Executive sponsors of large-scale IT projects often don’t have visibility into the risks of their IT projects. Even some highly competent IT project managers and technical resources don’t have the background and tools to quantify business risks stemming from technical projects.
Sometimes, the only gauge executive sponsors have of their project’s health is a spreadsheet with hundreds of technical items categorized as High, Medium, or Low risk, without any indication as to what the business impact is.
Based on risk management best practices, EPI-USE Labs has developed a methodology to assess IT projects’ technical and business risks, identify the areas with the biggest potential business impact, and provide a roadmap to a healthy go-live. Most importantly, we’ve developed tools to communicate this information in a highly graphical, easy-to-digest format.
A two-hour executive walk-through following our assessments gives executive teams a firm understanding of the primary issues and clear visibility into the true state of their projects.
An inherent risk assessment allows us to recommend specific controls for the most risky areas of a project at the outset. It can also serve as a counterpoint to evaluate the risk benefit analysis of potential projects, and to provide context to the results of lower-level, per-module risk assessments. Our approach can quickly deliver a relatively accurate indication of inherent project risk. Results of the assessment are typically depicted in the form of a ‘radar chart’, in which the outer edges indicate the highest level of risk.
Above: Assessment ‘radar chart’ - outer edges indicate the highest level of risk.
Irrespective of the merit of a project at the outset or the degree of early-stage planning, failure can occur as a result of inadequate planning, or a lack of risk and readiness analysis, prior to go-live. Planning is especially necessary in the case of large, complex projects to ensure a successful outcome, or to trigger a postponement if that is the sensible course of action. We’ve often seen that project teams involved in all the intricate technical details can’t see the forest for the trees and benefit greatly from an external evaluation to put risks in perspective.
Our methodology comprises phases for planning, fieldwork, evaluation and reporting staffed by risk management and subject matter experts, relevant to the type of project.
The typical outcomes of an assessment are an independent:
The above graphic shows the current risk of one project area (red down), measured against technical and business dimensions and the risk potential if mitigations are put in place (green area).