Skip to main content

Who Manages Risk in a Scrum Project?

I'm not sure if there is a simple answer to that question. There are lots of different kinds of risk, so who manages what may well change over time.

Even before the team is founded or designated to the project, there is the sponsor. S/he may be the person with the vision, the instigator of the project, or s/he may just be the person with for the money. In either case, s/he is or will eventually designate the product owner, whose primary responsibility is financial.

I think it is legitimate for the project owner to ask risk oriented questions right at the beginning: What are the big risks in the projects? What will cost us money if they happen or if we don't prepare for them properly? How do we mitigate those risks, keep our options open, and handle the issues gracefully when they happen? Once the team is consituted, these are questions for them to think about as well.

There are many risks, some more likely than others. Some "risks" are not risks at all, they are certainties. Changing requirements is high on the list. Scrum embraces these risks as part of the process.

A classic risk question in any user facing application: 'What happens when the usability people decide they need to redesign the UI late in the game?' Call it a special case of changing requirements, but you don't want to caught without a solid test suite if you have have to completely refactor the back-end.

Other risks are more subtle. Teams or individuals that do not have the necessary training or that don't work well together will make slow progress. This can be seen in the Product Burndown Chart. The Product Owner will see quickly that he has a time/scope/money problem, but figuring out the cause will need support from Team and Scrum Master.

What I don't like to see in a bid is boiler-plate text which can be "safely" ignored during the actual project.

Once the team is constituted and an initial product backlog has been created, the P-O and the Scrum Master and maybe the team will get together to prioritize the stories. There are many ways to do this, including bang for the buck, value to the P-O, deal with hard problems first, put off difficult and unclear issues until later (when they are better understood)... And yes, some of the strategies are contradictory.

So somebody makes a decision, and that someone is the Product Owner.

The Scrum Master and Team should help the P-O optimally prioritize the backlog so minimize risks. The team can be particularly helpful with technical risks and the Scrum process should help identify blind spots. But since ROI is the responsibility of the P-O and the consequence of risk is cost, managing Risk is fundamentally the P-O's responsibility.

Comments

Popular posts from this blog

Sample Definition of Done

Why does Scrum have a Definition of Done? Simple, everyone involved in the project needs to know and understand what Done means. Furthermore, Done should be really done, as in, 'there is nothing stopping us from earning value with this function, except maybe the go-ahead from the Product Owner. Consider the alternative:
Project Manager: Is this function done?
Developer: Yes
Project Manager: So we can ship it?
Developer: Well, No. It needs to be tested, and I need to write some documentation, but the code works, really. I tested it... (pause) ...on my machine. What's wrong with this exchange? To the developer and to the project manager, "done" means something rather different. To the developer in this case, done means: "I don't have to work on this piece of code any more (unless the tester tells me something is wrong)." The project leader is looking for a statement that the code is ready to ship.

At its most basic level, a definition of Done creates a sh…

Scaling Scrum: SAFe, DAD, or LeSS?

Participants in last week's Scrum MasterClass wanted to evaluate approaches to scaling Scrum and Agile for their large enterprise. So I set out to review the available frameworks. Which one is best for your situation?

Recently a number of approaches have started gaining attention, including the Scaled Agile Framework ("SAFe") by Dean Leffingwell, Disciplined Agile Development (DAD), by Scott Ambler, and Large Scale Scrum (LeSS), by Craig Larman and Bas Vodde. (Follow the links for white papers or overviews of each approach).

How to compare these approaches? My starting point is Scrum in the team. Scrum has proven very effective at helping teams perform, even though it does not directly address the issues surrounding larger organizations and teams. An approach to scaling Scrum should not be inconsistent with Scrum itself.

Scrum implements a small number of principles and constraints: Inspect and Adapt. An interdisciplinary Team solves the problem. Deliver something of va…

What is the role of a Business Analyst in Scrum?

When I teach a CSM class, my goal is that my participants go home delighted (and of course that they learn about Scrum, that they are motivated to do Scrum, and can pass the online CSM exam). So after every class, I ask for feedback, in particular what could I do to get a better score. And for the next class, I strive to implement or address two or three of the points raised by my participants.

One issue that was raised was unanswered questions. It is annoying to ask questions and not get answers! Time is limited, so it is not always possible to answer all questions, so I thought, why not answer them on my blog? So here goes, first question:
What is the role of a Business Analyst in Scrum? This question is a challenge because Scrum doesn't answer this question! Scrum is a simple, team-based framework for solving complex problems. The roles and ceremonies in Scrum are designed to ensure that inspect and adapt can occur regularly with complete and correct information. Scrum does not…