsEdu8m4dIntu6jA" guid="-HhGIkAPjHSIxnPzI3cyDnQ" changeDate="2007-06-25T11:39:22.190-0700"
     changeDescription="moved first paragraph with risk definition to Concept-risk; replaced quantify by qualify">
   <mainDescription>&lt;h3>&#xD;
     Introduction to Risk Management&#xD;
 &lt;/h3>&#xD;
 &lt;p>&#xD;
     Every project contains some measure of uncertainty. &lt;strong>Risk Management&lt;/strong>&amp;nbsp;deals with this uncertainty,&#xD;
     trying to understand its&amp;nbsp;potential influence on the project. The purpose of Risk Management is to increase the&#xD;
     probability and impact of positive events and decrease the probability and impact of events adverse to the project [&lt;a class=&quot;elementLinkWithUserText&quot; href=&quot;./../../../openup/guidances/supportingmaterials/references_6CCF393.html#PMI04&quot; guid=&quot;_9ToeIB83Edqsvps02rpOOg&quot;>PMI04&lt;/a>]. The project manager, team, and stakeholders should be involved in risk&#xD;
     management.&#xD;
 &lt;/p>&#xD;
 &lt;h3>&#xD;
     Identify Risks&#xD;
 &lt;/h3>&#xD;
 &lt;p>&#xD;
     Identify risks as soon as the project starts and document them in the &lt;a class=&quot;elementLink&quot; href=&quot;./../../../openup/workproducts/risk_list_C4B6F290.html&quot; guid=&quot;_Ckay8Cc_EduIsqH1Q6ZuqA&quot;>Risk List&lt;/a>.&amp;nbsp;Continue&#xD;
     identifying and managing risks throughout the project. A common mistake is to identify risks only at the beginning of&#xD;
     the project and then only track the status of these initial risks. The &lt;a class=&quot;elementLink&quot; href=&quot;./../../../openup/workproducts/risk_list_C4B6F290.html&quot; guid=&quot;_Ckay8Cc_EduIsqH1Q6ZuqA&quot;>Risk List&lt;/a>&amp;nbsp; should be&#xD;
     revisited weekly, or as a minimum when performing task &lt;a class=&quot;elementLink&quot; href=&quot;./../../../openup/tasks/plan_iteration_957C90DC.html&quot; guid=&quot;_0keUEMlgEdmt3adZL5Dmdw&quot;>Plan Iteration&lt;/a>, to add any&#xD;
     newly discovered risks.&#xD;
 &lt;/p>&#xD;
 &lt;h3>&#xD;
     Prioritize Risks&#xD;
 &lt;/h3>&#xD;
 &lt;p>&#xD;
     Prioritize risks for further analysis or action. A good approach for prioritizing risks is to have an attribute called&#xD;
     risk magnitude, a combination of the risk probability and the risk impact. Each iteration provides a chance&amp;nbsp;for&#xD;
     better understanding of stakeholder needs, the team capabilities, the technology at hand, and so on. Capture, qualify&#xD;
     and prioritize risks as they arise. High magnitude risks are&amp;nbsp;attacked first, thus&amp;nbsp;improving the chances of&#xD;
     project success and minimizing uncertainty. See &lt;a class=&quot;elementLinkWithType&quot; href=&quot;./../../../openup/guidances/templates/risk_list_33A6AE1E.html&quot; guid=&quot;_MIUO0C8FEduzydamRseoUw&quot;>Template: Risk List&lt;/a>&amp;nbsp;for more information.&#xD;
 &lt;/p>&#xD;
 &lt;h3>&#xD;
     Select Risk Response Strategies&#xD;
 &lt;/h3>&#xD;
 &lt;p>&#xD;
     You are trying to mitigate or tackle the high priority risks as early as possible in the project. In order to achieve&#xD;
     this you need to get a good grip on the risks the project is faced with, and have clear strategies on how to mitigate&#xD;
     or deal with them.&amp;nbsp; Once you have chosen a set of risks to focus on, develop options and determine actions to&#xD;
     enhance opportunities and reduce threats, selecting a strategy, as described in &lt;a class=&quot;elementLinkWithType&quot; href=&quot;./../../../openup/guidances/concepts/risk_AF5840DA.html&quot; guid=&quot;_0bsLgMlgEdmt3adZL5Dmdw&quot;>Concept: Risk&lt;/a>. Sometimes&#xD;
     strategies can be determined for each cause, rather than each risk, eliminating many risks at once.&#xD;
 &lt;/p>&#xD;
 &lt;h3>&#xD;
     Plan Risk Response&#xD;
 &lt;/h3>&#xD;
 &lt;p>&#xD;
     For each selected strategy, identify and assign tasks to apply the strategy to the given risk. Place those tasks on the&#xD;
     &lt;a class=&quot;elementLink&quot; href=&quot;./../../../openup/workproducts/work_items_list_39D03CC8.html&quot; guid=&quot;_rGNWsCbSEdqh1LYUOGRh2A&quot;>Work Items List&lt;/a>&amp;nbsp;so they can be assigned to iterations. Keep a&amp;nbsp;reference to&#xD;
     the risk for traceability. The effort must be appropriate to the magniture of the risk. Avoid spending more preventing&#xD;
     a threat than the impact from the risk if it occurs.&#xD;
 &lt;/p>&#xD;
 &lt;h3>&#xD;
     Monitor Risks&#xD;
 &lt;/h3>&#xD;
 &lt;p id=&quot;comment_text_4&quot;>&#xD;
     Follow up regularly on risk-mitigation/enhancing actions. Risk reviews should be held&amp;nbsp;when performing task &lt;a class=&quot;elementLink&quot; href=&quot;./../../../openup/tasks/assess_results_EC34D88D.html&quot; guid=&quot;_0l53cMlgEdmt3adZL5Dmdw&quot;>Assess Results&lt;/a>&amp;nbsp;to determine whether the information about project risks is up to date, and to assess whether any&#xD;
