Integrating Project Risk Management into the Enterprise

In a typical project environment, project risk is usually captured within the project and managed locally, being viewed entirely from the project own insular perspective. Project risk is reported by the project manager, typically to the Project Board (often made up mid or senior level organisational personnel). But whilst this approach may meet the projects needs, it does a poor job of considering the broader needs of the organisation.

So why is this important?

Well there are three obvious reasons:

1. Whether for information technology, organisational change, or new infrastructure, projects at some point tie into the realisation of the organisation's strategic objectives (at least they should do). They aim to deliver increased capability or competitiveness. Therefore, the failure of a project could undermine the realisation of strategic objectives.
2. The financial or resource investment in to the project could be lost and warrants closer organisational oversight.
3. Project risks can have shared, or related implications for other elements within the organisation. A risk identified as a project risk could also be threatening the activities of a business functions elsewhere within the organisation. Being able to identify this presents an opportunity for a collaborative approach to managing a shared risk, possibly reducing the investment of resources from both parties.

We're not talking about minor issues here, but the reality that some projects require considerable financial investment and may underpin significant parts of the organisation's strategy. Where major projects take place, there is likely to be a greater degree of interaction between the project and dependent parts of the organisation. Keeping project risk isolated and away from the organisation's approach to risk management simply does not make sense.

So why has project risk management been run as a discrete activity, separate from the organisational approach? Well the justification behind this isn't really very compelling, and frequently relates back to the insular, highly focused nature of projects, or the fact that a lot of projects are delivered by external providers.

Projects have limited durations, fixed objectives, and assigned resources. Project Management has evolved to the point where project managers and team members are extremely focused on realising project objectives, with tools such as the project plan keeping them inwardly focused on meeting deadlines for deliverables. However, there is now a need for a consolidated or unified approach, where project managers recognise and accept the need to integrate their management of project related risk into the organisational risk management framework. Equally, risk professionals can recognise and support the view that all projects should undertake project related risk management activities within the organisational framework, and where possible utilise the organisation's risk management tools and processes. This is an approach that would really benefit from the support of professional bodies in both project management and risk management circles.

Project Managers can be quickly and easily equipped to integrate their risk management activities into the broader risk framework of the organisation. This is actually quite easy to do and something the average project manager should grasp from the following explanation:

Step 1: Understand where the project fits within the organisation and how it serves the organisation's objectives.

Ensure that any project objectives and deliverables are tied into or related to the organisation's strategic objectives. This does not mean that a project objective needs to be the direct child of a strategic objective, but they should exist within the lineage of strategic objectives (even if further down as grand child or great grand child). Doing this will ensure that the project is securely aligned within the organisation (and ultimately the strategic objectives it supports). This helps the project manager and organisational personnel clearly understand exactly how the project relates to the broader organisation. It clarifies the need for and helps personnel focus on the realisation of project benefits, it makes the relationship between the project and core organisational aims more self evident. This is a powerful first step in improving project focus, one that really clarifies the projects purpose and context for all involved.

Step 2: Utilise a unified approach to risk management

Ideally, the organisation should seek to use a single risk management tool capable of capturing and managing risk across the organisation. This means that rather than holding a separate risk register for the project, the project team can utilise the organisation risk management software. This can be very easy if the organisation has deployed an effective risk management software solution, one that enables users to access the system directly, defines the risk management process, and manages the risk data in real time. This enables project risks to be instantly reported and managed as a discreet activity, yet still be a full participant in the organisation's broader risk management programme. Project risks can be reported to the project board, but they are also captured in the organisational programme and can be considered in a much broader context, making the organisation far more resilient.

What are the benefits?

• The organisation has much greater risk oversight over is projects and its investment.
• The organisation can become far more resilient, and gain advantage over competitors.
• Project Managers demonstrate a more client centric approach to risk management, meeting organisational needs.
• Risk Management is more responsive, as centralised risk information supports faster working practices.
• Collaboration on the management of risk becomes a reality, especially where a risk threatens the project and another organisational department in parallel.
• The project is more closely integrated into the organisation, easing elements of the handover.

There is rarely a substantive reason for managing project risk in isolation from the organisation's risk management framework. Recognising that an isolated approach to project risk management fails to serve the organisation effectively, the fact that effective risk management software exists in the market place enabling organisations to realise a unified approach to risk management with ease, and the desire of project management professionals to deliver an ever better service to clients should mean that this is something the vast majority of organisations can realise.

It's time to integrate the management of all project related risk into the organisation's risk framework.

Here's an example of how this can be achieved using Risk Network:

Risk Network is an Enterprise wide risk management software solution. It can capture and unify risk from across the organisation, and provide you with highly effective oversight, in a way that is clear, easy to use, and aligns all organisational activity.

1. A new project can be initiated and captured in Risk Network at any level within or feeding into the organisation. Project objectives can be directly linked to the organisational objectives at an operational or strategic level, so the relationship between the project and the organisation becomes very clear. Doing this helps personnel see where the project sits in the organisational structure, and how it fits into the organisation's broader strategic aims are.

2. With the projects objectives captured onto Risk Network, risks can now be loaded as they are identified. This is where the capabilities of Risk Network to improve your risk management really come to the fore.

3. Whenever you identify and record a risk, it is captured within Risk Network and it's place and impact on both the project (at a local level) and the organisation (at a broader level) are immediately evident.

4. Risk Network enables members of the project team (with permissions) to record or modify risks on the software (Risk Network provides a full history of changes) with Risk Network automatically rolling up the data and storing it securely.

5. Geographically distributed members of the team can engage in risk management and support the project more effectively. The Nature of Risk Network also resolves the typical challenge of saving over someone else's work.

6. A clear dashboard provides the Project Manager (and team) with key risk data, so they can see where they are, what actions need to be taken, by whom, and when.

7. Reporting becomes easy, as template driven reports can be produce at the push of a button, taking the slog out of delivering a professional standard of reporting. Risk Network will store your favourite risk templates so that you can run the same report at any future point with the latest data.

In short, you end up with a secure, robust, permissions based risk management software solution to underpin your risk management programme. As many users as you need can access the risk management software, to update information (even remotely if required) and respond to or collaborate on the management of risk in real time. A full audit trail is generated, all changes are recorded, and the dashboards deliver all the updates you need. Finally, reporting is made easy and delivered to a much higher standard with less work.

You can stick with spreadsheets and keep doing it the hard way, or you can develop one of the best risk management programmes out there. It's worth taking a closer look at Risk Network.

Call now and take a closer look at how Risk Network could greatly improve your risk management programme.