What Are The Categories & sources of Risk in your project? – Learning Path

Last updated on 15th Jul 2020, Blog, General

Simple or complex, every project has a certain amount of risks in it. In order to manage projects successfully, you need to know what those risks are and be able to deal with them efficiently. So, in today’s article, we’ve gathered some of the most common project management risks that may occur during project implementation and how to avoid them.So, let’s jump straight in and look at these categories for project risks..

1. Political

Most projects will be affected by organizational politics, but you should also be aware of the possibilities of impact from local or national politics (or even international politics, if that’s appropriate for your project).

A change in government will affect policy decisions and potentially funding, especially for projects with an element of public sector work or those working with government bodies.

2. Economic

The economy has a huge impact on businesses, and that filters down to have an impact on certain projects. At a macro level you might be looking at the national economy and the implications on your product set, for example. You could also use this category as a discussion point for the ‘economy’ of your organization, looking at the impact of funding cycles for multi-year projects or considering what would happen to your project budget if certain conditions were true.

3. Technological

Technology is moving on at a rapid speed, and it’s possible that technological changes could make your project more or less viable over a period of time. This should be built into your approach to managing volatile projects.

There are also risks relating to using new technology for the first time, or in an immature way.

4. Legal

Your Legal team or advisors should be connected to changes in the law and regulations affecting your industry. These may have implications for projects that should be considered. A risk resulting from legal changes that may mean your project is no longer viable.

Alternatively, your project may be to make your business compliant with new regulations. This can introduce risk around what would happen if the timescales for the project were not met and the business was not compliant when the deadline comes into force.

5. Market

Some industries have a more stable marketplace than others, and you’ll know your own market well. Risks relating to your position in the market, the demand for your goods and services and the rise of new competitors can all affect your project. Staying close to how your market is changing is crucial for any business wanting to compete, so you’ll need to make sure that the people who truly understand what is happening are well-connected to your project teams so that the information is passed on.

6. Supply Chain

Rarely these days will you do a project that has no reliance on anyone else. Whether that’s the manufacturer of a critical part for your product, or a vendor supplying you with cloud-based software, our organizations are more linked together than ever before.

This creates risk, because when one part of the supply chain fails, the downstream implications can be significant. A supplier going bankrupt could put your project back months. Bad weather on the other side of the world could lead to crucial electrical components failing to make it your manufacturing plant on time.

Supply chain risk can also be internal, as your project team will rely on other departments to provide subject matter expertise to the project. If the people or services you need from your own staff are delayed, this can also affect the success of your project.

7. Organizational

This type of risk relates to changes in the organizational structure. This might apply if you have a change of leadership, which might in turn lead to a change in strategic direction. It’s crucial to make sure project teams are aware of these risks and then what to do if they happen, because something like this could quickly make a project unviable.

8. Operations

These risks relate to impacts on how your business is run. That could be anything from risk that would impact the ability to keep a critical process running in the factory through to making sure the project goes ahead without impacting your customer services.

9. Environmental

Environmental risks range from those that could expose your organization to fines or even legislative action, such as illegal dumping, through to ensuring that your internal environmental policies are adhered to.

Risks in this category are likely to be heavily tied to your position on corporate and social responsibility, and can also affect reputational risk, for example if your business is seen to be polluting.

10. Financial

Financial risks on projects relate to funding cycles, access to funding and making sure that the cash flow is available to pay invoices on time. It’s prudent to consider financial risks to projects because if there are problems in this area, projects could stall, putting all prior investment at risk of being wasted.

11. Resources

Specifically, non-people resources. This kind of risk relates to whether you can get access to the equipment, materials and other resources required to deliver the project in a timely fashion. Risks around delivery of equipment or the inability to source specialist materials would fall into this category.

12. Staffing

Alongside non-people resources, you also have to consider staffing risks. These are things like the right people not being available at the right time due to other projects overrunning, or lack of expertise within your business. It would also extend to the risk of staff sickness, and poorly timed vacations.

13. Scheduling

Risks in this category affect the project timeline. A common risk here is that a task turns out to be more complicated than expected, and so it takes longer. This would add delay to the schedule if the task is on the critical path.

14. Reputation

Reputational risk was touched on earlier in the section about environmental risk, but it is worth mentioning again. Today, when it seems like an organization’s reputation can be won or lost on a Tweet, it is definitely worth considering the risk to reputation when you work through the identification exercise. As well as focusing on the public face of your business, think about the impact on investors and on your own staff. Reputation matters when it comes to retaining talent in your organization.

15. Other

It’s useful to have an ‘other’ category! This prompts the question: “What have we forgotten?” during risk identification discussions. You need space to be able to think about things that don’t neatly fall into the categories above, or perhaps fall into several and need to be split out in a different way.