     changes are necessary. The team may decide to try another strategy if the chosen strategy does not reduce/increase the&#xD;
     magnitude of a risk.&#xD;
 &lt;/p></mainDescription>
 </org.eclipse.epf.uma:ContentDescription>
	<?xml version="1.0" encoding="UTF-8"?>
	<org.eclipse.epf.uma:ContentDescription xmi:version="2.0"
	xmlns:xmi="http://www.omg.org/XMI" xmlns:org.eclipse.epf.uma="http://www.eclipse.org/epf/uma/1.0.5/uma.ecore"
	xmlns:epf="http://www.eclipse.org/epf" epf:version="1.5.0" xmi:id="-HhGIkAPjHSIxnPzI3cyDnQ"
	name="new_concept,_VNxL4ACsEdu8m4dIntu6jA" guid="-HhGIkAPjHSIxnPzI3cyDnQ" changeDate="2007-06-25T11:39:22.190-0700"
	changeDescription="moved first paragraph with risk definition to Concept-risk; replaced quantify by qualify">
	<mainDescription><h3>
	Introduction to Risk Management
	</h3>
	<p>
	Every project contains some measure of uncertainty. <strong>Risk Management</strong>&nbsp;deals with this uncertainty,
	trying to understand its&nbsp;potential influence on the project. The purpose of Risk Management is to increase the
	probability and impact of positive events and decrease the probability and impact of events adverse to the project [<a class="elementLinkWithUserText" href="./../../../openup/guidances/supportingmaterials/references_6CCF393.html#PMI04" guid="_9ToeIB83Edqsvps02rpOOg">PMI04</a>]. The project manager, team, and stakeholders should be involved in risk
	management.
	</p>
	<h3>
	Identify Risks
	</h3>
	<p>
	Identify risks as soon as the project starts and document them in the <a class="elementLink" href="./../../../openup/workproducts/risk_list_C4B6F290.html" guid="_Ckay8Cc_EduIsqH1Q6ZuqA">Risk List</a>.&nbsp;Continue
	identifying and managing risks throughout the project. A common mistake is to identify risks only at the beginning of
	the project and then only track the status of these initial risks. The <a class="elementLink" href="./../../../openup/workproducts/risk_list_C4B6F290.html" guid="_Ckay8Cc_EduIsqH1Q6ZuqA">Risk List</a>&nbsp; should be
	revisited weekly, or as a minimum when performing task <a class="elementLink" href="./../../../openup/tasks/plan_iteration_957C90DC.html" guid="_0keUEMlgEdmt3adZL5Dmdw">Plan Iteration</a>, to add any
	newly discovered risks.
	</p>
	<h3>
	Prioritize Risks
	</h3>
	<p>
	Prioritize risks for further analysis or action. A good approach for prioritizing risks is to have an attribute called
	risk magnitude, a combination of the risk probability and the risk impact. Each iteration provides a chance&nbsp;for
	better understanding of stakeholder needs, the team capabilities, the technology at hand, and so on. Capture, qualify
	and prioritize risks as they arise. High magnitude risks are&nbsp;attacked first, thus&nbsp;improving the chances of
	project success and minimizing uncertainty. See <a class="elementLinkWithType" href="./../../../openup/guidances/templates/risk_list_33A6AE1E.html" guid="_MIUO0C8FEduzydamRseoUw">Template: Risk List</a>&nbsp;for more information.
	</p>
	<h3>
	Select Risk Response Strategies
	</h3>
	<p>
	You are trying to mitigate or tackle the high priority risks as early as possible in the project. In order to achieve
	this you need to get a good grip on the risks the project is faced with, and have clear strategies on how to mitigate
	or deal with them.&nbsp; Once you have chosen a set of risks to focus on, develop options and determine actions to
	enhance opportunities and reduce threats, selecting a strategy, as described in <a class="elementLinkWithType" href="./../../../openup/guidances/concepts/risk_AF5840DA.html" guid="_0bsLgMlgEdmt3adZL5Dmdw">Concept: Risk</a>. Sometimes
	strategies can be determined for each cause, rather than each risk, eliminating many risks at once.
	</p>
	<h3>
	Plan Risk Response
	</h3>
	<p>
	For each selected strategy, identify and assign tasks to apply the strategy to the given risk. Place those tasks on the
	<a class="elementLink" href="./../../../openup/workproducts/work_items_list_39D03CC8.html" guid="_rGNWsCbSEdqh1LYUOGRh2A">Work Items List</a>&nbsp;so they can be assigned to iterations. Keep a&nbsp;reference to
	the risk for traceability. The effort must be appropriate to the magniture of the risk. Avoid spending more preventing
	a threat than the impact from the risk if it occurs.
	</p>
	<h3>
	Monitor Risks
	</h3>
	<p id="comment_text_4">
	Follow up regularly on risk-mitigation/enhancing actions. Risk reviews should be held&nbsp;when performing task <a class="elementLink" href="./../../../openup/tasks/assess_results_EC34D88D.html" guid="_0l53cMlgEdmt3adZL5Dmdw">Assess Results</a>&nbsp;to determine whether the information about project risks is up to date, and to assess whether any
	changes are necessary. The team may decide to try another strategy if the chosen strategy does not reduce/increase the
	magnitude of a risk.
	</p></mainDescription>
	</org.eclipse.epf.uma:ContentDescription>