Home Executing Quality How Do We Do Quality Anyway?
US FTC Compliance
Yes, all these ads are some kind of affiliate link and I get paid a commission if you click or buy.
Not enough to quit my day job, but it keeps the site alive.
- Jeb Riordan, Editor, PROJECTmagazine
How Do We Do Quality Anyway? Print
The ability to exceed customer's expectations is fundamental to the success of any project and the existence of effective and well documented quality procedures will raise the credibility of the project team and confidence of stakeholders. However, for most of us the very idea that we are going to actively "manage" project risk is introduced at the project kick-off meeting. In this article I am referring to the 'internal' kick-off meeting, the customer/client is not present and therefore the participants may feel less inhibited.

It is here, at the kick-off meeting that all project team members are assembled for the first time. Well organised and effective kick-off meetings can last two days or so and one important agenda item should be to introduce the process of reducing the effects of the risky elements in the project scope.

During the kick-off meeting the project is described in detail, as well as the business opportunity it presents now and in the future with this particular customer/client. And this will set the scene for the risk identification activity later.

In most cases it is difficult to objectively quantify risks in dollar terms. Therefore the procedure I will describe focuses on analysing risks in a practical subjective way.

Risks must be identified before they can be managed. Questionnaires and check lists are useful tools for focusing on specific aspects of the project. These "memory joggers" are project specific and handed out and described at the very beginning of the kick-off meeting. Project team members are asked to read them, answer the questions and make notes on the check sheets during the early parts of the meeting, in advance of the risk assessment session.

The risk assessment session is in two parts; risk identification and risk analysis. All the project team participate in the session which consists mainly of open discussion and brain storming to identify the risk events, followed by collaberative assessment of the affect of each identified risk event.

Risk Identification

The brain storming session should be facilitated by someone external to the project. This will ensure that the outcomes are unbiased and wide ranging. All normal brainstorming techniques should be used, including mind-mapping, fish diagrams, cause and effect diagrams etc.

At the end of the brainstorming session each participant is given a pad of 'post-it' notes and is asked to write down all the risk events they consider will affect the project outcome. One risk on one 'post-it' note. This could take thirty minutes or so.

All 'post-it' notes are collected and sorted into groups. 'Post-it' notes identifying the same risk event are collected together and then these collections are grouped based on topic. For example, financial, technical, time related, etc.

Then the whole team agree on a clear concise risk statement for each identified risk event.

Risk Analysis

Each risk statement is then discussed and agreement reached on:

  • The probability of the risk event happening
  • The consequences of the risk event happening
  • The impact the risk event would have on the outcome of the project


An overall risk assessment for each risk is then made based on the probability, consequences and impact.


Because we are analysing in a subjective way we cannot assess the probability of the risk event occurring down to a decimal point percentage. The probability of the risk event occurring is therefore categorised as very low, low, medium, high and very high.


This is a short description of the outcome if the risk event occurred. There may be a "knock-on" effect. However in this type of analysis it is best to avoid too much complication.


Again in a subjective analysis we categorise the impact on the project of the risk event happening in broad categories of negligible, marginal, critical and catastrophic.


The overall project risk exposure for each event is then graded from the following impact/probability matrix.


Very High High Medium Low Very Low
Impact Catastrophic 1 1 1 2 3
Critical 1 1 2 3 3
Marginal 2 2 3 4 4
Negligible 2 3 3 4 4


For some risk events it may be necessary to determine individually the impact of the risk event on the project costs, project schedule and project quality.

However, taking into account Pareto's '80/20 rule', 80% of the total risk exposure can be eliminated by managing the 'top 20%' of risks events.

Following a structured risk management process throughout the project life cycle will keep the potential risk events uppermost in the minds of the project team and will minimise the consequences of risk events, should they occur.



Copyright © PROJECTmagazine (c) 1998 - 2019 for practical project management information. All rights reserved.