SYSTEMS RISK MANAGEMENT

Systems Risk Management



Systems Risk Management

Introduction

The difference to notice is that PRINCE2 is clearly project life cycle based with six out of eight major processes running from "Starting up a project" to "Closing a project". The remaining two, "Planning" and "Directing a project" are continuous processes supporting the other six. Each of these have their respective sub-process totaling 45 in all.

If we analyze the methods and tools which the systems risk managers use in an attempt to bring the product issues together, then we can say thay the two methods under review (PMBOK and PRINCE2) offers the same conceptual model of a combined project-product system.

Then, feeding into the system, are six "Components" some of which are documents and others that are themselves processes. Finally, PRINCE2 describes three techniques namely: "Product Based Planning", "Quality Review" and "Change Control". The whole document is presented as an easy-to-follow narrative, bulleted checklists, process diagrams and timely "Hints and Tips". By comparison, the Guide consists of twelve chapters describing functionbased knowledge areas with illustrations of their respective project management processes and narrative descriptions in the form of inputs, tools-and-techniques, and outputs.

These observations call for a fresh look at the methods and tools systems engineering managers use in an attempt to bring the product issues and the project issues together under the same conceptual model of a combined project-product system ensemble.

Risk Identification

Risk identification is the reduction of descriptive uncertainty which involves “surveying the range of potential threats”. This element of risk assessment involves detecting issues which could jeopardise or threaten the success of a project. Chapman states that the risk identification and assessment stages have the largest impact on the accuracy of any risk assessment (Handy, 2005, 44). As a result, risk identification is the most important stage of the risk management process. Of particular importance to ISD is the early identification of risks where “identifying and dealing with risks early in development lessens long-term costs and helps prevent software disasters”.

There are a number of interesting differences between the Guide and PRINCE2 philosophies. PRINCE2 speaks of "stages" rather than "phases" and states that while the use of stages is mandatory, their number is flexible according to the management requirements of the project.4 PRINCE2 also differentiates between technical stages and management stages.5 Technical stages are typified by a particular set of specialist skills, while management stages equate to commitment of resources and authority to spend.

For example, PRINCE2 describes a product's life span as having five phases: Conception, Feasibility, Implementation (or realization), Operation and Termination but, of these, only Implementation is covered by PRINCE2. Indeed, the manual states "Most of what in PRINCE2 terms will be stages will be divisions of 'implementation' in the product life span." Thus, PRINCE2 is an implementation methodology, somewhat akin to construction management, rather than a whole project management methodology. Indeed, PRINCE2 assumes that the project is run within the context of a contract and does not include this activity within the method ...