Facilitating the Spread of Knowledge and Innovation in Professional Software Development

Write for InfoQ


Choose your language

InfoQ Homepage News Visual Risk Management

Visual Risk Management

This item in japanese

Irrespective of the size of the project, stakeholders feel confident when they can a keep track of the risks and their mitigation strategies. Agile heavily promotes the use of information radiators. Keeping in line with the philosophy of radiators, Agilists suggested different ways of depicting risks visually for easy tracking and mitigation.

Denis suggested that one of the best ways to visually represent risk is to use a Risk Heat Map. In this map, vertical axis represents the probability of a given risk occurring. Horizontal axis depicts the impact that the risk will have on the project or program should it materialize.

Risk Heat Map

According to Denis,

One of the benefits of this method of displaying risks is that it’s easy to see how risky the program or project is. If all the risks are clustered in the top right of the diagram then clearly your managing a very risky program or project.

Likewise, Mike Griffiths suggested that risks could be visually tracked using the Risk Profile Graphs. Risks in the risk profile graphs are stacked on top of each other on the basis of their risk severity.

Risk Severity = Risk Probability X Risk Impact.

Risk Profile Graph

The risk severity scores for each risk are plotted one on top of another to give a cumulative severity profile of the project. When risks and their history of severities are displayed like this it is much easier to interpret the overall risk status of the project.

Mike Cohn suggested the use of a Risk Burndown Chart. A pre-requisite for this technique is the calculation of risk census. The census is merely a list of a project’s top risks along with the probability of the risk occurring and the size of the loss that would occur if it did. Mike suggested that the projects should use the top ten risks of the project for the purpose of census.

As an example, suppose a risk has a probability of 20% and if the risk materializes then the number of days lost are 15. Then the risk exposure if 20% of 15 which is 3 days. The risk burndown chart is then created by plotting the sum of the risk exposure values from the census chart.

Risk Burndown

Ideally, with each passing iteration, the cumulative risk should come down. If it is not coming down then there is a need to allocate some dedicated time in the sprint to focus on mitigating the risk.

Hence, though visually depicting risk might not seem as important as the story burndown chart, but it is equally important. As Mike Griffiths mentioned,

Tracking the reduction of project risks is a metric that is useful on projects, it is not a core metric like features delivered, but one we are actively trying to control and relevant to the goal of delivering successful projects.

Rate this Article