“Without it [risk management], portfolio management is just a way to organise the view of projects that will certainly fail” – Scott Berinato in CIO July, 2003.
Portfolio risk management is important; if we characterize an organization's projects as an interrelated portfolio of investments then we need a corresponding portfolio risk management process. This has been borne out by various studies, such as the Standish Group’s CHAOS Report, which highlight a persistent trend of high project failure rates.
Over the course of my career I have come across many ineffective portfolio risk management approaches. The most common problem is that risk management at the portfolio level simply duplicates what is being done at the project and program level. By this I mean that the Portfolio Board or Governance Committee reviews a consolidated list of risks (and their treatments) which have already been reviewed by Project and Program Steering Committees, and which are being managed at that delivery level. This is generally wasted effort because it rarely adds value. More importantly, it is a missed opportunity for the organisation to leverage the advantages and value that a portfolio perspective can bring.
Here is an example to illustrate the point. Imagine we are reviewing a consolidated list of project and program risks as members of a Portfolio Board. Very sensibly we focus our attention on risks that have the potential to derail projects that either have the highest spend or from which the greatest benefits are expected to be derived. However, it may be that the greatest threat to these projects comes not from these risks but from risks impacting other projects upon which they have a logical dependency. Or it could be that the combined impact of risks impacting a cluster of lower credentialed inter-dependent projects is more significant in terms of value at risk. We are failing to incorporate into our risk management approach the view of inter-project dependencies that a portfolio perspective can provide. We are running blind and taking a sizable gamble.
Applying a threshold – e.g., only “catastrophic” and “very high” risks are reviewed by the Portfolio Board – is worse still as this is likely to further obscure the significance of inter-dependencies.
In my opinion, portfolio risk management primarily needs to focus on 3 areas:
- Investment at risk
- Common risks, and
- Domino risks.
Investment at riskInvestment at risk is a measure of the number of projects or the dollar value of projects by risk level. Figure 1 provides a graphical depiction of this using a Red-Amber-Green scheme for risk level.
Common risksCommon risks are categories of risk that occur most frequently across the portfolio. Figure 2 provides a graphical depiction highlighting the incidence of red ratings by category.
Domino risksDomino risks are risks that, due to dependency relationships, may have a flow on impact across multiple projects. The things to look for here are:
- Measuring aggregate value – i.e., the aggregate value, in terms of costs and benefits, of clusters of interdependent projects could be more significant than even the highest priority projects and attention should be focused accordingly
- Identifying portfolio breakpoints – i.e., projects with the highest number of dependencies with other projects need the most attention because they may take down a significant number of other projects if they fail.
Figure 3 highlights how our priority focus for risk management might change when we incorporate a view of the aggregate value of clusters of interdependent projects.
Key portfolio risk management themesThe key takeout here is that portfolio risk management is about identifying threats to overall portfolio performance and benefits. It complements and uses as an input the risk management activity that is undertaken at the project level. But it needs to mine that information and look for patterns that have portfolio level significance.
Build your portfolio management capability cost effectively with this exceptional resource.
Register NOW at www.udemy.com/project-portfolio-management-essentials.