Risk Management Plan: Risk Treatment Plan

Complete Part 3 - the Risk Treatment (See attachment) There are five columns to be completed in the Risk Treatment Plan: Treatment Strategy, Treatment Description, Treatment Resources, Risk owner, and Deadline A. Treatment Strategy This is the risk response that you will apply to the risk. You will recall from week 6 that there are only 4 possible risk responses: Avoidance Changing the project plan (e.g. the scope statement, the schedule, etc) so that a particular risk can’t happen. Typically this means removing something from the scope of the project to completely remove the risk, so it is 100% impossible. E.g. you have to produce website that will display on Windows Internet Explorer, Firefox, Chrome and Opera. There is a big risk that Opera will not display it correctly, so you remove “Opera” from the scope statement. Now that risk cannot happen. Mitigation Taking action to reduce the likelihood and/or the impact of an identified risk. E.g. there is a risk the project might be late because the team has not much expertise with SharePoint. You can mitigate the risk by providing training to the team and/or contracting a SharePoint specialist. Transference Paying someone to take the risk on your behalf (usually outsourcing or purchasing insurance) Note that to transfer a risk, you must transfer it OUTSIDE the company. You can’t transfer to another team, or transfer by employing experts, because the company still owns all the risks of its employees. Acceptance You simply decide that you will accept the consequence of the risk if it occurs. This may be because you think: There’s virtually no chance of it happening (e.g. a major earthquake in London), or The impact would be negligible, It is too expensive to deal with (e.g. the cost of insurance may be more than the impact of the risk event), or You simply have no idea what you would do! When you accept a risk, you don’t have to do anything further. If you try to plan anything for this risk then it becomes a mitigation. B. Treatment Description Having selected the strategy, this field is where you enter the details of how this strategy will be implemented. C. Treatment Resources People, equipment, budget, etc required for this strategy. D. Risk Owner The risk owner is the person responsible for ensuring that the risk strategy is put in place, and is also responsible for checking that the risk is dealt with according to the plan, if the risk occurs. This person may not be the same person who actually treats the risk. For example, the IT Manager may be the risk owner for the risk “Some laptop computers may be offsite and not upgraded”, but it will not be the IT Manger who actually recalls and checks each laptop, that is a task for a technician. E. Deadline Enter the date when the strategy has to be finalised (e.g. of the strategy is to buy insurance, then this will be the date that the insurance has to be purchased.