Embed Size (px)
Citation preview
5-1
DoD Risk ManagementPolicies and Procedures
5-2
Risk Assessment and Management (DoD 5000.1)
“Program Managers and other acquisition managers shall continually assess program risks. Risks must be well understood, and risk management approaches developed, before decision authorities can authorize a program to proceed into the next phase of the acquisition process. To assess and manage risk Program Managers and other acquisition managers shall use a variety of techniques, including technology demonstrations, prototyping, and test and evaluation. Risk management encompasses identification, mitigation, and continuous tracking, and control procedures that feed back through the program assessment process to decision authorities. To ensure an equitable and sensible allocation of risk between government and industry, Program Managers and other acquisition managers shall develop a contracting approach appropriate to the type of system being acquired.”
5-3
Cost, Schedule, and Performance Risk Management (DoD 5000.2-R)
“The Program Manager shall establish a risk management program for each acquisition program to identify and control performance, cost, and schedule risks. The risk management program shall identify and track risk drivers, define risk abatement plans, and perform periodic assessments to determine how risks have changed. Risk reduction measures shall be included in cost-performance tradeoffs, where applicable. The risk management program shall plan for back-ups in risk areas and identify design requirements where performance increase is small relative to cost, schedule, and performance risk. The acquisition strategy shall include identification of the risk areas of the program and a discussion of how the Program Manager intends to manage those risks.”
5-4
Risk Management Structure(DoD Risk Management Study)
Risk Management
Risk Planning Risk Assessment
RiskHandling
RiskMonitoring
RiskDocumentation &Communications
RiskIdentification
RiskAnalysis
5-5
Definitions
• Risk - A measure of likelihood to achieve objectives - Two components (probability and consequences)
• Risk Management - Act or practice of controlling risk
+ Identifying and tracking risk drivers+ Defining risk mitigation plans+ Performing periodic risk assessments
5-6
Risk Planning
• Process has two segments
– Implementing a comprehensive and active strategy to continuously identify, mitigate and track program risks
• Who does it
• What do they do
• When do they do it
• How risk is shared
– Documenting risk elements of program activities
How do I getthere from here?
5-7
Risk Assessment
• Process of identifying and analyzing program risks to increase the chances of meeting performance, schedule, and cost objectives
• Two segments
– Risk Identification
– Risk Analysis
5-8
Risk Identification
• Process of specifying, describing and documenting program risks and their sensitivities to other risks
– Internal
– External
5-9
Risk Analysis
• Process of evaluating program risks for their impacts to performance, cost, and schedule objectives
• Process includes assessing each risk’s:
– Probability of occurrence, and
– Consequences of failure to mitigate the risk
5-10
Risk Handling
• Process that identifies, evaluates, selects, and implements risk handling options
– to set risk at acceptable levels
– give program constraints
• Typical risk handling strategies can include:
– replan to eliminate the identified risk
– avoid risk by changing requirements
– transfer the risk
– control the risk through active steps
– assume the risk without special efforts
5-11
Risk Monitoring
• Process that systematically tracks and evaluates the performance of risk mitigation actions
- against established metrics throughout the acquisition* process, and- develops further risk handling options as appropriate
* Acquisition includes any procurement from government or contractor sources within all phases from early research through logistics, operations, support, and disposal
5-12
Risk Management Process
Evaluate RiskHandling Options
•Avoid• Information Gathering• Transfer• Assume• Control
Program Requirements
AssessRisk
• Identify• Analyze• Quantify Risk
Evaluate Subcontractor
Risks
Analyze Impacts
• Performance• Cost• Schedule
Manage Risk
• Review Indicators• Abatement Actions
5-13
Assess Risks
Program Requirements
AssessRisks
Evaluate RiskHandling Options
EvaluateSubcontractor
Risks
Establish Cost,Schedule, &Performance Impacts
ManageRisks
EstablishApproach
DevelopTeam
IdentifyRisk
Areas
AnalyzeRisk
Create RiskManagement
Tools
5-14
Risk Identification
The WBS is normally used to organize and ensure completeness of the risk identification effort.
Identification is generally performed at the 3rd or 4th level of the WBS.
5-15
5-16
5-17
Risk Categories and Consequences
• Risk Categories– Requirements - Are the Necessary Requirements ( Operational or Design)
Fully Defined? Is the Basis for the Requirements Stable (e.g. No Expected Threat Change)
– Technology - Is the Technology Available Proven in Previous Use?– Engineering - How Much New Design is Needed to Achieve Requirements?– Manufacturing - Are the Required Manufacturing Processes, Facilities, and
Sources of Materials Known and Available?– Support - Are the Required Support Resources Defined and Available?– Management - Are the Processes, Resources, and Experience Available to
Successfully Perform this Program?• Risk Consequences
– Performance - Can the Item Meet Its Requirements (Operational, Support and Manufacturing)?
– Cost - Can the Item Be Developed and Operated within the Funding Allocated to It?
– Schedule - Can the Item Be Developed and Deployed with the Time Allocated to It?
5-18
Sample Risk Identification
WBS 113 - Guidance System
Issues: New Design – Uses new chipset from CHIPLEAP program. Some concern exists on producibility and thermal characteristics.
