Risk Management Plan


a potential event or situation that posses a danger to the project
the consequence of the actual occurrence of a threaten event

Risk Assessment Table

Threat Harm Symptom Monitoring
Team Related - Communication
not communicating with supervisor   conflicting stories

hesitation or evasion when answering questions

misleading communication  
not communicating bad news delays fixing problem a surprise problem enforce habit of communication
inadequate internal communication      
inadequate coordination between subtasks pieces won't fit together during integration    
self deception things get off-track    
Team Related - Task & Schedule
missing milestone deadline     internal deadlines

"let's see it now"

overconfidence, complacency     be careful with praise; increase level of expectation "you did a good job, but the next step is harder"

Threat Harm Symptom Monitoring
Team Related - Individual
team member drops course short a person    
loss of critical knowledge   understudy
loss of critical role  
Individual Related


loss of quality missing meetings
not answering email
missing dealines
"light at the end of the tunnel"

lack of continuity of effort
  (personal factors)
  1) discover cause
2) if legitimate & unavoidable, plan around
3) if not legitimate, immediately inform instructors
lack of effort     increasing levels of pressure:
  reality contradicts statements  
team member never speaks up

language difficulties

lose face ? ? ?      
Team Related - Aftershocks
new team member
(Brooks' law)
time spent bringing new member "up to speed"    

Threat Harm Symptom Monitoring
Client Related
contact person reassigned or leaves     make certain other client staff know of project
purchases product, leaves town, etc.     drop project or continue as "exercise"
scope creep
requirements creep
  on-the-fly respecification and redesign just say "no" - client signs off on RS which includes limits, so change is new request. Make use of management support.

anticipate; design-in flexibility

indentify likely creep, do last

client misunderstands process      
client misunderstands big-picture     enterprise modeling
client misunderstands RS     clear writing
careful document organization

Threat Harm Symptom Monitoring
Tool Related
wrong tool      
inadequate tool      
lack of understanding of tool inadequate design   prototype using tool - entire team must participate
Process Related
team doesn't back up work files lost    
inadequate CCCM      
Deliverable Related
muddy thinking implementation difficulties
incorrect functionality
vague or inconsistent documentation  
premature design decisions
  • structures wrong size
  • implementations inflexible
  • components inconsistent
  • generalized/ parameterized implementations
  • more thorough design
security issues     security focus from RS on

plan/staff to handle

avoid "leaky" tools (MS?)

Last modified: Wed Sep 19 13:41:51 EDT 2007