Risk Assessment Prosess
Approach and Processes for Identifying and Communicating Project Risks:
CAI consultants help the client prepare or review/critique Project Management Plan. We use the principle documented in the Project Management Institutes' "Project Management Body Knowledge." This plan is the baseline from which all project activities are organized, assigned resources, managed, and reviewed. CAI’s Project Management approach meets project objectives by providing timely, thorough deliverables and by promoting effective communications between all project stakeholders.
CAI has learned many lessons managing projects. The factors contributing to the potential success or failure of a project have been of particular interest to us. Although each project and organization has its own unique characteristics, CAI has identified six factors that are consistent from project to project. These factors are:
CAI consultants provide specific recommendations on how to manage the critical success factors (CSFs) and establish a standard Project Management Process. CAI defines the process for managing and monitoring these CSFs for all projects. CAI's process includes risk identification, determining risk mitigating solutions or process improvements when necessary. CAI ensures that the knowledge transfer to the project staff is timely and complete.
CAI's experience has demonstrated to us that communication is the key to bringing a diverse organization together to work toward a common goal. Interviews, quality reviews, proactive involvement, and frequent feedback cycles are conducted by CAI to ensure project success and staff involvement. CAI believes that information system development involves more than just assembling the right hardware and software. It includes management of the impact and change to job responsibilities, job procedures, and workflows. We recognize today’s project initiatives include complex technical relationships with external parties such as ISPs, other governmental agencies and the general public.
CAI will identify the project’s critical success factors (CSFs) or risk triggers as they apply to the system development process and the quality, completeness, accuracy, and timeliness of the deliverables. Provide an issue tracking process and identify the trigger points (conditions) under which a CSF could turn into a risk. Trigger points will be measurable through risk indicators. When such a trigger point (CSF to risk) is determined, CAI will recommend specific risk mitigation solutions (includes a definition of options, potential effects and costs of the solutions, and a comparative summary of alternative solutions).
CAI will provide a written and oral assessment of project risks for the Project Steering Committee meetings. The risk factors/areas to be monitored include but are not limited to:
· Project organization and communications
· Project staff skill-sets and training
· Technical architecture and approach
· Data conversion and interface requirements
· Project planning and Project management
· Change and configuration management
· Project budget scope and timing
· End user involvement
· Organizational impacts
· Development and management methodologies
· Deliverable review and acceptance process and the verification and validation procedures used during system development and deployment
· Overall user and management expectations
· Risks specific to the Project Plus Risks specific to intra-agency and inter-agency data exchanges and interfaces
· Other critical success factors identified in the Risk Assessment Instrument (part of Deliverable #1)
The Risk Assessment Report will include (but shall not be limited to):
1. Project critical success factors (CSF) and risk indicators that must be monitored monthly.
2. As assessment of the risk impact, consequence, and severity for each CSF and risk indicator.
3. Identification of the trigger points at which time significant intervention is required.
4. The recommend risk mitigating solutions and corrective actions.
5. For significant risks, assess alternative intervention strategies to address the risk area, the potential effects and costs of implementing the strategy, and a summary comparing the alternatives.