Make Sure Your Project Team Understands Risk First-Hand

Slide Show

Getting the Most from Project Staff

Get project staff on track quickly with these tips from Robert Half Technology.

The typical mindset of risk management is to completely isolate and prevent "risky" events from ever happening in the first place, or even being discussed much.

But an interesting opinion piece at Forbes suggests that since you can never truly eliminate risk, you and your team should wrestle with it a little, just to get a better picture of what it looks like.

Mike Duensing, the engineering VP at cloud collaboration and planning solution Mindjet, says he has adopted a "keep your friends close and your enemies closer" approach to risk management in his own IT team. It's an over-used term, but basically Duensing advocates an integrated (my term, not his) approach to identifying risks and ensuring that team members in all phases of a project intimately understand what can go wrong with their responsibilities.

He cites the well-publicized "5 Dangerous Things You Should Let Your Kids Do" video presentation from the Tinkering School as something of an inspiration for his approach. If a kid owns a pocket knife (an example from the video), they come to understand from an early age that sharp things can do a ton of damage. If your DB engineer is engaged in the architectural phase with a legitimate cost/benefit risk evaluation of a breach, the imperative to keep data under lock-and-key will be more immediate and real to her as she designs and implements her schema.

Duensing goes on to offers numerous tips on developing a risk management culture internal to IT project teams. I don't want to steal his thunder by repeating too many of them here (you really should check out his column, so here is that link again), but one of the most noteworthy pointers is to make risk a measurable with checkpoints along the way.

He also warns against allowing an elevated awareness of risk among your team to cripple your projects. Anyone who has ever worked on a large-scale project, even as an embedded stakeholder, will nod in agreement to this one. IT guys, particularly developers, tend to have the perfectionist gene; the idea that it's OK if certain things go wrong is not comforting to them. Getting a project team to embrace the concept of acceptable risk can be a management trick of the highest order.

It bears noting that Duensing's column (in addition to promoting risk visualization tools such as those offered by Mindjet) views risk management as a bottom's up proposition, and certainly one contained within IT, as least as far as managing IT project risk goes. He even closes with the line that solid risk management can "ensure that IT dispenses well-being to the entire organization."

That's a different take than you'll often find in discussions of the formal discipline of risk management and where it actually belongs in an organization. With so much emphasis in the trade press on centralized governance, risk and compliance (GRC) offices and software, Duensing's advice might well be viewed by some organizations as more of a Project Management tactic as opposed to Risk Management (note the capital letters).

But then again, looking both ways before you cross the street is a form of risk management, and you'd be foolhardy to try and manage that from a central office. Building a culture where everyone is mindful of acceptable and intolerable risk is just smart business, regardless of where the formal function lies.

Add Comment      Leave a comment on this blog post
Apr 19, 2012 4:34 AM Luke W Luke W  says:

The kids analogy is a great one, just yesterday i was thinking that as kids we are put into scary situations constantly, being challenged to compete infront of a whole class, moving schools, climbing trees. When we grow up, yes we earn a lot of responsibility, and that can be scary, but we've been prepped for it by being challenged repeatedly our whole lives. Realising just how much you've overcome to get to where you are is a brilliant motivational boost.

Apr 20, 2012 12:13 PM Mike Duensing Mike Duensing  says:

Thanks for the post Lora.  Regarding the centralized vs. project management approach, both are necessary. While I believe it is the primary job of the central risk management office, it is also important for project teams to be stakeholders. Being closer to the action, they are in a vital position to understand relevant issues that might arise and the potential solutions.

Apr 22, 2012 8:04 AM Mike Drew Mike Drew  says:

As with most things in life, it's a balancing act. You need to make sure that your team is familiar with risk and understanding the consequences (and of course, not afraid of making mistakes), while at the same time making sure that they put as much effort as possible into avoiding those risks, so that the end project is as solid as possible.

But I'm all for letting my kids try out a few 'dangerous' things

Mike Drew

HappyTODOS Project Management 


Post a comment





(Maximum characters: 1200). You have 1200 characters left.



Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.