Risk management in agile vs. waterfall slightly differs from each other. While agile accepts a lean way in risk management , waterfall adopt a traditional approach to manage it. A risk is an uncertain or unknown event that can occur any time during project execution and has either a positive or negative impact. So it should be constantly monitored and controlled in both agile and waterfall projects for it to be successful. So Risk Management is always a crucial part of Project Management , as it aims to attract an opportunity that has positive impact and decrease the probability of threat that has negative impact to project.
More opportunities with less threat signify a stable project in term of scope, time, Cost and quality. Risk can be of 2 categories Known and Unknown for both traditional and agile way. Let us discuss closely on Project Risk management agile vs. Waterfall.
Risk Management in Agile
Now let us have a close look on managing risks in an iterative model. Risk management in agile are shared equally across self empowered agile team and is addressed at various layers, as mentioned below.
# 1 During daily stand up
Daily stand up is a recurrent activity on every day in agile framework for a short time as 15 minutes. Team member identifies their dependencies and discuss on possible causes in failing to achieving sprint goals. These daily short conversation aims at addressing mostly on known risks and dependency early. So risk management in agile becomes faster and easier to address as soon it is known. Scrum master plays an important role for helping team in resolving these risks.
# 2 During Sprint Planning meeting
Every sprint starts with a sprint planning meeting. This meeting focuses on clarifying , tasking and estimating granular independent work activities called as stories. An effective sprint planning always plans for dependencies, issues , build and deployment plan and test strategy and so mitigate any risk identified during the short duration. So risk management in agile becomes easier for delivery team.
# 3 During retrospective meeting
This ceremony holds its beauty in adopting introspection and defining ideal action items for mitigating threats to a successful projects by scrum master , development teams and product management teams.
# 4 During Sprint development
Risk management in agile happens throughout the sprint development. Unlike waterfall in agile the change control board role is played by development team, scrum master and product owner. Since the development always happens incrementally in a very short cycle called sprint there are great chances in addressing it quickly.
Risk Management in Waterfall
Risk management for waterfall holds a very descriptive and robust process. Lets us discuss few risk management processes.
# 1 Plan for both known and unknown risk
The first step is planning for both known and unknown risks in advance. It means planning and managing risks on the basis of Priority and Impact (Probability and Impact Matrix) analysis. It’s basically conducted at the time of Project planning. Risk planning follow following steps.
- Define tools and method used for risk management.
- Define roles and responsibility of Risk Management Teams.
- Look on budgeting for risk management.
- Define the threshold time frame for the risk to be resolved.
- Define RISK Categories and prepare Risk breakdown structure.
- Prioritize Risk by probability and Impact analysis.
- Find out stake holder risk tolerance.
# 2 Identify a Risk: By following methods.
- Brainstorming , Delphi and SWOT Analysis
- Checklist and Assumption Analysis
- Process flow chart and Cause and Effect Diagram ( Root Cause , Fish bone analysis)
# 3 Making an analysis – Qualitative and Quantitative
- Probability & Impact Matrix
- Categorization method.
- Probability Distribution
- Expert Judgment
- Sensitive Analysis
- EMV Analysis( Expected Monetary Value)
- Decision Tree Analysis
- Simulating the risk to mitigate plan
# 4 Plan for Risk Response and mitigation
- Avoid-Transfer-Mitigate negative Risks
- Exploit-Share-Enhance Positive Risks
And finally continuing monitoring and controlling Risks.