Risk Management II – Benefits of Risk Management Program

The earlier article on Risk Management is Risk Management I – A proactive approach to resolve future root causes and their potential consequences.

Purpose of a Risk Management Plan
Risk management program helps the organization to deal with potential occurrences.  It defines the approach and attitude towards risks. This program helps in
  1. identifying what are those risks the organization is ready to accept.
  2. The plan to deal with those unacceptable risks
  3. defines the main requirements of risk mitigation plan.
 The risk Management program helps the organization in the following ways:
  • To identify risks and prepare an action plan to deal with the risk
  • To reduce occurences and impacts of risk
  • To understand significance/severity of risks
  • To promote organizational behaviors focused on risk management
  • To increase effectiveness of product and service delivery to customer
  • Create a process for who, what, when, where, how and how much.
  • Maintain information on historic issues.
  • Capitalize on historic issues to prevent future issues.
  • Bring out hidden risk knowledge, so it can be managed.

Benifits of Risk Management Program

  • Encourage proactive management
  • Be aware of the need to identify and treat risk throughout the organization
  • Improve the identification of threats
  • Comply with relevant legal and regulatory requirements and international norms
  • Improve financial reporting and governance
  • Improve stakeholder confidence and trust
  • Establish a reliable basis for decision-making and planning
  • Improve organizational controls
  • Effectively divide and use resources for risk treatment / handling
  • Improve operational effectiveness and efficiency;
  • Cost of risk management is typically less than the cost of issue management
  • Enhance health and safety performance
  • Enhance environmental protection
  • Minimize losses and improve loss prevention
  • Minimize the cost and efforts in managing incidents
  • Improve organizational learning and resilience
  • Increase the likelihood of achieving goals

The most important benefit of the risk mitigation program is that it gives the organization a future visibility. It deals with future events and not manage the current issues. The organization will be ready to face the realization of the risk. This gives a state of readiness against the potential consequences

Please share this on Facebook. if you like this blog, like us on https://www.facebook.com/excellencementor

Originally posted 2013-10-27 17:48:00.

Risk Management I – A proactive approach to resolve future root causes and their potential consequences.

Risk Management gives the visibility on the future root causes, their consequences and ways to reduce the impact of the potential negative effects of these future root causes.  The underlined words “Future” and “potential” here indicate, it is a futuristic strategy of the organization. Risk Management can be applied at all levels of the organization. It can be applied at project, level, unit level or at organization level.
Risk Management is not a mandatory process required for ISO 9001. However, this is a Mandatory process as per AS 9100 and, a Maturity level 2 (ML2) process area for CMMI. Even though the requirements of both AS 9100 and CMMI are similar, there are subtle differences between these two.

To discuss more on the Risk Management (RSKM) we will start with few definitions.

What is Risk?
Risk is an undesirable situation or circumstance that has both a likelihood of occurring and a potentially negative consequence.
This is possible at every stage of Production or Service Provision, right from the contract development stage till Post Sales. The potential negative consequence chiefly rely on the Quality, Schedule or Cost. Whatever effort you put in, the process at every stage has some possible slippage (Remember Murphy). The Organization shall look at identifying and mitigating the effects of these likely slippage, at all Levels.

What is risk management?. Why is it needed?
Risk Management is an iterative process to identify, assess, reduce, accept, and control risks in a systematic, proactive, comprehensive and cost-effective way, taking into account the business, costs, technical, quality and schedule programmatic constraints.
Risk Management is needed to reduce the chances of potential negative result of a likely event on the business. This involves a focus on the risks to meeting customer requirements, and preventing product non conformance escapes.   The absence of a Risk Management program can result in known, unknown, and unknowable /unforeseen problems for the Customer and Stakeholders about the cost, schedule, and technical performance of programs and about the quality and on-delivery performance of products and services.

In the Second Part, we will discuss the benefits of a Risk management program.
Please share this on Facebook. if you like this blog, like us on https://www.facebook.com/excellencementor

Originally posted 2013-10-13 05:22:00.

CMMI Service Model – Process Areas by Maturity Levels

There are a total of 24 process areas to defined in the CMMI Service Model. This model is also called as CMMI-SVC. These are divided into 4 groups by Maturity Level. Even though there are 5 Maturity levels, there is none defined for Level 1. The maturity levels Start only from Level 2. For an organization to achieve a specific maturity level, it must be practicing all the practices defined for each of the process area defined for the specific Level.  Level 4 & 5 are called as High Maturity Process Areas. I will discuss each of the process areas in my later posts. As the Maturity Level increases, the practices required to be implemented increases. Please note that a higher level includes all the process areas listed in the Previous level.

Now Let us list the process areas, along with their common acronym Used.

Level 1 – Initial
Level -2 – Managed

  1. Configuration Management (CM) 
  2. Measurement and Analysis (MA)
  3. Process and Product Quality Assurance (PPQA)
  4. Requirements Management (REQM)
  5. Supplier Agreement Management (SAM) – This PA is optional
  6. Service Delivery (SD)
  7. Work Monitoring and Control (WMC)
  8. Work Planning (WP)
Level -3 -Defined
  1. Capacity and Availability Management (CAM)
  2. Decision Analysis and Resolution (DAR)
  3. Incident Resolution and Prevention (IRP)
  4. Integrated Work Management (IWM)
  5. Organizational Process Definition (OPD)
  6. Organizational Process Focus (OPF
  7. Organizational Training (OT)
  8. Risk Management (RSKM)
  9. Service Continuity (SCON)
  10. Service System Development (SSD)
  11. Service System Transition (SST)
  12. Strategic Service Management (STSM)
Level – 4- Quantitatively Managed
  1. Organizational Process Performance (OPP)
  2. Quantitative Work Management (QWM)
Level – 5 Optimizing
  1. Causal Analysis and Resolution (CAR)
  2. Organizational Performance Management (OPM)
We will discuss various components subsequently
Please share this on facebook. if you like this blog, like us on https://www.facebook.com/excellencementor

Originally posted 2013-08-25 20:13:00.

Capability and Maturity Model (CMMI) – Levels

Capability and Maturity Model is initially developed for department of Defense. The main focus of CMMI is to make sure that constant integration of Systems and Software. According to Software Engineering Institute, there are 5 levels of maturity in the Capability and Maturity Model. There is a clear distinction between the Capability and Maturity. the method of assessment differs for Capability assessment and Maturity assessment
The Maturity levels are
1. initial – Process Ineffective, Poorly controlled and Highly Reactive.
2. Managed – Process Characterized for Projects and often Reactive
3. Defined – Process Characterized for organization and is proactive. (Projects tailor the organizational process to the project needs)
4. Quantitatively Managed – Process Measured and Controlled.
5. Optimizing – Focus on Process Improvement.
From Maturity Level 2 and above, there are a set of process Areas which the organization is expected to carry out. we will discuss these in the subsequent posts.

Level 4 and 5 are called as High maturity processes where data based decision-making plays a vital role

Please share this on Facebook. if you like this blog, like us on https://www.facebook.com/excellencementor

Originally posted 2013-08-24 03:45:00.