Risk Management

"If you don’t succeed with risk management, you won’t succeed with project portfolio management."
Rebecca Rhoads,
Raytheon CIO

Iceberg has developed a risk management framework which is customized to meet each of our clients' unique requirements.  Risk management is applied within projects and programs, and over top of processes and procedures.
 

Identify - risks are identified, through asking questions and performing surveys.  Risks are then classified and categorized.

Quantify - risks are quantified using any number of factors, such as financial impact, scheduling delays, or customer satisfaction.  Risks can then priorized, based on probability and severity.

Course of Action - using Plan-Do-Check-Act, an iterative problem-solving process, a course of action is determined for each identified risk.  If the risk is low, it may be safely tolerated and no further action required.  If the risk can be mitigated through changes in policy, process or procedure, then an action plan for delivering those changes is developed.  If the risk cannot be effectively mitigated, it is transferred - either by ceasing to do the risky activity or by insuring the activity against a negative outcome.

Monitor - Once risk mitigation plans have been implemented, it is essential to establish integrated monitoring of the mitigation proceses.  Monitoring provides insight into the effectiveness of the mitigations and allows for changes or adjustments.

Optimize - Based on the results of monitoring, mitigation plans may be changed or adjusted.  Optimization instills continuous improvement into the process, ensuring continuing effectiveness of the risk management process.