Sidpers Program Risk Management Plan Project Description

Sidpers Program Risk Management Plan

Project description and Objectives

Project Scope

Project sizing

Stakeholder analysis

Project Manager (PM)

Risk Manager

Risk Analyst

The identified Sources of Risk in the SIDPERS Project

Risk Register

Summary Risk Report

Risk Breakdown Structure

Double P-I matrix

Hillson, D and Simon, P (2007).Practical Project Risk Management: The Atom Methodology. Management Concepts.

This document contains details of the Risk Management Plan for the SIDPERS Project and defines the risk management process to be used in the risk management process that is to be used through the duration of this project. The Project Manager is to be the one who is responsible for the review as well as maintaining of this Management Plan throughout the project. This is to ensure that the risk process sis maintained at an appropriate level necessary for dealing with the level of risk that is faced by this specific project (Simon & Hillson, 2007).

Risk is defined by PMI (2008) as a condition or event that can occur with either a negative or positive consequence on the objectives of a given project. Risk management on the other hand entails the identification, assessment, response, monitoring as well as reporting of risks (Hubbard,2009). This Risk management Plan clearly defines the method of identification, analysis and management of various risks associated with the SIDPERS project. It outlines how various risk management activities will be carried out, recorder as well as monitored throughout the project lifecycle while also providing the templates as well as practices for the recording as well as prioritization of risk.

Project description and Objectives

Standard Installation/Division Personnel System (SIDPERS) is the database of record for all Army National Guard Soldiers. SIDPERS is a standard, automated, integrated personnel system designed to provide personnel data support at the division, installation, brigade, battalion, and unit levels. To provide guidance for all unit level organizations and personnel administration centers (PAC) serviced by the Standard Installation/Division Personnel System (SIDPERS).

The database also defines general terms the responsibilities of commanders, first sergeants, personnel administration center supervisors, personnel staff NCOs (PSNCOs), and unit clerks with respect to SIDPERS. To facilitate the Army -- wide standardization of military personnel management and personnel administration procedures in a SIDPERS environment. To apply the Single Source Data (SSD) view of sharing data between the finance and personnel systems. This is a very high priority for all the Soldiers in the Army National Guard as this database is crucial to keep the most updated information in one system.

Project description and objectives

SIDPERS is a project which was initiated by the Department of Defense (DoD) in order to replace the legacy Army personnel systems as well as improve personnel services through the automation of various functions like organization as well as recordkeeping, personnel management reporting as well as manpower accounting. Lack of these functions would render any given army inefficient. The SIDPERS system was developed in order to replace all of the military personnel systems that were being used by the active Army, National Guard, as well as Reserves (GAO,1990).The objectives of SIDPERS project is to support the personnel needs of the individual soldier, provide adequate information to the local commander to enable him or her to successfully manage personnel during peacetime, wartime, and to satisfy essential personnel strength and management information needs during periods of mobilization. Also, to support the rapid accession of Reserve Components (RC).Meet the needs of wartime, mobilization, and peacetime personnel automated in this particular order. To be able to satisfy personnel data needs for HQDA, work with other automated systems and improve personnel data accuracy. This system would also be able to deliver a uniform system that can be easily modified to changing requirements.

The scope as well as objectives of the SIDPERS project is summarized as follows:

Project Scope

The risk management plan will include an analysis as well as description of the possible risks that can affect the SIDPERS project.

The risk management plan includes an analysis of the errors that could result as a result of the risks associated with the SIDPERS project.

Project out of scope

This project does not cover the process used in the development of specific modules within the SIDPERS program.

The project dos not cover the hardware cost required for running the SIDPERS program.

The SIDPERS Project risk management process is aimed at the management of all the foreseeable risks (the opportunistic and threats included) in manner that is proactive, appropriate and effective. This is to maximize the very likelihood of this given project achieving its intended objectives. These will be done proactively, effectively as well as appropriately so as to increase the chances of the SIDPERS project achieving its intended objectives while maintaining the level of risk exposure at a bare minimum.

