|
Written by lotus
|
|
Saturday, 30 July 2005 |
|
Page 18 of 22
5.5 Risk Ranking Tools
There are any number of ways to rank risks. If a program or project is small
enough (or the risks sufficiently well know) then the risks can be ranked qualitatively
in a skull session among senior and knowledgeable staff members. For larger
programs, numerical models can be used, remembering that the results are not
absolutes. The numerical procedure presented here is derived almost in total
from techniques presented in recent and past publications of the Defense Systems
Management College.
Blanchard (Reference 3) includes the procedure with an extension to accommodate
weighting factors not used here. (The charts and formulas are also better presented
in Blanchard.)
Basically, the numerical ranking of a risk is calculated as:
Risk = Pf + Pc - Pf Pc
where Pf is the likelihood of occurrence determined from Table 1,
and Pc is the normalized consequences factor determined from Table 2.
Pf is calculated as the average of the values assigned for each column. Pf is
averaged only for applicable columns. Thus, if an item under review did not
include software, only three values will be assigned and the divisor will be
three.
Risk values are calculated for each risk and the results incorporated into
the risk matrix (Figure 1).
Figure 2 can also be used to display relative rankings while maintaining the
separate Pf and Pc values. There is no derivation of the curves in the figure.
The zones are simply notional to reflect general levels of concern. The curves
can be adjusted to suit individual preferences.
|
|
Last Updated ( Saturday, 08 April 2006 )
|
