College Papers

This Project Risk Identification All projects have some

This risk management plan
is oriented around the DOD’s drive to progress from BBP 2.0 to BBP 3.0, both of
which are programs that focus on heightening acquisition professionals’
critical thinking capabilities and their ability to make sound decisions as
they contend with the intricate, myriad circumstances that consistently exist
in defense acquisition (U.S. Department of Defense, n.d.). In BBP 2.0, the DOD
stressed professionalism and allocated improved programs to aid the
decision-making processes of acquisition professionals. The DOD implements
these acquisition program adjustments primarily based on internal and external
feedback and experience from industry and governmental entities. With BBP 3.0,
the DOD resumes it efforts for continuous improvement in defense acquisition
with an innovative emphasis on the technologies and processes that promote
modernization and encourage technical superiority with the overarching aim of
ensuring that the United States’ military is equipped with the foremost
capabilities to confront impending national security demands. In all, this risk
management project will analyze the risks that correlate to this initiative and
the means in which the negative risks can be diminished or eliminated and the
positive risks, or opportunities, can be enabled so as to facilitate a higher
level of success.

Project Risk

All projects have some
forms of risks, and identifying those risks is a critical part of the risk
management process and the overall effectiveness of the project. The goal of
project risk identification orientate around the early and continuous
recognition of conditions or events that, if realized, will either have a
positive or negative affect on the project’s capacity to accomplish capability
or performance outcome objectives (Rawi, 2014). These project risks may
originate from within the project or from external sources. Efficient project
risk identification calls for the use of information gathering methods, which
can include brainstorming, strengths, weaknesses, opportunities, and threats
(SWOT) analysis, interviewing, and diagramming, among others. Once pertinent
risks are recognized, a qualitative and quantitative analysis can be performed
to decipher which risks are of importance and require broader resources to
properly address.

Risk Category Ranking

principle aims of risk management involve avoiding unfavorable risks which
could hinder desired project outcomes, as well as exploiting favorable risks that
could facilitate the project objectives. This entails a comprehensive breakdown
of all identified risks. Categorizing project risks involves the specific
grouping of identified risks under a collective area. This is important because
it affords a systematic and structured method in which to study perceived risks
and, subsequently, can help to streamline mitigation techniques. The top level
risks related to this project includes technical risks, programmatic risks, and
business risks. The technical risks entail the risks associated with the
program requirements, engineering, technology, manufacturing, integration,
testing, quality, logistics, and training. The programmatic risks encompass the
risks that correlate to program estimating, planning, and execution,
communications, and contract structure. The business risks consist of legal
compliance, financial, and operational risks.

Risk Identifiers

inferred previously, identifying project risks is the process of defining which
risks might impact a project and documenting the features of those risks for impending
risk response planning (Project Management Institute, 2009). The identification
of project risks is an integrative system that should incorporate the entire
project team and appropriate project stakeholders in order to familiarize them
with the different types of risks the project will likely encounter and to
develop and sustain a sense of ownership among the group for the risks and for
the associated response actions incorporated to address those risks. Project
risk identification should include an evaluation of both internal and external
factors, such as organizational culture, environmental implications, and the
project management plan, including the project scope, quality, cost, schedule,
and etc. (Associative Learning, n.d.). Project constituents should also pay
close attention to the project deliverables, constraints, assumptions, resource
plan, cost/effort estimates, work breakdown structure, and other central
aspects of the project. Due to the large scale implications of this project,
the various team members and stakeholders involved in identifying the
individual risks associated with this project are broken-down departmentally.
The offices that will participate in project risk identification are the Office
of the Under Secretary of Defense Acquisition, Technology and Logistics
(USD-AT&L), the Office of the Deputy Assistant Secretary of Defense for Systems
Engineering (DASD-SE), the Component Acquisition Executives (CAEs), the Program
Executive Officers (PEOs), and the Defense Acquisition University (DAU). Each
given department will examine appropriate case studies, review current risk
management curricula and recommend updates, pilot technical risk peer reviews,
and provide independent feedback prior to the establishment of major milestones
or decision points.

Risks Monitoring & Control Plan

Project risk monitoring
and control are the processes involved in the tracking of identified risks,
examining residual risks, identifying new risks, facilitating the enactment of
risk responses, and analyzing the effectiveness of those responses in
diminishing project risk (Associative Learning, n.d.). Project risk monitoring
and control practices also consist of updating organizational process assets
and recording the risk parameters that correlate to the implementation of
project contingency plans. Effectual project risk monitoring and control is a
continuous process that transpires throughout the course of the project. As a
project ensues, the risks that surround the project have the capacity to occur
as predicted, alter to some degree, foster new types of risks, or dematerialize
completely, and a project’s risk monitoring and control plan is supposed to
evaluate the progression of project risks so that appropriate mitigation
measures can be executed to ensure the project stays on course and effectively
meets its desired aim. In addition, if properly constructed, risk monitoring
and control processes can equip decision-makers with the information needed to
make informed, resolute decisions in advance of the risks actually having a
negative impact on the project. Communication to all project members and
stakeholders is an obligatory aspect of project monitoring and control because
it enables the periodic assessment of the acceptability of project risk levels
and the overall success of the project risk management plan. 

Adequate project risk
monitoring and control is comprised of process inputs, tools and techniques,
and process outputs. The project risk monitoring and control process inputs
primarily encompass the risk register, risk management plan, work performance
information, and approved change requests. The risk register contains the list
of risks identified in the risk planning stage. The risk management plan
explicates the responses that will be conducted if the risks occur and includes
project facets, like project communication techniques, risk identification and
analysis methods, and the proposed project scope, cost, and schedule, among
other components. The work performance information, which is derived from the
project execution and performance reports, details the collected performance
data that relates to the scope, cost, schedule, and quality of project
processes. Approved change requests are the controls used to regulate risk
management modifications that affect project scope, cost, schedule, and
quality. These elements can help determine if risk response plans are being
properly executed, whether those executions are prompting the targeted results,
and if there are any indications of new risks. The project risk monitoring and
control tools and techniques involve risk assessments, risk audits, risk
analyses, technical performance measurements, and status meetings. The risk
assessments are the evaluations that define the way in which risks
change/progress over the life of the project. The risk audits examine the roots
causes of the identified risks, as well as the effectiveness of risk responses
and the risk management plan. The risk monitoring and control analyses, which
include earned value analysis, variance and trend analysis, and reserve
analysis, help ensure risks are appropriately responded to, ascertain the
triggers for those risks, and identify new risks. Technical performance
measurements provide a comparison of the actual and planned factors that
concern the technical evolution of the project. The variance that results works
to determine the level to which project requirements are satisfied in terms of
cost, performance, schedule, and risk handling. The status meetings allow for
accurate, timely and consistent risk identification, risk prioritization, and
response planning among project members and stakeholders. The project risk
monitoring and control process outputs entail the change requests and project
updates. The change requests are the recommended action modifications needed to
respond to project risks; these recommended actions center on corrective
actions, like workaround plans and contingency plans, and preventive actions,
which help maintain compliance with the project management plan. The updates
consist of the remedial revisions made to the risk various project risk
management processes, such as the risk register, organizational process assets,
risk response strategies, and etc.