Every project has risks. Yet surprisingly few project teams prepare adequately for the very real possibility that something might go wrong. By developing thorough risk-mitigation and contingency plans, complete with probability of occurrence, you leave little to chance. The unexpected is expected, and you have a plan for dealing with it effectively when it happens.
Unfortunately, IT and reengineering projects have the worst track records in terms of risks that become reality. How often do you hear about IT projects that are delayed, are over budget or fall short of the quality level expected? Even today, CMMS projects still have poor track records of success, with more than 50% of them missing the mark. In my experience, project teams can achieve a much higher probability of success simply by planning for, and mitigating against, the most likely risks.
The first step is to develop a framework for recording and discussing project risks. One simple yet comprehensive approach is a spreadsheet with one risk per row, and columns that describe each risk as follows:
Risk description: The first column provides a short description of each risk, usually grouped by category such as resource risks, project-management risks, implementation risks and others as discussed below. An example of a risk is that the CMMS project fails to attract the right skill sets for planning and implementation because there are too many projects competing for the same resources.
Planned mitigation: Column 2 explains the actions required to minimize the probability of the risk occurring. For the example above, the mitigation plan to ensure the appropriate resources are secured for the CMMS project might include delaying competing projects, using external resources and consultants to fill any gaps, hiring additional contract resources to backfill for the right internal resources and training any available unskilled people.
Remaining probability: Once plans to mitigate the risk are executed, there’s still a possibility that the risk will occur. The “remaining probability” shown in column 3 quantifies the risk in terms of a percent probability of occurrence. Suppose in the example above, even after delaying other projects, the remaining probability that there will be a project skills shortage is still about 20%. This is because there’s a chance that the other projects won’t be delayed sufficiently or that the CMMS project will also be delayed and the projects will again be in competition for skilled resources.
Remaining impact: Critical to analyzing and prioritizing project risk is quantifying the effect on the organization should the risk occur despite mitigation. Show this in column 4. A scale from 1 to 10 can be used, where 10 represents catastrophic consequences should the risk occur (eg, losing your license to operate), and 1 means the impact is negligible (eg, a 0.01% increase in project costs ensues). In the example above describing the risk of a project skills shortage, the remaining impact might be 8 out of 10 because to be missing, say, senior leadership and change-management skills on the project team would almost certainly lead to lack of stakeholder buy-in and therefore serious barriers to a successful implementation.
Residual risk score: The residual risk score in column 5 can be calculated by multiplying the remaining probability (column 3) by the remaining impact (column 4). The scores should then be prioritized and the highest scores evaluated to determine if mitigation plans should be revised to reduce risk. For the example, to calculate the residual risk score, multiply 20% probability by the impact of 8, for a score of 1.6. Examine scores greater than 1.0 carefully to determine if mitigation plans can be revised to further reduce the probability or impact.
Contingency plan: The higher the residual risk score, the more critical it is to develop a comprehensive contingency plan that outlines what will be done if the risk materializes. By preparing a contingency plan well in advance, the downside impact can be minimized.
For the example, if, despite successful implementation of the mitigation plan, there’s still a shortage of skilled resources on the CMMS project (eg, a highly skilled project team leader gets pulled off the CMMS project to tend to another key project), then the contingency plan will be executed. Suppose the contingency plan that the CMMS vendor agreed to was to supply a skilled project team leader until an internal replacement is found. Planning a contingency well in advance – even incorporating it into the vendor contract – eliminates triggering more serious contingencies and their consequences, such as shutting down the project at great expense to management’s credibility, employee morale and, ultimately, the bottom line.
Typical CMMS project risks
A small sampling of the many common risks associated with CMMS projects includes some category groupings. If they’re relevant to your company, add them to your risk matrix in the first column, and fill in the remaining five columns. Think of other relevant risks under each of these categories.
CMMS vendor partnership
- Insufficient access to resources: Is the vendor providing enough resources at the right times to ensure success?
- Poor-quality vendor assistance: Is the vendor providing resources with the right skills and experience necessary to implement effectively?
Internal project resources
- No depth of expertise on project team: Key stakeholders such as maintenance, operations, engineering, IT, finance and human resources should be represented by senior people on the team, especially operations.
- Insufficient size of project team: There should be adequate internal resources working at or near full time on the project. You can’t rely solely on the vendor for implement.
- Unclear success criteria for each stakeholder: Ensure that project team members, senior management and the vendor have measurable goals and objectives with clearly defined deliverables.
- Poor monitoring and control systems: Are there adequate measures and targets being monitored and acted upon that align with what motivates each stakeholder, especially the front line?
- Unrealistic business case: Under-promise and over-deliver in terms of savings. Be conservative in estimating costs.
- Inadequate budget for implementation: Don’t be afraid to recommend shutting down the project if funding is inadequate.
- Unrealistic timeline: If the pace is too slow, interest, focus and momentum are lost. Too fast, and steps might be missed or done poorly.
- Lack of top management support: This means visibly and financially.
- Insufficient buy-in from key stakeholders: The CMMS implementation can’t be seen as a maintenance-only project.
- Poor communication to stakeholders throughout implementation: You’re rarely accused of having too much open and honest communication. The most effective communication to the workers comes from face-to-face interaction with first-line supervisors.
- System doesn’t meet critical requirements: Hardware or software performance falls short of expectation outlined in user specifications (e.g. poor user interface).
- System doesn’t integrate properly: Link to interfacing systems and processes is inadequate or too costly.
- Inadequate end-user training: This hampers long-term chances of success.
- Poor pilot rollout gives bad reputation: Beware of pushing to implement when the site or system isn’t ready.
(Editor’s note: The Plant Services CMMS/EAM Software Review, posted at www.PlantServices.com/cmms_review, provides a side-by-side comparison of more than a dozen popular software packages.)
E-mail Contributing Editor David Berger, P.Eng., partner, Western Management Consultants, at firstname.lastname@example.org.