Assumptions: Megalith Corporation will design guidance system. They were a participant in the CHIPLEAP effort.
5-19
Additional risk categories such as customer satisfaction or customer expectation can be developed for identification purposes.
Risk assessment templates (shown on later charts) for subcategories can be developed and maintained by organizations.
Organization of Risk Assessment
5-20
5-21Ref. – Best Practices
5-22Ref. – Best Practices
5-23Ref. – Best Practices
5-24Ref. – AFMC 63-101
5-25
5-26
See Table 2.3 on pg 18 of RMG for DOD Acquisition
5-27
Probability (Likelihood)
1
0
Consequences
Traditional Risk Analysis
Performance
Cost
Schedule
Potential Degradation
Sys Reqt not Achieved
Element Increase > 50%
System Increase > 40%
Element Increase
Element Increase < 10%
x
x
x
Probability is Assigned
Consequences are Estimated
x
5-28
Probability (Likelihood)
1
0Consequence
Traditional Risk Analysis
Performance
Cost
Schedule
Potential Degradation
Sys Reqt not Achieved
Element Increase > 50%
System Increase > 40%
Element Increase
Element Increase > 50%
x
x
x
x
x
High Risk – Severe disruption expected to performance, cost, and / or schedule even with risk mitigation plans in place.
Moderate Risk –Expected disruption to performance, cost, and / or schedule can be overcome by implementing risk mitigation plans.
Low Risk – Little disruption expected to performance, cost, and / or schedule.
5-29
Weaknesses of Traditional Risk Analysis Process
1. Roll-up of risks characterized as high, moderate, or low at the 3rd or 4th WBS level are difficult. Example – Are 10 low risks and 1 high risk at WBS Level 4 elements expressed as low, moderate, or high at the parent WBS at Level 3?
2. Characterizing a risk as high, moderate, or low alerts the customer to the severity of the outcomes without giving insight into the likely capability of the delivered product.
5-30
Insert Melbourne Paper Here
5-31
Miscellaneous Risk Topic
5-32
Concurrency* Risk Management
DT&E Completion Concurrency
Degree ofConcurrency > 67%
33 to 67< 33 %
0
LowModerate
HighVery High
• Risk Handling Imperatives for Concurrent Programs• Insure Adequate Test Resources Are Available• Have Rapid Corrective Action Process Established• Have Effective Transition to Production Process• Phase Production to Allow for Early Testing• Use Modular Designs When Retrofits Are Expected
* Overlap between Development Test & Evaluation and Production
5-33
5-34
Past Problems with DoD Weapons Systems Due to Requirements Development Practices
Characterization of Past Practices
1. Vertical Flowdown Has Often Failed to Address All Products and Processes. This Has Resulted in Premature Selection of Design Features That Provided Little Additional Benefits for the Costs Incurred2. Weapon System Requirements Have Not Been Developed in an Integrated Fashion (i.e., the Definition and Balancing of All Related Items at All Levels)
Future Need
• All Requirements Should Be Addressed and Subsequent Design Solutions Should Be Integrated and Verified Both Vertically and Horizontally
5-35
Objectives of Requirements Analysis
• Articulate Customer Needs– Missions– Environments
• Identify and Allocate Constraints– Design– Cost– Schedule
• Develop and Define Measures of Effectiveness– Functional– Performance
5-36
Requirements Analysis Process
Supplier “Hows”Design Features/
Performance Measures
Utility/RelationshipMatrix
Measures How Well “Wants” are Met.
“Customer Wants”Needs Identification1. Close Air Support2. Deck LaunchedIntercept
Prioritization of Customer “Wants”1. Cost2. Supportability3. Mission Effectiveness
Sensitivity to DesignFeatures
Prioritization of RelativeImportance of Changes in
Design Features
Key Tasks:1. Identify Operational and Environmental Needs2. Identify Customer Preferences3. Prioritize Importance of Design Features
5-37
Requirements Analysis Timeflow
Customer Requirements Systems & Operational Analysis Analysis
Needs &Objectives • Requirement Categories
Defined - Affordability - Sortie Generation - Target Kills• Technologies Identified by Category• Preliminary Ranking of Technologies by Category
• Preliminary RankingAcross Categories
CustomerReaction
Preliminary Assessments
- Effectiveness- Force Structure- Cost/Risk
5-38
Preliminary Ranking of Technologies/Configurations
Sort Systems in EachCategory by Cost
Sort Systems in Each Category by Effectiveness
Determine Affordable SystemsWith Given Budget
Estimate ConfigurationEffectiveness Based on MissionEffectiveness Results
Determine OptimumConfiguration at This Budget Level
IncrementBudget
Cost EffectiveTechnology/Configuration(for given budget)
Approach Explores All Combinations of Options and Determines the Most Effective Technology or Configuration at Each Budget Level
5-39
Quantifying A/C Requirements Impact on Force Structure
ATS Radar Detection Range
ATS Radar Detection Range
ATS
Unit
Eff.
ATS Proc. Quan
Air Wing
Effectiveness
Detection Range
Reasonable Requirements Region
Unit Eff Too Small
#s Purchased Too Small
