Risk Management – How to Stop Risks from Screwing Up Your Projects!

This content is syndicated from Kelly Waters by Kelly Waters. To view the original post in full, click here.

Risk Management - How to Stop Risks from Screwing Up Your ProjectsRisk management is the proactive management of things that might screw up your projects, or your business.  The trouble is, at least in my experience, that risks often aren’t proactively managed.  They may not be identified, or they might be identified, logged and nothing meaningful done about them.  So how do you prevent risks from being something people just pay lip service too?  How do you make sure they are captured, assessed, and actioned appropriately, so they don’t bite you on the backside later?

Here’s a simple technique that is easy to do and will help you to stop risks from screwing up your projects…

Make risks visible.

First of all, create a ‘risks wall’ for each of your projects.  If you’re using agile management methods, you can use the same wall as the team uses for tracking their work.

Put a flipchart page on the wall and draw a 2×2 grid on it.  Make the vertical axis ‘Impact’, with High at the top and Low at the bottom.  This represents the magnitude of the impact if the risk becomes an issue.  Make the horizontal axis ‘Likelihood’ or ‘Probability’, with Low to the left and High to the right.  This represents how likely it is that the risk will become an issue.

Whenever someone highlights a risk, write a post-it note to remind you about it and stick it in the appropriate position on the grid.  Try to identify risks even when people don’t highlight them as such.  Whenever people talk about things they are concerned about, they are indirectly highlighting a risk.

Using this simple grid in this way will help you with risk management in a variety of ways.  Firstly it gives you a mechanism for capturing risks, so they don’t go unnoticed.  Secondly, capturing them on the wall makes them highly visible and hard to ignore.  Thirdly, putting them in the appropriate place on the grid helps people to think about how likely they are and what the impact is if they come about.  This helps people to park low priority risks without continuing to worry about them, and helps them to understand that higher priority risks need to be actioned.

Take action.

Once a risk is highlighted, you need to decide what to do with it.  So what are the options?  Typically with a risk you can choose to do one of the following:

  • Avoid it – e.g. by taking a different approach.
  • Reduce it – for instance by mitigating the likelihood of it occurring, or by implementing a contingency to reduce the impact it it does.
  • Share it - perhaps by contracting it out to a vendor.
  • Retain it – accept that it is a risk and do nothing.  Even if you decide to do nothing, that should be a conscious decision to accept the risk, rather than simply ignoring it.

Another way of looking at this is the ROAM model.  ROAM stands for:

  • Resolved - the risk has been answered and avoided or eliminated.
  • Owned – the risk has been allocated to someone who has responsibility for doing something about it.
  • Accepted - the risk has been accepted and it has been agreed that nothing will be done about it.
  • Mitigated - action has been taken so the risk has been mitigated, either reducing the likelihood or reducing the impact.

To make sure risks are actioned, you can write up a set of columns for managing them on your wall next to the risks grid.  There could be one column which is the queue of new risks that need to be discussed and actioned.  When a risk is identified it can be written on a post-it note and stuck in that column.

The team should have a regular forum standing at the wall when risks are discussed.  In this discussion, the team can talk about any new risks in the queue.  Each one can be discussed and placed in the relevant place on the grid.  A duplicate post-it note can be written and moved into the appropriate column on the wall, i.e. allocated to someone (Owned), Resolved, or Accepted.

The group can then discuss any risks that are still in the Owned column from previous discussions.  What has been done about them?  If action has been take to reduce the risk’s likelihood or impact, the post-it can be moved to the Mitigated column when the group is satisfied it has done all it can or all that’s appropriate in the circumstances.

A few simple rules.

As a matter of policy, you could create a few simple guidelines and write them on the flipchart too.  For instance, risks in the High/High top right quadrant of the grid must be Mitigated or Resolved and cannot be Accepted.  Owned risks must be actioned before the next risks meeting.  Accepted risks must be escalated for management awareness.  A few simple rules to guide people’s decisions will help to ensure people know (and remember) what’s expected.


You may also have a rule that any risks in the top right quadrant must be escalated, whatever the team chooses to do with them.  In this case, you could have a very similar setup for risks on a wall at a program or portfolio level, where escalated risks go up the chain to a more senior group of people discuss, in order to make sure they are aware of them and perhaps to action those that are outside the control or influence of an individual project team.

The difference between success and failure?

Using a simple technique like this to proactively manage risks – which is extremely quick to do and easy to maintain – might just make the difference between success and failure…


Leave a Reply

Your email address will not be published. Required fields are marked *

5 − 2 =

There are 101 ways to do anything.
To find the best way, sometimes you need expert help

What People Say

“I worked with Kelly on many projects at IPC and I was always impressed with his approach to all of them, always ensuring the most commercially viable route was taken. He is great at managing relationships and it was always a pleasure working with him.”


“I worked with Kelly whilst at Thoughtworks and found him to be a most inspiring individual, his common-sense approach coupled with a deep understanding of Agile and business makes him an invaluable asset to any organisation. I can't recommend Kelly enough.”


“Kelly was a brilliant CTO and a great support to me in the time we worked together. I owe Kelly a great deal in terms of direction and how to get things done under sometimes difficult circumstances. Thanks Kelly.”


“Kelly and I worked together on a very large project trying to secure a new Insurer client. Kelly had fantastic commercial awareness as well as his technical expertise. Without him I would never had secured this client so I owe a lot to him. He is also a really great guy!”


“Kelly was a great colleague to work with - highly competent, trustworthy and generally a nice bloke.”


“Kelly is an extremely talented and visionary leader. As such he manages to inspire all around him to achieve their best. He is passionate about agile and has a wealth of experience to bring to bear in this area. If you're 'lucky' he might even tell you all about his agile blog. Above all this, Kelly is great fun to work with. He is always relaxed and never gets stressed - and trust me, he had plenty of opportunity here! If you get the chance to work with Kelly, don't pass it up.”


“Kelly revolutionised the way our digital department operated. A true advocate of agile principles, he quickly improved internal communication within our teams and our internal clients by aligning our business and creating a much enhanced sense of transparency in the decisions the business was making. Kelly also introduced a higher sense of empowerment to the development teams...”


“Kelly’s a leading program director with the ability to take charge from day one and keep strong momentum at both a program and project level driving prioritisation, resourcing and budgeting agendas. Kelly operates with an easy-going style and possesses a strong facilitation skill set. From my 5 months experience working with Kelly, I would recommend Kelly to program manage large scale, complex, cross company change programs both from a business and IT perspective.”


“Kelly came to the department and has really made a huge impact on how the department communicates, collaborates and generally gets things done. We were already developing in an agile way, but Kelly has brought us even more into alignment with agile and scrum best practices, being eager to share information and willing to work with us to change our processes rather than dictate how things must be done. He is highly knowledgable about agile development (as his active blog proves) but his blog won't show what a friendly and knowledgeable guy he is. I highly recommend Kelly to anyone looking for a CTO or a seminar on agile/scrum practices - you won't be disappointed!”


“Kelly is an Agile heavy-weight. He came in to assess my multi-million $ Agile development program which wasn’t delivering the right throughput. He interviewed most of the team and made some key recommendations that, when implemented, showed immediate results. I couldn’t ask for more than that except he’s a really nice guy as well.”


“Kelly was engaged as a Program Director on a complex business and technology transformation program for Suncorp Commercial Insurance. Kelly drew on his key capabilities and depth of experience to bring together disparate parties in a harmonised way, ensuring the initiate and concept phases of the program were understood and well formulated. Excellent outcome in a very short time frame. ”



To explore how we can help you, please get in touch