Simple PM

Threat Detection

Full Width Featured Image With Sidebar
essentialpmservices
Share 0
Tweet 0
Pin 0
Share 0

Now that you have your scope, delivery schedule, and budget, everything is hunky dory, right? Not quite. What you have developed is your ideal situation: If everything goes right, this is how the plan will work. Reality often tells a different story; threats linger around the corner, as do opportunities. How do you prepare yourself for both? What does threat detection look like?

SWOT Analysis (how to detect things)

The good news, as with every activity you pursue on a project, is that you are not on your own. You have a team of interested people, called stakeholders (we will talk about these people in a bit more detail in an upcoming post), who more often than not are willing to tell you their concerns. Once in a while, one of them might even tell you where there is a chance for the project to be even better!

An effective way of measuring risks to your project is through SWOT analysis. SWOT is an acronym for Strengths, Weaknesses, Opportunities, and Threats. You begin by pulling your stakeholders together and brainstorming each of the SWOT categories. Nothing blurted out is bad, everything is up for consideration because, well, at least one of your stakeholders thinks what they said impacts the project.

You can conduct the discussion in one of two ways:

  1. Discuss by category (S, W, O, and T). Let ideas arise and document them until no one has anything more to add. Then you move onto the next category. You will probably want to take notes on everything else they discuss, too.
  2. Free flowing conversation:
    a. What concerns them about the project?
    b. Have they worked with similar projects, what should the team be wary of?
    c. Did any technologies or industry best practices improve upon what this project is intended to accomplish?

After the session is complete, then you would categorize each item.

Good Points, Bad Points

Note that I have not had you or the team pass judgment on any items mentioned. Some may seem irrelevant or unrealistic on the surface. Others may seem to stand right in front of you. Your SWOT analysis did what it was supposed to: get all concerns and opportunities on paper, so you and the stakeholder team can determine how to address them.

What you have successfully compiled is an introductory list of risks and opportunities. Not all of them are equal or as well-defined: The potential for some to happen are greater than others, and the impact on the project is not the same for all. The great opportunity that someone identified may be cost prohibitive or untimely. Qualitative and Quantitative Risk Analysis are methods that will help you determine how to approach each risk. These two topics get into some heavy specifics!

Back to the simple side: at minimum, for each item, you want to ask the following:

  1. How will this impact scope?
  2. How will this impact timeline?
  3. How will this impact budget?
  4. How will this impact people’s availability?
  5. How does this impact people downstream from the project?
  6. Depending on your project, you may need to ask how this item impacts the community, society, or the environment.

Maybe Not a Threat

As you assess each item against the project plan (scope, timeline, budget, and the procedures used to execute the project), you will identify a separate probability and severity for each item. This may be done in high-medium-low fashion, or a points scale (5-3-1).

Probability / likelihood = the odds of the event occurring
Severity / impact = the damage (or improvement) this event causes the project

For each, you would want to record why you assigned that value as well.

As always, do this with your stakeholders. Maybe you lay out your initial thoughts on each item and allow them time to discuss during a review session. Their institutional knowledge and understanding of the company’s appetite for risk will help your understanding. You may find that some of the greatest concerns have a very low probably of occurring and are not severe, while the opposite might be true for others.

Is That All (Takeaways)

The basics of threat detection are pretty simple: identify concerns and opportunities, identify the probability and severity of each, and determine the potential impact of each on the project in terms of scope, schedule, and budget. This is not a one-time activity; on a regular basis, you will want to review the list of risks – called a Risk Register – and see if anything has changed. Maybe new risks or opportunities have presented themselves, or others are no longer valid.

The Risk Register is a good way of keeping potential concerns in front of your stakeholders and project team so they can work to address any as they arise. Next: managing the Risk Register.

To Tell or Not To Tell 

December 9, 2024

To tell or not to tell, that is the question. When you are making a major change in your organization, when do you tell them? In advance so they can prepare for it, or at the time of change, so that they don’t ask too many questions? The answer seems obvious, right? Tell them with

Read More

Client Side Delivery

April 1, 2024

A vendor’s project manager will not manage client-side activities. Why is having someone who does manage them important for your project?

Read More

Cramming For the Test

March 11, 2024

Were you the student who always crammed for your tests? Or were you the planner? How do you migitate risks that crammers bring to projects?

Read More

Elevate Your Software Project Management

Streamline and Organize Your Activities for Maximum Efficiency Today!

 call today
>