Project sizing

This project is considered to be large due to the fact that it touches on issues of national and international security. For this project an enhanced ATOM project will be utilized.

The following ATOM processes will be applied for the SIDPERS Project:

Initiation

Assessment

Response Planning

Reporting

Implementation

Review

Post Project review

Stakeholder analysis

The risk management process will aim at engaging all of the project stakeholders to an appropriate level. This will be coupled with the creation of ownership as well as buying-in to the project.

Various risk based-information will be appropriately communicated to the various project stakeholders in a uniform and timely fashion in order to enable for future modification of the project strategy. The risk management process will enable the various project stakeholders to accurately focus their attention on various areas of the project by accurately helping in the identification of the risks. The role of the SIDPERS Project stakeholders as well as vendors is to participate in the process of risk management through the provision of candidate risk input as well as supporting the risk mitigation planning as well as project execution activities.

The following are the Project Stakeholders and their roles

Project Director

The Project Director is the one who is involved in the monitoring of the risk action effectiveness as well as participation in risk escalation. He has the responsibility of communicating to various project stakeholders either everyday or an as needed basis.

Project Manager (PM)

The role of the SIDPERS project manager is to draft as well as approve the SIDPERS Project Risk Management Plan, define the process of Risk management, take part in the Risk Management process as well as take ownership of the process of risk mitigation and execution.

Risk Manager

The Risk Manager is the one responsible for leadership of the risk management effort. He also sponsors the various risk identification activities and thereby facilitation smooth communication throughout the risk management process. The Risk Manager is also responsible for the process of providing the Project Managers with the appropriate recommendations as well as statuses on various risk actions.

Risk Analyst

The role of the Risk Analyst is to evaluate the various risks, maintain a database for the Risk management process as well as facilitate proper communication in the entire process of Risk management.

Project Sponsor

The roles of the Project Sponsor are as follows:

Active supporting as well as encouragement of the implementation of the risk management process

Setting as well as monitoring of the risk thresholds as well as ensuring that these thresholds are effectively translated into acceptable levels of risk exposure.

Attendance of various risk workshops, identification as well as ownership of risk.

Review of the risk outputs obtained from the Project Manager in order to ensure that there is effectiveness and consistency

Review of the Risks that are escalated by the PM (Project Manager) that lie outside of the project's scope or/and control.

Taking decisions on the provided project strategy in accordance to the current risk management project status. The aim is to maintain the level of risk exposure at acceptable levels.

Ensuring that there is an adequate amount of resources for the project to appropriately respond the risks

Releasing of the "management reserve" funds to the given project where justifiable.

Reporting of the risk status to the senior management on a regular basis.

Risk Champion

The Risk Champion's roles include the following;

Overseeing as well as managing of the risk management process on a daily basis

Prepares the Risk Management Plan

Facilitation of various risk workshops as wellas risk reviews

Creation as well as maintenance of the Risk Register

Interviewing of the Risk Owners so as to determine their views

Analysis of data as well as production of risk reports

Risk Owner

The roles of the Risk Owner are as follows;

The development of various responses to the risks. These responses are risk actions that they appropriately assign to the project's Action Owners

The monitoring of the progress of the risk responses

Reporting the progress of the responses to the Risk Champion through the Risk Register

Action owner

The roles of the Action Owner are as follows;

The implementation of the agreed actions in support of the response strategies

Reporting of the progress on the actions to the project Risk owner as well as the recommendation of the actions that are necessary for the management of risk.

Project team member

The roles of a project team member are;

The active participation in the risk management process as well as the proactive identification and management of the risks falling within their areas of responsibility.

The provision of inputs to the PM (Project Manager) for inclusion into the risk management report.

The Risk Identification and management tools and techniques

The following risk Identification and management tools and techniques are to be used in the SIDPERS project:

Initiation

The Risk Management Plan (which is this document)

Identification

The risks were identified using the following techniques;

Brainstorming

All members of the project team as well as representatives of the key suppliers were involved in the brainstorming sessions.

