Risk and Risk Mitigation - Don't Be a Spectator
Abstract
As I have watched programs come through for Milestone Decisions and other reviews, I have gained the impression that our processes for risk management may have focused too much on the process and not enough on the substance of identifying and controlling risk. I think I may be seeing risk identification categorization in the risk matrix showing likelihood and consequence and with risk burn-down schedules tied to program events. From my perspective, this by itself isn t risk management; it is risk watching. We need to do what we can to manage and control risk, not just observe it. All programs, but particularly all development programs, involve risk. There is risk in doing anything for the first time, and all new product developments involve doing something for the first time. The Department of Defense (DoD) has a good tool that lays out in detail the process of identifying, evaluating, categorizing and planning for risk in programs. Recently updated to version 7.0 by our Chief Systems Engineer Dr. Steve Welby, it is called the Department of Defense Risk Management Guide for Defense Acquisition Programs and is available online at https://acc.dau. mil/rm-guidebook. I don t want to duplicate that material here, but I would like to make some comments on the substance of risk identification and risk mitigation and how it drives or should drive program structure and content.
Document Details
- Document Type
- Technical Report
- Publication Date
- Feb 01, 2015
- Accession Number
- ADA620330
Entities
People
- Frank Kendall
Organizations
- Defense Acquisition University