Common types of project management risks

• Estimating time and risks. One of the most important things about implementing a project is estimating it correctly. But since every website and mobile app is somewhat unique, it’s not always possible to come up with exact estimations right off the bat.
• Change of requirements. Today’s market is competitive as ever. Because of that, clients may sometimes change their vision of how their product or certain features in it should look like. Even though it’s hard to be prepared for change of requirements, it’s one of the things that you need to consider.
• Unforeseen circumstances. Just like any other people, project managers and developers are humans. For example, if some of them get sick, it can delay the project for an indefinite period of time or even derail it.
• Unclear specifications. Because of incorrect project initiation, specifications may not always be clear or complete enough for developers to start their part of the work.
• Neglecting design. Trying to save time, many developers sometimes tend to neglect design processes. However, that decision often throws them a wobbly, since design plays one of the most crucial aspects about development.
• Technical risks. Budget cut is among the most challenging risks as it forces you into a situation where you need to satisfy client’s requirements while being low on resources.
• Unavoidable risks. These are risks, which can’t be controlled or estimated: starting from technologies being discontinued to even changes in government policy.

As you can see, the path to successful implementation of a project is not only long but also full of certain risks. We’ve prepared a list of rules that should help you avoid them and manage projects efficiently. Without further ado, let’s get straight to them:

• Identify risks. In the very beginning, thoroughly analyze the whole project and put down all potential problems that may occur in the future. Brainstorming with your team is also a good way to identify risks. Also, don’t forget to explain each team member their scope of work and responsibilities.
• Keep in touch with your client’s. In order to avoid any conflict situations or misunderstandings, make sure you always inform your clients about everything that can somehow affect the project, including potential risks. The last thing you want to happen is your client finding out that they are out of budget.
• Don’t miss good opportunities. Make sure you spend an equal amount of time on outlining both risks and opportunities to improve things. It’ll allow you to be more effective and help the client to save their time and/or money.
• Remember to prioritize risks. Each risk affects the project you’re working on differently. From this perspective, you should focus on the project management risks that cause the biggest losses and deal with them first.
• Make a risk response plan. Arrange a meeting with your team and try to find answers to the following questions: What can be done to avoid risks? How can we manage them effectively? How to make sure we haven’t missed any opportunities? Answering these questions should allow you to improve the development processes.
• Keep track of every risk. This will allow both you and your team to avoid your mistakes in future projects.

PMP Risk Category Examples

There are many ways to classify or categorize risk such as:

• External Regulatory, environmental, government, market shifts
• Internal Time, cost, scope changes, inexperience, poor planning, people, staffing, materials, equipment
• Technical Changes in technology
• Unforeseeable Only a small portion of risks (some say about 10 percent) are actually unforeseeable

A better way is based on specific categories of risk that may occur on your company’s projects. My risk research shows over 300 potential categories of risk.

These include:

• Technology
• Customer
• Project management (yes, your lack of project management effort can add risk)
• The customer’s customers
• The suppliers
• Resistance to change
• Lack of knowledge of project management by the project manager and stakeholders
• Stakeholder-caused risks
• Sponsor-caused risks
• Cultural risks

PMP Risk Categories by Source

Another way is to categorize risks by source; “Where do risks come from?” as shown below:

• Schedule risk “The hardware may arrive earlier than planned, allowing work package XYZ to start three days earlier.”
• Cost risk “Because the hardware may arrive later than planned, we may need to extend our lease on the staging area at a cost of $20,000.”
• Quality risk “The concrete may dry before winter weather sets in, allowing us to start successor work packages earlier than planned.”
• Performance or scope risk “We might not have correctly defined the scope for the computer installation. If that proves true, we will have to add work packages at a cost of $20,000.”
• Resources risk “Riki is such an excellent designer that he may be called away to work on the new project everyone is so excited about. If that occurs, we will have to use someone else and our schedule will slip between 100 and 275 hours.”
• Customer satisfaction (stakeholder satisfaction) risk “There is a chance that the customer will not be happy with the XYZ deliverable and not tell us, causing at least a 20 percent increase in communication problems.”

Expect the phrases “sources of risk” and “risk categories” to be used interchangeably on the exam. They can be organized in an organizational chart or WBS-like format called a risk breakdown structure.

PMP Risk Identification

This is where risks are identified. Any risks missed here may be harder to deal with later in the project. This effort should involve all stakeholders and might even involve literature reviews, research and talking to non-stakeholders.

Sometimes the core team will begin the process and then the other members will become involved, making risk identification an iterative process.

When you get a question about who should be involved in risk identification, the best answer is everyone! Everyone has a different perspective of the project. Take off your blinders and look beyond what you are used to.

Smart project managers begin looking for risks as soon as a project is first discussed. However, the major risk identification effort occurs during planning. Risk identification cannot be completed until a project scope statement and WBS have been created and the project team knows “what is the project.” The sponsor may supply a list of risks in the preliminary project scope statement.

Because risk identification can occur during the initiating and planning process groups, the exam has often said that risk identification happens at the onset of the project. Risks may also be identified during any part of the project.

The exam will specifically look for you to include risk identification during such activities as project changes, when working with resources, and dealing with project issues.