Analysis of all the project assumptions as well as constraints (implicitly and explicitly)

A review of all the standard risk checklists

The use of the Initial Risk registers in order to help in further assessment. This followed the following format:

1. Assessment

2. The use of Double P-I Matrix in the prioritization of risks for action, by utilizing the standard Risk Scoring calculations which is based on probability (P) and the impact (I).

3. Risk Register update so as to include the latest assessment data.

4. Response Action Selection

5. Identification of the specific Actions as well as Action Owners.

6. Risk Register update to that includes the response data

7. Reporting

8. Implementation

9. Implementation of the response strategies through their agreed actions

• Reporting

• Risk Report to Project Sponsor and Steering Group/Project Board.

• Provision of ad-hoc reports stakeholders and Project Team as required.

• Implementation

• Implementation of response strategies via their agreed actions.

The identified Sources of Risk in the SIDPERS Project

Bug in program

A bug refers to a system fault in the computer program. Bugs are traceable, and most computer users remove bugs from the system to avoiding crashing. The process by which the viruses are removed from the system is referred to as debugging. Effects of bugs on a computer can be extremely solemn in that they major glitches to its functioning. Having a bug in a program can root to stern damage to a firm's system or lose of vital information about a super project. With bugs in developed software then there comes plenty of problems. Bugs cause communication failure in the system since the computers might fail to function appropriately. This affects several functions in an organization since most organizations depend on the computers for execution of tasks and commands. Bug is an outcome of unrealistic improvement timeframe, poor design logic, poor coding skills from the developers of software and making changes final minute.

Not being able to log in systems

With bugs in the system, there ought to be security measures that will enable the correction of the system. These are programs developed to protect systems from unauthorized personnel. At one point, they guarantee security, but when the main administrator is unavailable then it means lots of resourceful information will not be accessible. They create a bridge amid to various areas. Only a limited number of people are able to access systems that are restricted from unauthorized personnel. The risk of such a system is the lack of access to the vital work in case the authorized personnel are not around. Employees working in large farms where only one has access to a given system experience this phenomenon.

Forgotten passwords

System user's faces risks of greater heights when passwords are forgathered which were developed to protect unauthorized access. It denies access to unauthorized person, which would otherwise lead either to loss of work, or inaccessibility of the same job. Software developers are inventing ways to have hints that remind the user passwords.

Unable to save information

Completion of work is more reliable if the respective personnel save the work for future references. This helps especially when changes undertaken in an organization because of improvements at certain levels.A system that is unable to save certain information then it implies that the work done cannot be accessed. When unable to save information then references cannot be done in future research conducted in an organization. This would lead to greater risks of lacking vital information for future use.

Incorrect codes

Codes are security systems meant to protect gadgets carrying reliable information for someone. When input of incorrect codes to such gadgets, one stands a chance of not accessing the data inside, endurance of unexpected costs, loss of time. This is because to get access to this data will need a professional to unlock the codes that have a limited number of trials before permanently denying one access. For the work to get completed, it is going to cost both time and money.

Incorrect parameters

When there is difficulty in accessing or running certain programs then it means something must have happened to the system configuration process. One stands the risk of not running a system program in an incorrect parameter. In most cases, this happens due to a cancellation of the programs setup process. However, to fix this, someone will have to delete an Ini File and reconfigure it thereafter.

Incorrect dates for documents

Most documents are saved in the system in accordance the date of development. Incorrect dates for documents may lead to inaccurate record keeping of resources. This may be risky since it may cause confusion in the future.

Wrong address in system

For the key reason of wrong address in system, individuals get misleading information that puts the results of work done at risk. This is so since the information presented is not correct or other from the wrong source.

Incorrect pay code used which affects pay

In most firms, employees are represented by codes in place of their names. Risks might occur when incorrect pay codes are used for employees who will end up receiving incorrect payment. The firm for this case mismatches the names with the rightful codes.

Incorrect Army Physical Fitness Test scores which soldiers loose puts for promotion

In such a case, there are risks of people losing promotions. In addition, the test scores will lead to tasks assigned to someone who cannot handle it, which will lead to poor performance for an individual.

Risk Register

ID

Risk Description

Probability