matrix - ITM Platform | Projects Programs Portfolio

Qualitative and quantitative risk analysis are two very different processes. In this article we explain qualitative evaluation with an example taken from the video game industry.

In general, qualitative analysis seeks to identify risks by using scales that summarize visually and intuitively the relative dimensions of each risk, allowing to prioritize: providing a visual representation that combines the most basic factors, such as the impact that the risk would have on a project and the likelihood of it occurring.

In spite of its name, qualitative evaluation implies a numerical estimate of these two variables along previously defined scales using a quick and subjective approach. It's something like when doctors ask: From one to ten, how much does it hurt?

Similarly to the intuitive scale of Wong-Baker's expressions, qualitative assessments of risk have visual translations in a geometric representation that allows a systematic comparison in risk assessment matrices.

In the example that follows, we have used our online risk assessment matrix to estimate the comparative weight of the following risks for a team of developers in a video game studio:

Inadequate graphics engine
Loss of programmers
Failure in approval process of the game build after submission

If we assign impact and probability values to these risks, we obtain the following table.

Risk	Probability	Impact
Graphics engine	20%	40
Personnel	33%	50
Certification	8%	100

The table itself suggests some observations.

Experience, the mother of probability

Firstly, in a video game studio that launches, say, half a dozen titles a year, after 10 years of activity there is a portfolio of 60 titles that allows to draw certain conclusions about the frequency with which these risks occur. The probability estimate is based on the experience of the organization, which has suffered personnel losses in the programming area in one out of three projects.

Simplify and then discuss the details

This model simplifies factors in just two values, but it is important not to lose sight of the fact that the variables hide more complex realities that should appear in the quantitative phases and in the discussions with the stakeholders. For example, loss of talent can hide many different realities, depending on the number of people lost, their roles within the organization, or whether the loss is due to a transfer to another company, vacation, retirement or inability to hire according to the forecasts of the HR department.

With all these nuances, when we load the table into ITM Platform’s online risk assessment matrix we obtain this result:

Although there is no single interpretation for this type of result, the visualization emphasizes that the most threatening risk for this study is the loss of personnel, while the selection of the graphics engine and certification seem to be more controlled by the workflow and process procedure. The HR department of the studio will probably need a mitigation plan in order to be able to face situations of personnel shortage in times of high load of work. Such a plan could include:

Reassignment of tasks to existing resources.
Segmenting possible delays, or cost increases in case the scope is maintained.
Communication plan to stakeholders involved in the tasks who may suffer because of the delays.
In severe cases, reconsideration of non-critical components that allow the viability of the product to be saved.

Remember that you can compose your own set of risks in ITM Platform’s online Risk Assessment Matrix. In addition, if you can register, save and share them with your team.

In the next article of this series, I will expand the example to the context of a quantitative evaluation to better understand the differences between the two approaches.

Receive the latest blogs directly into your inbox

conveyor robot manipulators work businessman in front of control panel analysis production development Risk management has a specific place in protocols and risk management models. In this article we will discuss the six steps to controlling risk for risk managers, as broken down in the PMBOK: planning, identification, qualitative analysis, quantitative analysis, response planning and monitoring.

In short, a risk manager should take the reins of the risk control process with a detailed plan; find out what the risks are that may affect team members and various units of the organization, assess risks from the perspective of the whole organization; create action plans to respond to each of the risks if they occur; and continuously monitor in order to improve the plan.

Risk management planning

Like any other aspect of project management, risk prevention and response in the case of risk occurrence should be subject to strict planning. Risk management is iterative, implying that the planning phase will be reviewed after each cycle.

More specifically, planning involves a series of essential decisions that will affect the following five steps. Choosing methodologies, assigning responsibilities, defining types and categories and risks, as well as allocating resources are some of the main areas of focus at this moment.

Risk identification

This step is to identify the risks that may affect the development of the project and understand their characteristics. It is essential to identify all risks that may potentially influence the project so that the necessary precautions can be taken and disaster can be avoided. Therefore, planning for all risks is essential. Do not ignore them but instead control them.

For the identification of risks, multiple systems can be used.

One of them is to use similar backgrounds, both in our company and in other companies that resemble by their activity or reach.

Another possibility is to use specific analyzing tools (Ishikawa diagram, flowchart or other types of specialized diagram systems) or other standardized analysis systems, such as SWOT analysis (Strengths, Weaknesses, Opportunities, Threats).

Finally, if the first two possibilities are not feasible, you can resort to expert judgment.

