“Project Creates. Program Guides. Portfolio Decides.” – from the book, I Want To be A RMP.
As I interact with various project, program, and portfolio (PPP) management professionals who use my courses, read my books, and/or attend my webinars, I get many queries on the risk management life cycle approach.
While a project is a temporary endeavor to create a unique product (or service/result), a program refers to the coordination of projects, subprograms, and other program activities with the overall intent of obtaining benefits from a product or result. Portfolios, on the other hand, are about management of multiple components, such as projects, programs, sub-portfolios, and other works. Here, we are talking about a collection of said items to achieve strategic objectives of an organization.
Risk Management generally exists within the boundaries of its respective project, program, or portfolio of an organization, though in some organizations it can be looked at as a separate function. For example, in project management, risk management is considered to be a “knowledge area” with its own set of processes, inputs, tools and techniques, and outputs.
A few questions come to mind:
- How do we address risks in the entire context of projects, programs, and portfolios?
- What kind of processes should be taken-up which encompass such “PPP” risk management?
To understand risk management fully in this context, first we need to understand the risk management framework. It’s generally built on seven processes, as shown below:
Such a framework informs with a series of phases from start to completion. Similarly, when we talk about the risk management life cycle, we refer to a sequence of logical phases that can be iterated and include the processes of risk management as shown above. These are as follows:
- Plan Risk Management,
- Identify Risks,
- Perform Qualitative Risk Analysis (Perform QLRA),
- Perform Quantitative Risk Analysis (Perform QTRA),
- Plan Risk Responses,
- Implement Risk Responses, and
- Monitor Risks.
When a project, program, or portfolio (or a phase within such) is closed, the risk management processes are terminated and lessons learned are documented for future use.
In summary, the risk management life cycle (RMLC) works within the context of a risk management framework. It ensures risks are managed in a structured and integrated manner within an organization irrespective of life cycle approaches chosen.
Understanding of the risk management framework across portfolios, programs, and projects is foundational to achieve tangible results coming from risk management.
While a project’s risk management life cycle is somewhat known and practiced, there are a number of variations when programs and/or portfolios are taken up in an organization.
As a risk management practitioner–current or aspiring–one needs to be aware of the intricacies, variations, and subtleties across all the “P’s.” Unfortunately, many practitioners miss these. For example, the primary purpose of program management is realization of benefits, unlike project management where the primary purpose is to meet project objectives. Hence, risk management in the context of programs will differ when compared with risk management in the context of projects.
In my on-demand webinar, we explore the following questions:
- What is the risk management framework and the risk management life cycle?
- What should be the considerations for projects?
- What should be the considerations for programs?
- What should be the considerations for portfolios?
- What is the best practice for taking an integrated approach?
I hope you’ll join me.