AI-Powered Supplier Relationship Evaluation – Alliansis

Menu

Avoid Costly Surprises: Reduce Risk in B2B Tech Engagements

Man gets unpleasant surprise as he walks off a cliff, his vision blinded by not looking

Table of Contents

What is a Risk Breakdown Structure (RBS)?

To avoid issues in an IT engagement, effectively identifying and mitigating risks is not just a luxury; it’s a necessity. One useful tool that has proven itself in managing risks systematically is the Risk Breakdown Structure (RBS). The PMI (Project Management Institute) paper Use a risk breakdown structure (RBS) to understand your risks covers this topic in depth from a project management perspective in depth.

An RBS is a hierarchical model of the identified project risks organized by risk category. It facilitates the detailed examination of various risk categories and helps in maintaining a comprehensive list of risks that can be referred to throughout the project’s life cycle.

Key Components of an RBS

A well-constructed RBS for an IT project generally covers four broad categories:

  1. Technical Risks: These are associated with the technology utilized in the project. This could include risks related to design, performance, reliability, security, and technology maturity. For instance, there could be potential risks in the reliability of a new software or the security protocols in place.
  2. Management Risks: These are associated with project management. Subcategories might cover estimation accuracy, control effectiveness, communication efficiency, quality assurance, and dependencies on external parties. A common example would be the accuracy of time and cost estimates, which often prove to be overly positive!.
  3. Organizational Risks: These relate to the project environment within the organization. Topics such as resource availability, stakeholder stability, and legal issues fall under this category. For example, changes in an organization’s executive leadership, especially if the project champion is one of them, could potentially impact a project’s strategy or resources.
  4. External Risks: These are risks from the external environment beyond the organization’s control. Market stability, regulatory changes, the economic climate, and dependency on third parties can be sources of external risks. For instance, a sudden change in data protection regulations could impact an IT project’s compliance requirements.

Reducing Negative Events

By systematically mapping out possible risks and placing them within a clear, logical structure, an RBS provides several key benefits that can greatly reduce the likelihood of negative events during an IT project:

  1. Risk Identification: An RBS encourages a comprehensive and systematic approach to identifying risks, reducing the chances of overlooking significant areas.
  2. Response Planning: By identifying the sources and categories of risks, an RBS can help project teams assess the potential impact and likelihood of individual risks more effectively, leading to more targeted and effective risk response strategies.
  3. Risk Communication: A well-organized RBS can improve communication about risks within the project team and with stakeholders. All stakeholders (at both client and supplier) can see what risks have been identified and understand their nature and category.
  4. Risk Monitoring: The RBS serves as a single source of truth that can be continually updated and referenced throughout the project’s lifecycle, allowing for ongoing risk monitoring and management.

Is It Difficult to Create?

With all its benefits, is creating a Risk Breakdown Structure (RBS) a challenging task? The answer largely depends on the complexity of your project and the experience level of your team. However, with a structured approach and involvement from both parties (client & IT vendor), creating an RBS is achievable and worth the effort.

Here are a few steps to guide you through the process:

  1. Define Risk Categories: Start by defining the main risk categories relevant to the IT project. As mentioned above, these typically include technical, management, organizational, and external risks.
  2. Identify Subcategories: Break down each main category into subcategories. For example, under technical risks, you might include design risks, performance risks, reliability risks, etc.
  3. Brainstorm Potential Risks: Next, gather a team with involvement from both client and supplier for a brainstorming session. Each subcategory should be discussed, and potential risks identified. Encourage team members from different departments to contribute, ensuring diverse perspectives.
  4. Structure Your RBS: After identifying potential risks, organize them under their corresponding categories and subcategories in a hierarchical structure. This can be done using a simple spreadsheet.
  5. Update Regularly: Remember that an RBS is a living document. As your project progresses, new risks might emerge while others may become obsolete. Thus, regular updates are crucial to keep your RBS relevant.

Summary

In summary, while creating an RBS requires some effort and involvement from team members, it is not an overly difficult task. The insights gained and the potential negative events mitigated make the creation of an RBS an useful investment for successful IT project management.

Click here for an article on a tailored approach to evaluating IT vendor projects

Hillson, D. (2002). Use a risk breakdown structure (RBS) to understand your risks. Paper presented at Project Management Institute Annual Seminars & Symposium, San Antonio, TX. Newtown Square, PA: Project Management Institute.