\n

\n Assignment #3: Risk Management Plan\n <\/p>\n

\n As a team develop a Risk Break Down Structure (RBS) and develop a detailed Risk Management Plan for ACME a large US accounting firm. In preparation for your risk management plan, you need to align to a specific framework, \u00a0(in which case you will need to provide APA reference).\u00a0 Please refrain from explaining what risk breakdown structure is and instead apply the framework to the case.\n <\/p>\n

\n 3 4 pages\n <\/p>\n<\/div>\n

Assignment #3: Risk Management Plan As a team develop a Risk Break Down Structure (RBS) and develop a detailed Risk Management Plan for ACME a large US accounting firm. In preparation for your risk ma
\nPage 5 of 19 Risk Management Plan \u2013 ACME Accounting\u00a0 \u00a0 Table of Contents Executive Summary 3 Purpose 4 Risk Management Strategy 4 Risk Identification 5 Risk Responsibilities 10 Risk Assessment 11 Risk Response Strategies 16 Risk Contingency Planning 17 Tracking & Reporting 17 References 19 Executive Summary As a continuation of the Project Management Plan for ACME\u2019s Software System Upgrade; the UCW Project Management team has compiled a Risk Management Plan. This plan establishes the strategy in which Software System Upgrade risks are determined and handled. The plan includes identifying, analyzing, management, and ownership of the project\u2019s risks. Applying proven Risk Management techniques including a Risk Breakdown Structure and a Quantitative and Qualitative Analysis has determined the projects major risks to be: System outage Data migration gaps New wave of Covid outbreak (staff\u2019s health complications) Management team decides to lower this project\u2019s priority Management team decides to reallocate funds to another project Lack of training to use the new system LA office staying behind schedule due to older version Poor implementation of key milestones Assessment of these risks has concluded these risks may have a significant impact and likelihood to occur and will require risk controls. These risk controls are a part of the Risk Response Strategy and will include contingency plans as well as tracking and monitoring. These risks along with all identified risks and yet to be reported risks will be included into the risk register. This document will be owned by Brent Vansickle of the UCW team, he will fulfill the role of the Risk Management lead and will assign ownership of all significant risks and others that arise afterwards. Change management and risk culture ensure trust in the risk management system and regular review of the risk register with the project team will emphasize the ongoing requirement of a successful Risk Management Plan. Purpose Events or conditions that affect ACME\u2019s Software System Upgrade Project either positively or negatively are called risks. The process of Risk Management includes identifying, assessing, responding to, monitoring, and reporting risks. Creating a Risk Management Plan outlines how this project\u2019s risks will be identified, analyzed, and managed. The strategy will be integrated into the project plan and include how the risk management activities are to be performed, recorded, and monitored as the project advances through its lifecycle as well as determine the visibility of the risk management in action. The risk management plan includes templates and practices for recording and prioritizing risks (CDC, 2022). The UCW Project Management Team has developed this Risk Management Plan during the Planning Phase of the Software System Upgrade project. This plan will be considered a modifiable document to be monitored and updated throughout the project to improve and adapt as required. Although this plan may involve many of ACME\u2019s personnel, the intended audience of this document is the project team, project sponsor, and management (CDC, 2022) Risk Management Strategy Project Management involves coordinating teamwork; the Risk Management Strategy is no different. The UCW Project Management Team, along with the project\u2019s team, and project sponsors will assert that risks are actively identified, analyzed, and managed. This strategy encompasses the whole lifecycle of the project from planning to completion. Early identification of risks will allow for appropriate actions minimizing their impact and severity. Using risk management practices and tools provided in this plan and other accepted standard practices will serve as templates for sound strategy and decision making. Risk Identification Risk identification analyzes the project to identify sources of risk, the following page uses the Risk Breakdown Structure which divides the project into 5 categories and further identifies their associated risks. There are many options to assist in risk identification, the important steps beyond this initial plan are the diligent reporting, trending, and tracking of known and new risks as the project is underway. Risk Breakdown Structure (RBS) Overview Unauthorized access to confidential data Lack of training Non acceptance of delivered project Unrealistic expectations Incomplete requirements Poorly defined requirements Poor implementation of key milestones Mismanagement of project funds Inaccurate budget estimates Ineffective communication with stakeholders Organizational procurement obstacles Mgmt team decides to reallocate funds Mgmt team decides to lower priority Loss of Data Weather related risks Software supplier discontinuous X version of the software Software supplier stops technical support Change in system regulations New wave of COVID outbreak L.A. office behind schedule due to older version System outage Data