Risk Management (RSKM) is a CMMI Maturity Level 3 Process Area. Risk Management deals with the identification of potential problems before they occur in projects and if they occur we have a mitigation plan ready to handle them.
Risk Management (RSKM) in the project starts with the project initiation and continues even after completing the project in the support phase.
Following are the activities performed for Risk Management as per CMMI in projects:
- Identify Risk Sources and Categories. First step is to identify different sources of risk and categorise them into meaningful categories. Some examples can be like Client related, Internal resource related, Tool related, Process related, Technology related etc.
- Define Risk Parameters. Next step is to define different risk parameters like severity, priority, threshold, impact, probability etc. that can be assigned to risks identified.
- Prepare a Risk Management Strategy. Now we have to prepare a risk handling strategy for risks management in the project. For example tools to be used for Risk management, categorization of risks, parameters that can be assigned to risks, risk mitigation techniques to be used, frequency of risk monitoring etc.
- Identify and log risks. Next step is to identify project specific risks as per the step 1 and log them into the Risk Log or the tool as selected in the Risk Management Strategy. While logging risks categorise them into categories and assign risks parameters.
- Develop Risk Mitigation Plans. Next step is to develop a risk mitigation plan in accordance with the risk management strategy. For example if a risk disrupts the project progress it can be mitigated by – resource re-compilation, emergency operating procedure preparation, alternate to over come risk etc.
- Implement Risk Mitigation Plans. Last step of a risk management process is to apply the Risks Mitigation Plan. For this risks are monitored periodically and risk mitigation plan is applied when it become unavoidable to avoid a risk.
Also remember a good organization has a collection of Risks that has occurred in past projects as a Central Risks Repository or as part of the SPDB (Software Process Database), so that staff may refer to it while doing project planning to identify risks that may occur in their projects.
Want experts for Risks Management in your organization
DQS India, has experienced and professional CMMI Appraisers and CMMI Consultants, who has worked with organization across the world for Risk Management. CMMI Consultants provide consulting services for Project Management activities including Risks Management. They can guide and train internal resources for Risk Management.
Contact DQS India
Rajendra Khare (MD)
DQS Certification India Private Limited