After identification, it is important to proceed to classify risks that have been detected (Technical, external, organizational, management, etc.). Their influence on the project (mild, moderate or severe impact on the project), or the probability of the risk arising (low, intermediate or high probability).

Qualitative analysis

This analysis is used initially to filter risks and prioritize them in order of importance and severity. Although this analysis may not be the best in terms of accuracy and speed.

This type of analysis is also used for risks which need immediate attention. The urgency leads to an analysis that, despite not being the best in absolute terms, is most appropriate for the time available.

The results of this analysis should reflect in a risk assessment matrix.

Quantitative analysis

This is a more comprehensive systems analysis, but also the most complex and time consuming.

To perform a quantitative analysis, specific quantitative risk analysis systems should be used, such as mathematical simulations e.g. Monte Carlo.

A simpler option is to use a decision tree with which you can numerically illustrate the parameters derived for each choice.

If it is not possible to quantify the risks, you can turn to experts in the field to conduct an assessment.

Ideally, experts should be external to the project in order to prevent conflicts of interest. In addition, to avoid bias, the evaluation should be conducted blindly without knowing the outcome of assessments made by the other experts.

There are differences between this point and the assessment of experts in qualitative analysis. While in the former case, experts estimate the relative importance between different types of risks in order to focus on the most important, in the quantitative case experts, despite not having actual data, provide estimates as accurate as possible based on their experience and the results of other projects that they have led previously.

Risk response planning

When a threat is verified, the response must be preplanned and follow the correct procedure. Action plans must be drawn up when risk in the project is present in order to prevent its occurrence. This may include transferring it to an external agent or mitigating their effects, in the event that the risk occurs. Where risks cannot be avoided, in the event of circumstances beyond our control or scope, contingency plans should be developed that allow for coordinated and appropriate action.

Risk monitoring

To predict whether or not risks may occur it is necessary to know warning signs so that it can be anticipated. If this is not possible, monitoring mechanisms should be in place so that a risk in a project can be detected the moment it presents itself.

The purpose of these systems is to instil the attitudes of anticipating risks and having contingency plans in place, before the risk has significantly influenced the project.

In addition, self-monitoring the reaction to the risks and the occurrence of them can improve prevention measures, and thus reduce time and increase the efficiency of the reaction.

Here are some recommended articles:

Our new Risk Assessment Matrix is online

Keys to becoming a good risk manager

Risk management… The what, the why and the what to do

Juan Delgado

Blogger ITM Platform

Receive the latest blogs directly into your inbox

The existence of risk is inherent in absolutely everything we do in life. All activities are subject to some degree of uncertainty.

Risk in project management can be defined as a change in the market environment or the product, that may influence its development.

When implementing a project, no matter how well planned and well organized, there is always a certain margin for error, we can call this the level of risk within the project.

The impact a risk has on a project should not necessarily be detrimental to the project. If preparation is done correctly then managing these changes will be straightforward and thus the consequences on the outcome of the project will be minimal.

If we are able to react adequately to this risk, we can benefit from it and improve our product, our sales or customer satisfaction.

Therefore, the best way to reduce risk exposure is proper planning. When planning, the risks should be addressed from a realistic perspective which allows you to understand them and put into place action plans if they do arise. You should never ignore the existence of the risks, they could be detrimental to your project, and hence they must be controlled.

In order to properly assess the risk exposure within your project, you may find it helpful to use a specialized software. At ITM Platform we offer you a new free risk assessment matrix tool online that allows you to create risk sets in a simple, graphical and intuitive way. You can quickly and easily plan your risks, allowing you to reduce uncertainty in your projects while focusing more of your attention on other tasks.

Good planning is essential, so that the project manager and the company as a whole know how to respond to the emergence of risks. Proper risk management can convert potential weak areas into strengths. In Japanese, the word crisis is formed from the words: "danger" and "opportunity".

The Project manager should be able to turn risks from potential dangers into opportunities.

What are the main sources of risk?

Scope risk

Throughout the development of a project, its scope may change. A project will grow in complexity as customers add new requirements and this may extend or modify the scope. Such changes are common since the product must meet the needs of the market which is constantly changing.

Planning risk

The reasons why a project may not develop as initially planned may not necessarily be the mistakes of the development team, but may be due to external circumstance.

Delays in the supply by an external provider, an accident or any other unforeseen, uncontrollable circumstances, can alter the initial plan. Therefore, proper planning should cover all possible scenarios and the probability that a scenario will arise, such that the resulting impact will be minimal. In this case it can be very useful to develop a risk assessment matrix.

