A friend of mine (we’ll call him Al) was out looking at daycare centers with his wife. Their two year old daughter was ready to expand her horizons and learn the intricacies of social behavior and all the risks inherent in her new world. To Al’s dismay, no daycare center met the standards of control he would have expected in a daycare. This new world was fraught with risk. Doors weren’t locked and children could escape. Gates were not on the stairwell and children could fall and injure themselves. Peanut butter was in the fridge and children could access it. Al wasn’t willing to run the risk of introducing his daughter to this environment. Oddly enough, Al didn’t have similar controls in his own house. No childproof door locks, no stair gates, and peanut butter in his fridge – sometimes on the counter!!It was clear to me that a person will hold an unknown environment to a higher level of scrutiny than a person who is familiar with the same environment. It also became clear that a person’s experience will determine the amount of risk they are willing to tolerate. For example, if I put three people in Al’s deficient daycare and put a jar of peanut butter on the counter, the first person with no children may shrug their shoulders. The second person with a child may say, “Maybe we should remove the jar of peanut butter.” While the third person who has a child with a peanut allergy may say, “I need a peanut free environment for my child. This is unacceptable.” This dependency on individual experience and individual risk tolerance becomes a greater issue to organizations. When trying to ascertain the level of risk inherent in a project portfolio at an enterprise level, it is difficult to compare like with like without a risk management process and model that will represent the enterprise’s willingness to accept risk.The ProblemRisks that are not identified cannot be assessed. While an organization is dependent on a project manager to identify risks associated with a point in time project, there is no clear way to determine inherent risks to the organization. Organizations that have made the move to portfolio management have been successful at time management, resource management and time and budget status reporting at the portfolio level. While each of these advancements is a major achievement on its own, an organization that makes decisions on this data does so without a sense of risk associated with the performance of the portfolio. Decisions get made and risks are reacted to. Many issues are created due to unforeseen risks.So what is wrong with this picture? After all, risk is an accepted part of business and life for pretty much everyone.Risk is inherently a function of value and as such the more value at stake the more risk one is exposed to. Therefore, the notion that risk is a negative situation to be entirely avoided is a flawed argument, as this can only be guaranteed if/when an organization invests in cash cow initiatives where high value can be attained with no risk. We all know that cash cow initiatives are not sustainable and are the exception, not the rule.The ultimate argument is found in the financial market where stocks and bonds are valued by level of risk tolerance. Bonds are considered safer bets and therefore yield lower returns while stocks are considered risky investments and are expected to yield higher returns. Over the past 100 years the financial market has designed numerous mechanisms to manage the dynamics of risk and reward with continued lessons learned along the way.Independent of industry, size and source of funding (i.e. capital market, private equity, tax dollars), organizations must be well versed in balancing risk and reward if they are to survive and succeed in the competitive and volatile economy of the 21st century.With Risk Comes OpportunityThe old saying that “the apple does not fall far from the tree” rings true when one takes a moment to reflect on why risk management practices are at such an elementary level. The answer lies in what organizations have come to believe to be good project management.So what happens to managing risk? Risks become issues, issues become actions, and actions get managed using the same project management processes designed to manage the value line. The problem is that project management practices designed to deliver value are based on nomenclatures such as deliverables, milestones, performance indicators, quality, timeline, budget, approval, benefit realization, etc. These notions work perfectly for the value line where the lingo describes value-based characteristics.To manage risks, organizations need to invest in elevating their risk management practices to the project portfolio level, to attain the same level of maturity as project management practices. Otherwise, risk management will continue to be at the mercy of an individual project manager’s experience and will be managed well by a few and missed by most. This key concept drives the requirement for organizations to baseline their risk tolerance and provide their project management team with a consistent set of risk management standards and practices. Absence of risk management standards and practices will result in an environment of inconsistent risk tolerance and management, since project managers’ personal tolerance for risk will driver their approach for managing project risk. The danger of such a notion is that some project managers will have high tolerance for project risks while some will have lower tolerance, which might or might not be applicable to the priorities of the organization.We have all come to appreciate the necessities of standardized project management tools and methodology, and there are very few organizations that allow a project manager to use his/her own favorite project management tool and methodology. Risk management is no different, and organizations need to invest the same level of diligence in their risk management practices as they do in project management practices.The FrameworkThe identification of potential risks within a project portfolio is of major importance to a proactive risk assessment process. It provides the opportunities, indicators, and information that allows for identifying all risks, major and/or minor, before they adversely impact an organization. An aggregate view of project risks within a portfolio will provide organizations with a holistic assessment of all risks, provided that the risk identificationframework at the project level is comprehensive.The first step in risk assessment is to clearly and concisely express the risk in the form of a risk statement. A risk statement can be defined in the following terms:o The risk assessment statement outlines a state of affairs or attributes known as conditions that the project members feel may adversely impact the project.o The risk assessment statement also articulates the possibility of negative consequences resulting from the undesirable attribute or state of affairs.o This two-part formulation process for risk assessment