migration gaps Poor training of personnel Sensitive Information Leak Customer Project Management Project Organizational WWIII External Technical Use of non-standard technology Detailed Risk Breakdown Structure Risk Breakdown Structure Level 1 Risk Breakdown Structure Level 2 Risk Breakdown Structure Level 3 Description Project Risk Technical Risk Sensitive information leak Leaking confidential data of the customers of ACME, such as their accounting information, would result in legal charges, especially when unauthorized parties access data. Poor training of Personnel Poor training of ACME staff in using the new system in their business practices would lead to customer dissatisfaction. Data migration gaps Migrating data to another system might lead to gaps, thus leading to loss of essential information that would be helpful to ACME’s project. System outage System outages such as provider problems, server-specific problems, upgrades, and maintenance might affect the smooth functioning, thus leading to delays or loss of data. LA. office staying behind schedule due to older version Using outdated technology would increase the risk of the project’s failure. External Risk WWIII The ongoing Russian invasion of Ukraine could potentially lead to WWIII, thus affecting the management accounting practices of ACME. The new wave of Covid outbreak COVID-19 jeopardizes the health of ACME\u2019s staff and might lead to complications. Change in system regulations Failing to recognize changes in the legal environment might lead to legal compliance issues. Software supplier stops technical support. This would increase the risk of delays and delivery of poor-quality projects. Software supplier discontinues X version of the software This would increase the risk of poor outcomes. Weather-related risks Extreme weather conditions such as flooding, earthquakes, ad hurricanes might interfere with the infrastructure of ACME. Organizational Risk Loss of data Losing essential customer data or project data would lead to legal charges or delays and poor-quality project outcomes, respectively. The management team decides to lower this project’s priority Neglecting the project would ultimately lead to its failure because the necessary people and resources needed to make the project a success would not be appropriately allocated. The management team decides to reallocate funds to another project This would lead to ACME’s project failure because financial support would be cut short hence leading to a strain on resources. Organizational procurement obstacles Procurement obstacles such as having unclear requirements and specifications and enabling poor quality for reduced costs would risk the success of a project. Ineffective communication with stakeholders Porreca (2017) asserted that if project managers fail to communicate with the project’s stakeholders, there would be a tremendous inconsistency in the expectation that would affect the project’s outcome. Similarly, ineffective communication with ACME’s project’s stakeholders would cause dissatisfaction. Project Management Risk Inaccurate budget estimates According to Lucker (2019), when there is an underestimation or overestimation of a project’s budget, the profit is also often overstated or understated respectively. Similarly, inaccurate budget estimates of the ACME project would lead to an inadequate allocation of resources, thus negatively influencing the project’s productivity. Mismanagement of project funds An improper allocation of project funds through the unequal distribution of funds, overfunding certain aspects of the project, or allocating fewer funds to a project would ultimately lead to project failure. Poor implementation of key milestones Missing a milestone in a significant project could be detrimental to the success because there would be a poor transition to the next milestone. This would eventually lead to poor-quality projects or project failure. Henceforth if ACME poorly implements vital milestones, the project is at the risk of failing. Poorly defined requirements When a project’s requirements are not defined upfront, incomplete, or poor quality will increase the risk of project failure. Incomplete requirements Customer Risk Unrealistic expectations Customers with unrealistic expectations would constantly make impossible or difficult requests beyond the parameters that ACME can offer. This would increase the risks of employee frustration and reduced productivity in the organization since such clients are often never satisfied. Non acceptance of delivered project due to unmet quality standards Poor quality of the final project or failure to meet the requirements and standards of customers would lead to risk their relationship and loyalty with their trusted clients and customers. Lack of training to use the new system Poor training of ACME staff in using the new system in their business practices would lead to undesirable results and shortcomings in serving customers and consequently unsatisfaction of customers. Unauthorized access to confidential data When unauthorized parties access confidential data of the customers of ACME, such as their accounting information, this could result in legal charges, loss of credibility, a reduction in market share, and a bad reputation (Hau, 2003). Use of non-standard technology Non-standard technology or outdated technology could exacerbate current ACME compliance risks that the organization is unaware of, thus leading to regulatory and legal compliance risks (Ancell, 2021). Risk Responsibilities Risk Management responsibility will be placed onto the whole team: project managers, project team, sponsors, and