Resource risk

The resources that are available during the course of a project can also fluctuate. Although initially budgetary resources are a defined amount, it is possible that during the project development the economic situation of the company may change due to external factors such as the market or macro economy.

In these circumstances, the project manager will have to do what they can with whatever budget is assigned, eliminating those tasks that contribute less to the project whilst trying to ensure an outcome that meets the minimum requirements necessary for the project to be successful.

On the other hand, human resources may also experience changes. The staff starting a project may not necessarily be the same as the staff who finish the project. In addition, new members could potentially join the team during the project, and therefore will take some time to adjust. This will, at least temporarily, lower the efficiency and productivity.

Technological risk

Using software and other utilities inadequately, could lead to a decrease in your productivity. If there are technological problems, this will delay or hinder the delivery of your projects.

To avoid such problems, we put at your disposal a leader in project management software. So, at least for this part, you can breathe easy.

Once you know the source of risks that may occur during the execution of your project, it will be easier to identify them and include them in your planning. Which will allow you to develop contingency plans to remove, transfer, mitigate or, if no other choice, accept them.

With these techniques, you can rest assured that the risk management of your projects will be successful, and the impact to your company will be minimal.

At ITM platform we understand the business world perfectly, because leaders of various sectors use our project management software.

Try it out and discover what it can do for you:

https://www.itmplatform.com/en/projects-programs-portfolio-subscription/

Top 5 most read blogs on ITM Platform:

The Monte Carlo Method in Project Management

Extra Extra Extra!

Three disastrous project management failures

The project in the face of adversity: what should a project manager do?

What is the Virtual Sock Management or Periodical Online Management?

Receive the latest blogs directly into your inbox

Organizational structures are one of the core elements that fall into consideration when measuring the influence of environmental factors in project management: they can seriously affect resource availability and determine the style of project management.

Although in the real world each company follows its own idiosyncratic organization, tradition has three types of organizational structures, which we illustrate with graphic examples -some real, some generic.

With ITM Platform your organization can adapt to any organizational structure, try it now for free.

Functional structure

Functional structures are a classical hierarchy structure in which each employee has a clearly-defined superior. At the highest level, the company is organized according to a function-based approach (accounting, engineering or production, for example). Members of the workforce only respond to a superior from their own department and so look for a direct line of communication between the lower and higher levels. Each area can be subdivided into more specific functional units. Each department undertakes work and activities on a project independently, with the projects framed by the functional areas of the organization. Within this type of structure, projects requiring various different departments tend to encounter greater difficulties during development as they cut across the organizational structure and no specific position is recognized for the project manager.

Projectized or project-based structure

Example of organizational structures: Simplified model of projectized organizational structure with 3 projects on vertical axis

A simplified model of projectized organizational structure

In this case of organizational structure, the organization has a similarly hierarchical approach with limited interaction across its sections. However, projects are assigned to a fully equipped team and to a project manager, who occupies a high rank within the organizational chart and has subordinates report to him. In fact, it’s not uncommon for project teams to be consolidated into departments headed by a project manager.

It’s easy to see that this is a very simple (even simplistic!) organizational structure with powerful limitations, like the severe issues in knowledge transfer across projects. Whenever this structure is adopted, it’s important to also implement functional algorithms designed with the intent of negotiating trade-offs between projects. As these compete for limited financial and non-financial resources, scenario-based project prioritization can help strike the best balance for the organization based on objective data.

Matrix structure:

Example of organizational structures: matrix organization

Matrix organizations combine the vertical (functional) axis with the project (horizontal) axis

Among all the organizational structures, matrices are very common in service providers and fast-growing organizations that manage multiple projects at the same time. Matrices have commonalities with both functional and project-based structures, and depending on the exact balance of one over the other there can be three types:

Weak matrix structure: this is very similar to a functional organization, with the role of project manager as a coordinator or facilitator; in other words, this person both helps and coordinates, meaning they are unable to take personal decisions but can interact with all the functional areas involved in the project.
Balanced matrix structure: project managers have with greater autonomy than in a weak matrix structure but who is not given full authority over the project, especially its funding.
Strong matrix structure: this shares many characteristics with projectized organization because it has a full-time project manager and administrative team without that necessarily changing the functional structure. Project managers have full authority over their projects and act at the same level as those in charge of the functional areas.

Choosing organizational Structures

In spite of the fact that matrix structures are highly correlated with more mature organizations, it’s important to be unbiased about which organizational structures might be a better fit for each situation. In certain organizations with a lean approach to management a purely project-based structure may work perfectly. In the end, the nature of the activity, objectives, corporate culture and the demands of new customers will have a strong say over which structure should be chosen.