 |
IncidentManagement |
 |
Experts |
 |
 |
 |
 |
 |
 |
 |
||
 |
Risk Management Program
Our Risk Management Plans (RMPs) presents the process for implementing proactive risk management as part of the overall management of the human services program. Risk management is a program management tool to assess and mitigate events that might adversely impact the program thereby increasing the likelihood of success. Our RMP's will:
 | Serve as a basis for identifying alternatives to achieve cost, schedule, and performance goals; |
| Assist in making decisions on budget and funding prioritiesl |
| Provide risk information for Milestone decisions; and |
| Allow monitoring the health of the program as it proceeds. |
Our RMP describes methods for identifying, analyzing, prioritizing, and tracking risk drivers; developing risk-handling plans; and planning for adequate resources to handle risk. It assigns specific responsibilities for the management of risk and prescribes the documenting, monitoring, and reporting processes to be followed.
General Approach
Risks must be well understood, and risk management approaches developed, before decision authorities can authorize a program to proceed either in state owned and operated facilities or in community settings.
Our programs use a centrally developed risk management strategy throughout the service process and decentralized risk planning, assessment, handling, and monitoring. Our risk management program is applicable to all agency functional areas.
Risk Management Strategy
The basic risk management strategy is intended to identify critical areas and risk events, both technical and non-technical, and take necessary action to handle them before they can become problems, causing serious cost, schedule, or performance impacts. Our programs make extensive use of modeling and simulation, technology demonstrations, and systems testing to handle risk.
Risk management is accomplished using an integrated IPT organization. These IPTs use a structured assessment approach to identify and analyze those processes that are critical to meeting the program objectives. They will then develop risk-handling options to mitigate the risks and monitor the effectiveness of the selected handling options. Key to the success of the risk management effort is the identification of the resources required to implement the developed risk-handling options.
Risk information is captured by the IPTs in a risk management information system (RMIS) using our standard Risk Information Form (RIF). The RMIS will provide standard reports, and is capable of preparing ad hoc tailored reports.
Risk information will be included in all program reviews, and as new information becomes available, we will conduct additional reviews to ascertain if new risks exist. The goal is to be continuously looking to the future for areas that may severely impact the program.
Organization
The risk organization for your agency is not a separate organization, but rather our organization is integrated into the program’s existing organization and clearly delineates risk relationships among members of the program team.
Schedule Risk
System risks are those associated with the adequacy of the time estimated and allocated for the development, production, and fielding of the system. Two risk areas bearing on schedule risk are (1) the risk that the schedule estimates and objectives are realistic and reasonable and (2) the risk that program execution will fall short of the schedule objectives as a result of failure to mitigate risks.
Risk Ratings
This is a value that is given to a risk event (or the program overall) based on the analysis of the likelihood/probability and consequences of the event. For the agency program, risk ratings of Low, Moderate, or High will be assigned based on the following criteria. (When rating process variance from best practices, there is no rating of likelihood/probability, rather the level would be a measure of the variance from best practices)
| Low Risk: Has little or no potential for increase in cost, disruption of schedule, or degradation of performance. Actions within the scope of the planned program and normal management attention should result in controlling acceptable risk. |
| Moderate Risk: May cause some increase in cost, disruption of schedule, or degradation of performance. Special action and management attention may be required to control acceptable risk. |
| High Risk: Likely to cause significant increase in cost, disruption of schedule, or degradation of performance. Significant additional action and high priority management attention will be required to control acceptable risk. |
Independent Risk Assessor
Our independent risk assessor is a person who is not in the agency management chain or directly involved in performing the tasks being assessed. Use of independent risk assessors is a valid technique to ensure that all risk areas are identified and that the consequence and likelihood/probability (or process variance) are properly understood. The technique can be used at different program levels, e.g., Program Office, Service Field Activities, Providers, etc. The agency head will approve the use of independent assessors, as needed.
Metrics
There are measures used to indicate progress or achievement.
Critical Program Attributes
Critical Program Attributes are performance, cost, and schedule properties or values that are vital to the success of the program. They are derived from various sources, such as the facility budget, Key Performance Parameters, the judgment of program experts, etc. The agency may track these attributes to determine the progress in achieving the final required value.