|
Page 2 of 8
"Risk Management:
A practical toolkit for identifying, analysing and
coping with Project Risk"
Principle 1. Quantify requirements
All critical quality and resource
requirements must be identified and quantified numerically.
Risk is negative deviation from requirements. So, if we are
going to understand risk, we must have some way of specifying exactly what
we want. If we use vague ways like “State of the Art, World Class,
Competitor-Beating Levels of Quality”, we cannot understand and assess risk.
Planguage helps because it demands numerically quantified requirements.
Using Planguage, we must go through the following steps:
-
Identify all critical quality and resource attributes of the system. In
practice, this could be ten or more critical qualities (e.g. availability)
and, five or more critical resources (e.g. operational costs).
-
Define exactly how to understand
variation in each attribute by specifying a scale of measure, e.g. ‘Scale:
Probability of being fully operational during the office day’ and ‘Scale:
Total of all monetary operational expenses including long term
decommissioning costs’
-
For
each attribute, define one or more critical points on the defined scale of
measure which are needed for the system to function properly and
profitably.
There are two important categories: ‘Must’ and ‘Plan’. A ‘Must’ level
defines the system survival level. A ‘Plan’ level defines the planned
point for success. For risk management, ‘Must’ is the first level and
‘Plan’ is the second level for risk determination. A value for any
attribute less than its required Must level means total system failure.
Only when all Plan levels for all the attributes have been met can a
system be declared a success.
-
For all the Must and Plan levels, define
additional qualifying information. We call this using ‘qualifiers’. You
are basically defining time, place and event, i.e. when it is critical for
you to achieve a certain level of an attribute, where it is critical and
under what conditions. For example...
|
| Plan
[1999,Europe,IF European Monetary Union implemented anywhere] 99.98% |
|
We can even give direct expression to the amount of risk we are prepared to
take by a statement such as: |
| Must
[2001, UK, IF Euro is used in Norway & UK] 60% ±20% |
|
|
In other words the range of results 40% to 80% is an acceptable upper and
lower limit, but below 40% is unacceptable.
Here is a more complete
example: |
|
Usability:
Scale: Mean
time to learn [defined tasks] to minimum proficiency.
Must [Release
2.0, English Version, Task: Modifying Files] 10 minutes.
Plan [Release
2.0, English Version, Task: Modifying Files] 7 minutes.
Plan [Release
3.0, English Version, Task: Modifying Files] 5 minutes.
Plan [Release
3.0, French & Dutch Versions, Task: Finding a File by Content] 5
minutes. |
|
In the example, the most critical (failure of system) risk is the Must
level. The other statements are only of secondary risk; they indicate the
levels required to declare success.
It should be obvious
that the degree of risk can be expressed in terms of the deviation from the
target levels. For example... |
| Method
A can sometimes result in a learning time of 10 minutes, while method B
can never result in a learning time exceeding 4 minutes.
|
|
This means that for the specified requirements, method A poses a real risk,
but method B does not.
A
template specification of risk levels
In
addition to the basic statements described above, it should be noted that
there are a wide variety of ways within Planguage to indicate that the
information contains some element of risk. Here are some examples:
|
| Plan
60-80 Specification of a range
Plan 60±30
Specification of an upper and lower limit
Plan 60
à
90
Plan 60? Expressing
that the value is in doubt
Plan 60?? Expressing
that the value is in serious doubt
Plan 60
ß
A wild guess Using the source of the information to show the doubt
Plan 60
ß
A.N. Other Depends on A.N. Other’s credibility in setting this value
Plan <60> Fuzzy brackets indicate data needing improvement
|
|
|
All of the above signals can be used to warn of potential risk. Of course,
the culture must encourage such specification rather than intimidate people
from using it.
more... |
© Tom@Gilb.com
2005 |
|
|
|
Back to:
Projects Implementation
Back (previous): Page 1 of 8 Next:
Page 3 of 8 |
|
|
|