individuals with direct influence on the success of risk controls. The higher the significance, impact, likelihood, or scope a risk poses, will determine the required authority levels for decision making. The UCW Team has identified team member Brent Vansickle as Risk Management Lead, he will champion the Risk Management Plan and required support. Brent will maintain the risk register and review as a standing agenda item during project team meetings. Although this plan implies and will hold responsibilities to certain parties, Change Management techniques as well as controlling the visibility of risk management will empower all employees to have a personal and professional stake in the success of this project. Risk Assessment Risks will be assessed based on their severity of impact, the likelihood of occurring, and controllability. The first model employs the Scenario Analysis followed by the Failure Mode and Affects Model. The resulting findings will identify the current high-risk items facing the Software System Upgrade Project. The highlighted items are risks the models have identified as more significant. Qualitative Risk Analysis using Scenario Analysis Risks Probability of risk occurring Possible Outcomes Probability of each outcome Technical System outage High Elevated costs High Delay in processes High Business operations affected Medium Loss in business revenues Medium Data migration gaps Medium Loss of valuable information High Business operations affected High Loss in business revenues High Personnel not properly trained Low Low level of performance High L.A. office staying behind schedule due to older version Medium Delay in other key milestones Medium Longer implementation period Medium Sensitive information leak Low Damaged reputation Medium Damage in business Medium External New wave of Covid outbreak (staff\u2019s health complications) High Delay in implementation period Medium Need for extra employees High Higher project costs Medium Weather related risks (hurricanes, earthquakes, flooding) Low Loss in infrastructure High Higher project costs High WWIII Medium Interruption of project activities High Loss in infrastructure High Higher project costs High Change in system regulations Medium Noncompliance Medium Legal consequences Medium Software supplier discontinues X version of software Low Inability to continue implementation High Software supplier stops technical support Low Poor quality deliverables Medium Organizational Management team decides to lower this project\u2019s priority Medium Scarce human resources High Scarce monetary resources High Management team decides to reallocate funds to another project Medium Failure in implementation High Organizational procurement obstacles Medium Delay in implementation period High Loss of data Low Legal charges Medium Delay in implementation High Poor quality deliverables Medium Ineffective communication with stakeholders Low Inconsistency in expectations High Project Management Mismanagement of project funds Low Project failure High Damaged reputation High Inaccurate budget estimates Medium Need for additional funding High Damaged client-provider relationship Medium Poor implementation of key milestones Medium Delay in dependent tasks Medium Poorly defined requirements Low Dissatisfied customer Medium Poor quality deliverables High Incomplete requirements Low Dissatisfied customer Medium Project failure Medium Customer Lack of training to use the new system High Dissatisfied customer High Inefficient use of the new system High Not acceptance of delivered project due to unmet quality standards Low Loss of a customer Medium Damaged reputation High Additional work High Unrealistic expectations Medium Increase employee frustration High Reduced productivity High Unauthorized access to confidential data Low Loss of credibility Medium Loss of market share Medium Use of non-standard technology Low Noncompliance Medium Quantitative Risk Analysis using Failure Mode and Effects Analysis (FMEA) Failure Severity Likelihood Detection RPN Technical Risk Sensitive information leak 140 Poor training of Personnel 252 Data migration gaps 168 System outage 336 LA office staying behind schedule due to older version 315 External Risk WWIII 72 The new wave of Covid outbreak 140 Change in system regulations 147 Software supplier stops technical support. 192 Software supplier discontinues X version of the software 168 Weather-related risks 84 Organizational Risk Loss of data 196 The management team decides to lower this project’s priority 252 The management team decides to reallocate funds to another project 210 Organizational procurement obstacles 140 Ineffective communication with stakeholders 126 Project Management Inaccurate budget estimates 224 Mismanagement of project funds 144 Poor implementation of key milestones 245 Poorly defined requirements 168 Incomplete requirements 192 Customer Risk Unrealistic expectations 224 Non acceptance of delivered project due to unmet quality standards 252 Lack of training to use the new system 192 Unauthorized access to confidential data 168 Risk Response Strategies Risk Response strategies develop a plan to reduce or eliminate possible damage and develop contingency plans. The actions decided are agreed upon by the team and would include any specialist recommendations, expert judgment, established best practices, and predictive modeling. The Risk Assessment has identified major risks of the Software System Upgrade Project. Each major risk will be assigned to an owner to prevent it from being neglected or forgotten. The Risk Management Lead will require regular updates for the risk register. There are four