Skip to main content

Who Manages Risk in a Scrum Project?

I'm not sure if there is a simple answer to that question. There are lots of different kinds of risk, so who manages what may well change over time.

Even before the team is founded or designated to the project, there is the sponsor. S/he may be the person with the vision, the instigator of the project, or s/he may just be the person with for the money. In either case, s/he is or will eventually designate the product owner, whose primary responsibility is financial.

I think it is legitimate for the project owner to ask risk oriented questions right at the beginning: What are the big risks in the projects? What will cost us money if they happen or if we don't prepare for them properly? How do we mitigate those risks, keep our options open, and handle the issues gracefully when they happen? Once the team is consituted, these are questions for them to think about as well.

There are many risks, some more likely than others. Some "risks" are not risks at all, they are certainties. Changing requirements is high on the list. Scrum embraces these risks as part of the process.

A classic risk question in any user facing application: 'What happens when the usability people decide they need to redesign the UI late in the game?' Call it a special case of changing requirements, but you don't want to caught without a solid test suite if you have have to completely refactor the back-end.

Other risks are more subtle. Teams or individuals that do not have the necessary training or that don't work well together will make slow progress. This can be seen in the Product Burndown Chart. The Product Owner will see quickly that he has a time/scope/money problem, but figuring out the cause will need support from Team and Scrum Master.

What I don't like to see in a bid is boiler-plate text which can be "safely" ignored during the actual project.

Once the team is constituted and an initial product backlog has been created, the P-O and the Scrum Master and maybe the team will get together to prioritize the stories. There are many ways to do this, including bang for the buck, value to the P-O, deal with hard problems first, put off difficult and unclear issues until later (when they are better understood)... And yes, some of the strategies are contradictory.

So somebody makes a decision, and that someone is the Product Owner.

The Scrum Master and Team should help the P-O optimally prioritize the backlog so minimize risks. The team can be particularly helpful with technical risks and the Scrum process should help identify blind spots. But since ROI is the responsibility of the P-O and the consequence of risk is cost, managing Risk is fundamentally the P-O's responsibility.

Comments

Popular posts from this blog

Scaling Scrum: SAFe, DAD, or LeSS?

Participants in last week's Scrum MasterClass wanted to evaluate approaches to scaling Scrum and Agile for their large enterprise. So I set out to review the available frameworks. Which one is best for your situation?

Recently a number of approaches have started gaining attention, including the Scaled Agile Framework ("SAFe") by Dean Leffingwell, Disciplined Agile Development (DAD), by Scott Ambler, and Large Scale Scrum (LeSS), by Craig Larman and Bas Vodde. (Follow the links for white papers or overviews of each approach).

How to compare these approaches? My starting point is Scrum in the team. Scrum has proven very effective at helping teams perform, even though it does not directly address the issues surrounding larger organizations and teams. An approach to scaling Scrum should not be inconsistent with Scrum itself.

Scrum implements a small number of principles and constraints: Inspect and Adapt. An interdisciplinary Team solves the problem. Deliver something of va…

Sample Definition of Done

Why does Scrum have a Definition of Done? Simple, everyone involved in the project needs to know and understand what Done means. Furthermore, Done should be really done, as in, 'there is nothing stopping us from earning value with this function, except maybe the go-ahead from the Product Owner. Consider the alternative:
Project Manager: Is this function done?
Developer: Yes
Project Manager: So we can ship it?
Developer: Well, No. It needs to be tested, and I need to write some documentation, but the code works, really. I tested it... (pause) ...on my machine. What's wrong with this exchange? To the developer and to the project manager, "done" means something rather different. To the developer in this case, done means: "I don't have to work on this piece of code any more (unless the tester tells me something is wrong)." The project leader is looking for a statement that the code is ready to ship.

At its most basic level, a definition of Done creates a sh…

Five Simple Questions To Determine If You Have the Agile Mindset

My company has started a top-down transition to Scrum and Kanban. Will that make us an Agile company? About 2 years ago, I attended a conference hosted by the Swiss Association for Quality on the topic of Agility. As a warm-up exercise, the participants were given the 4 values of the Agile Manifesto, then asked to arrange themselves in space. How Agile is your company? How Agile do you think it should be? Very Agile on left, very traditional on the right. There was a cluster of people standing well to the right of center. “Why are you standing on the right?” It turns out that they were all from the railway. “Our job is to run the trains on time.” They were uncertain whether this agility thing was really aligned with their purpose.
Is Agility limited to software? Steve Denning has collected the evidence and laid out the case that Agile is not limited to software, nor is it merely a process, nor is it something you can do with part of your time, nor is it something you can have your …