statements has the advantage of coupling the idea of risk consequences with observable (and potentially controllable) risk conditions.When formulating a risk assessment statement, it is helpful to categorize the risk statement within categories that best reflect the priorities of the organization. The project portfolio Risk Registry (Table 1) outlines the risk statement associated with “strategy” risk category. The project portfolio Risk Registry will have most value when customized to reflect organization risk categories and corresponding risk statements.Once the project portfolio Risk Registry is vetted to reflect business priorities and challenges, the risk statements need to be evaluated against the probability and impact of actualization. The variable chosen to measure probability and impact of risk actualization reflects an organization language, as it is critical that baseline assessment is understood internally and represents organizational risk and exposure.A quadrant analysis of risk category actualization in terms of probability and impact provides the organization with transparent disclosure of risk at the project and portfolio level. This assessment enables an organization to attain a baseline understanding of project portfolio risk based on the organization’s own internal knowledge and experience.The risk analysis model is designed to expand and normalize project management judgment, used in the risk assessment model, and apply a consistent baseline for the probability and impact of all risk categories. It is composed of the following steps:1. Industry sources are used to establish a complete repository of threats that are applicable to the organizations.2. Industry sources are used to determine the organization’s vulnerability to industry threats. Then, the organization uses internal knowledge to narrow the list of vulnerabilities to those most applicable to the organization.3. To further validate the applicability and relevance of threats and vulnerabilities, a processes of “so what” analysis is conducted where the probability and impact of identified threats and vulnerabilities are further validated. The “so what” analysis utilizes metrics similar to the probability and impact metrics used in the risk assessment model.4. COBIT control statements are used to determine the level of controls that an organization has in place or could have in place in order to effectively manage the risk associated with outlined threats and vulnerabilities. Although COBIT controls are mostly designed for IT, indepth testing has revealed that COBIT controls are applicable to both IT and non-IT threats and vulnerabilities.The outcome of the analysis phase is a repository of threats, vulnerabilities and controls assessed and validated through a series of workshops, where project and portfolio managers input is given the same weight as industry best practices. This ensures that the analysis result is applicable to the organization rather than a hypothetical environment.An organization’s risk tolerance is directly influenced by its ability and desire to invest in controls designed to adjust risk tolerance. The action model provides the framework to operationalize risk assessment and risk analysis findings based on the implementation of controls that provide the best level of risk mitigation for project portfolio priorities.The action model leverages “so what” analysis to determine which controls provide the optimal mitigation results for threats/vulnerabilities with the highest probability of actualization and/or most implications. Furthermore, the action model provides the ability to assess the utility of existing controls in order to determine portability/reusability opportunities.The action model also enhances the reliability of the quadrant report produced in the risk assessment and risk analysis phases, and specifically identifies the value of investment in controls as a means to mitigate threat probability and vulnerability impact.In conclusion, the action model enables organizations to improve the effectiveness of processes used to deliver projects through investment in controls. The action model also develops roles, responsibilities and processes required to operationalize the risk assessment and risk analysis models in the form of specific actions. Roles such as Risk Manager and Risk Analyst are defined and incorporated into the business process. Each role in the risk management process has responsibility and accountability, and specific tasks within the risk assessment, risk analysis and risk action model. Finally, the action model enables organizations to establish pragmatic risk management processes.SummaryOrganizations are expected to manage risks and deliver high value capital projects. Anything else is considered sub-optimal performance. Delivering high-value projects requires a project management workforce with significant talent for effectively managing both the value line and risk line.Managing project risk is no different than managing investment risk. In both cases, the “customer” who provides the capital demands that the investment is managed by professionals who understand and leverage risks to maximize return on investment. Failing to do so ends in the “customer” finding other alternatives, as capital investment is a precious commodity.Tools designed to automate risk management become extremely valuable once organizations have understood and implemented the appropriate level of management processes for risk management. Unfortunately, many organizations fall into trap of buying pieces of technology, without having an in-depth understanding of the requirements and processes to use the technology.Organizations have the technology and talent to deliver high value projects through effective and transparent management of risks and need to establish the supporting risk management processes. Start with a framework designed to build an enabling risk management process to manage project portfolio risk relative to organizational requirements. If we can all agree on the tenants of risk in our respective organizations, we won’t have to suffer through miscalculation and mismanagement of risk.After my friend Al communicated his concerns to his wife, they together created a framework to identify acceptable risk for a daycare provider. They discussed why they didn’t hold their own home (the primary daycare) to the same standard. They determined how much they were willing to spend to mitigate certain risks and the likelihood of acceptable risk they were willing to bare. In the end, Al and his wife were able to select a daycare provider that provided the most reasonably safe environment for their child. In addition, they were able to develop a clear picture of some of the deficiencies in their own home environment and addressed them accordingly. The framework was critical in defining the conversation and providing them with a basis for discussion that ultimately enabled them to make an important choice. If only all organizations were run that way.