ways to approach a risk (CDC, 2022): Avoid \u2013 eliminate the threat by eliminating the cause Mitigate \u2013 Identify ways to reduce the probability or the impact of the risk Accept \u2013 Nothing will be done Transfer \u2013 Make another party responsible for the risk (buy insurance, outsourcing, etc.) The risks that cannot be avoided must fall to one of the other 3 options. Risks like WWIII must be accepted or transferred with the purchase of insurance. While the risk of a COVID outbreak can be mitigated against by following masking and social distancing practices. Offering employees health coverage and purchasing insurance with pandemic coverages can help with financial concerns related to a actual outbreak. Some risks may have layers of protection and others like \u2018Management team decides to lower this project\u2019s priority\u2019 or \u2018Management team decides to reallocate funds to another project\u2019 will have to be accepted if they occur. Regardless of the risk or course of action outlined, each major risk will be reviewed regularly in the risk register and subjected to analysis and attempted to be minimized in impact or probability. Risk Contingency Planning It is important to consider the risk appetite of the Software System Upgrade Project, which is low to moderate. Contingency planning involves implementing a \u2018plan b\u2019 or beyond. Contingency plans are not a part of the initial implementation plan and as such can only be initiated after a risk is recognized. This required flexibility should be identified early with appropriate risk monitoring, controlling, and reporting ideally leading to limited surprises or interruptions to the Project Plan. Major risks like \u2018System outages\u2019 and \u2018data migration gaps\u2019 are likely candidates for contingency planning. Testing the software, hardware, and soft launches will act as mitigation steps for \u2018system outages but access to other ACME office servers will act as a contingency plan while the outage is addressed. Regular data backups and relationship management with the developer and IT specialists will address concerns over data migration but authorizing overtime and accessing the developer\u2019s own specialists will act as contingency plans for the \u2018data migration gaps.\u2019 The Project Plan does include built-in time and budget buffers allowing for unforeseen circumstances allowing for temporary setbacks that do not severely impact the overall scope or goals of the Software System Upgrade. Tracking & Reporting Tracking and reporting is encompassed in both the risk management plan and change management initiatives. Risk culture is collaborative and will be supported but the UCW Team providing the tools and structure for reporting and tracking. Diligent monitoring of the daily activities of the project as well as seeking feedback from the project team and software users will lead to appropriate risk treatments smoothly advancing the project. A risk register will be implemented as a key item of this Risk Management Plan. The register will be owned by the Risk Management Lead and reviewed at project team meetings; it includes: details all of the identified risks description category probability of occurrence severity and impact responses contingency plans risk owner(s) current status References Ancell, B. (2021). Top 5 Risks of Using Outdated Technology. Meridian. https:\/\/www.whymeridian.com\/blog\/top-5-risks-of-using-outdated-technology CDC. (2022). CDC UP. Centers for Disease Control and Prevention. https:\/\/www2a.cdc.gov\/cdcup\/library\/templates\/default.htm Hau, D. (2003). Unauthorized Access- Threats, Risk, and Control. https:\/\/www.giac.org\/paper\/gsec\/3161\/unauthorized-access-threats-risk-control\/105264 Lucker, D. (2019). Five common budget mistakes and how to correct them. https:\/\/rsmus.com\/what-we-do\/industries\/real-estate\/construction\/common-budget-mistakes-and-how-to-correct-them.html Porreca, L. (2017). How Poor Communication can Have an Impact on Your Project. https:\/\/7dailyhabits.com\/how-poor-communication-can-have-an-impact-on-your-project\/<\/p>\n","protected":false},"excerpt":{"rendered":"

Assignment #3: Risk Management Plan As a team develop a Risk Break Down Structure (RBS) and develop a detailed Risk Management Plan for ACME a large US accounting firm. In preparation for your risk management plan, you need to align to a specific framework, \u00a0(in which case you will need to provide APA reference).\u00a0 Please […]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","_joinchat":[]},"categories":[1],"tags":[],"_links":{"self":[{"href":"https:\/\/qualityassignments.net\/wp-json\/wp\/v2\/posts\/254285"}],"collection":[{"href":"https:\/\/qualityassignments.net\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/qualityassignments.net\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/qualityassignments.net\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/qualityassignments.net\/wp-json\/wp\/v2\/comments?post=254285"}],"version-history":[{"count":1,"href":"https:\/\/qualityassignments.net\/wp-json\/wp\/v2\/posts\/254285\/revisions"}],"predecessor-version":[{"id":256103,"href":"https:\/\/qualityassignments.net\/wp-json\/wp\/v2\/posts\/254285\/revisions\/256103"}],"wp:attachment":[{"href":"https:\/\/qualityassignments.net\/wp-json\/wp\/v2\/media?parent=254285"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/qualityassignments.net\/wp-json\/wp\/v2\/categories?post=254285"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/qualityassignments.net\/wp-json\/wp\/v2\/tags?post=254285"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}