Portfolio Management is Risky Business
Guides to Start Dating Online
If you want to start dating and you are not exactly sure how to start it, the Internet offers you limitless possibilities of doing so. Moreover if you are the shy type of guy who find it difficult speaking to women, then the best place to start dating is online. If you are afraid being rejected by a woman, approaching them first online will build the confidence you need while avoiding the embarrassment of open rejection.Advantages of Online Dating
You can learn at your own pace
It removes shyness, since you are not yet meeting face-to-face
It is free, for many online dating sites
It helps you build your confidence while learning
It saves you the embarrassment of rejection.
How To Begin Online DatingYou Need an Email Address:You can register for a free Yahoo! or Hotmail email address. It is advisable to use a free email address like Yahoo, Hotmail or Gmail. For some reasons, your company’s email address is not the best for this type of exercise.Learnt How To Chat:Learn how to chat (using Yahoo! Messenger, MSN Messenger or any other chatting software. Your initial communication is first through email and later chatting. People are more reluctant to release their phone numbers to strangers than they are of their email addresses.Create an Online ProfileVisit any of the online communities or social websites and create a profile. Add at least one photo to your profile and supply as much information as possible. There are free online community like Facebook, Perfspot, Tubely and others where you will meet men and women who are serious in online dating. There are still several online communities or dating websites which you can search out on the Internet, however all of them are not free, and unfortunately quite a number of them are dominated by spammers. I will discuss more on how to maximise your online profile in subsequent posts.Search Out Females Using Your Own CriteriaHaving registered your profile online, you can now use the online software to search out women who meet your criteria. The criteria may be age, location, city, country, ethnicity, etc. Make sure you tick the option to display those who have photos only, as a profile may be deemed incomplete if it doesn’t have a photo. This is the reason why you should have your photo on your online profile.Making Friends With Others OnlineOnce you find any female that meets your interests, you can add her as a Friend to your profile or Send Email to her, or both. What you can do depends on which online service you are using and what options are available to you. But generally, you can add someone as a friend or you can send message. Once the person accept s you as a friend, you had achieved the first major step getting to know the person. This is because you will be allowed to see the photos of the friend, see the friends of a friend, and see the activities of that friend in the community. I will discuss more on how to make friends with others online on subsequent posts.Sign up for a free profile on the Internet today. If you don’t have an email address, get a free one from Yahoo or Hotmail. Upload your pictures and enter into a new world of online dating.
Selecting an Anti Aging Cream? Here’s How
You’ve finally figured out that it’s time to begin your anti aging skin care regimen, but now you’re trying to figure out what kind of products you should buy. When you head to the store, the shelves are lined with all kinds of wrinkle creams, eye creams, and numerous other anti aging products that all claim to help keep your skin looking younger. But which one of these creams is right for you? Depending on what kind of anti aging skin care issues you’d like to address, it’s actually pretty simple to find the right kind of anti wrinkle skin cream for your individual needs. Here’s how to pick the right kind of aging skin cream for you.Find Out Your Skin Type
The first step in finding the right kind of anti aging cream is to find out what your own particular skin type is. Everyone needs an anti aging cream that will moisturize your face, because as we get older, your skin doesn’t hydrate as easily as it did when we were younger. If you have an oily complexion, you want to look for a moisturizer that is oil free and won’t clog your pores. If you have sensitive skin, you are going to need a wrinkle treatment that doesn’t contain harsh ingredients that will irritate your skin. Any skin care product that’s made for everybody may not necessarily work for your specific skin type and concerns. Be specific in what you’re looking for.Target Your Unique Skin Concerns
Anti aging creams are not “one size fits all”! Knowing your skin type means also knowing what your specific anti aging concerns are. Do you have very deep wrinkles? Do you have dark spots or age spots on your face, arms, chest or neck? Are you taking a proactive approach and trying to combat and minimize the appearance of fine lines and wrinkles? Perhaps you are experiencing hormonal aging and need to address those specific issues. Your anti wrinkle skin cream should target your own unique aging issues.Know the Ingredients in Your Face Cream
If you’re always aware of what you put inside your body, you should also be aware of what’s in the products that you’re using on the outside of your body. Make sure that you carefully read all of the labels of your skin care products to know what kind of ingredients they contain. If you don’t understand anything that’s on the label and no one can explain what the ingredients are, you could end up damaging your skin. Look for anti aging skin treatment products are a combination of the best ingredients from nature and science and take the time to research ingredients and recommendations from estheticians and dermatologists on the internet.