Architectures and Integration of Modern Enterprises
September 5, 2020
dr rocal 4140 discussion
September 5, 2020

Module 3 Reflection PRQ

Order Description
1.5 paragraphs for each reflection response. PC, VL and DA you did not have to research, make sure to reflect what you learned from PC, VL and DA. Labels “PC”, “VL”, & “DA” what you have learned.
PC – Module 3

If software subcontractor has filed for bankruptcy protection, I would inform senior management team immediately. At the same time I will access potential risks and create a risk management plan (RMP) to continuously communicate with management team when dealing with the case. And I am going to use the approach (PMBOK) to create the plan which is trying to minimize the consequence of adverse events by going through risk management process –identifying, analyzing and responding risks. First of all, I would define a risk management strategy. The strategy will be set up based on the principle of risk avoidance, transfer and migration. Secondly, I would to identify and analyze risks including both internal and external risks. Risk identification and analysis consist of determining which risks are likely to affect the project and documenting the characteristics of each one. The output of risk analysis document includes source of risk, potential risk events, risk symptoms and input to other processes. The key deliverable is a clear common understanding of threats and opportunities facing in our situation, which is an organized document in a concise statement that includes the context conditions and consequences of risk occurrence. Thirdly, a risk response plan will be created. The plan provides methods used to avoid, reduce, and control the probability of occurrence of the risk from both business and technical perspectives. Once the risk manage plan are created. we will review it frequently to re-check possible risks as some new risks may arise with fast changed environment.
Reference:
Merna, T., & Al-Thani, F. F. (2008). Corporate risk management. Chichester, England: Wiley.
David Iverson 2013 Strategic risk management : a practical guide to portfolio risk management Wiley

VL -Module 3
If the subcontractor of your software subcontractor has file bankruptcy protection, it is risk to the business.
If the Risk Management Plan (RMP) has defined this risk, it is Identified Risk. RMP will have risk response steps, we need to follow what’s defined in RMS.
If it an unidentified risk in RMP.
Identify the Risk
• Validate the risk.
• Consider response options.
• Identify and capture most significant most significant stake holders in risk management.
• Identify the projects and service components.
• Gather all information required to conduct risk analysis.
• Identify inherent risks in the projects.

After gathering all the above information it needs to be communicated with the highest level management to involve right people to evaluate the risk. RMP approach has to be transparent and when the risks are identified and prioritized information has to be shared across the board.
Involving the right people and making management aware of the risk puts management in a place to take the better decision.
Risk Quantification and Analysis:
Risk quantification and analysis involves evaluating risk and risk interactions to assess the range of possible outcomes. Identify the amount of the risk involved based on the information gathered in risk identification process, stake holders will be involved in this process.
Risk Response:
Based on quantification of risk,
• Alternative strategies will be defined for dealing with risk tasks.
• Strategies will be chosen for implementation of each case.

In short, in this scenario risk needs to be communicated to the management after validating and identifying the risk.
Reference: Corporate Risk Management (Second Edition) –Tony Merna Faisal F.Al-Thani
DA– Module 3
In case software subcontractor has filed for bankruptcy protection I would assume that the company involved has Risk Management integrated. If so, there should be a Risk Management Plan (RMP) available, that should contain risk register with relevant initial response opportunities. RMP also contain risk assessment information, mitigation actions and contingency plan. The manager, following the RMP should analyze the situation, gather all required information and call for a Risk Council to work on risk and it consequences reduction. As result of the Risk Council work there should be a report developed that contain information on actions to be taken (whether to accept, control, modify, transfer or eliminate the risk). Also relevant report should be communicated to the management board. There is a danger if the risk is not addressed in a holistic manner by the board, larger risk that is hard to define, such as corporate reputation, will not be properly addressed. (Merna, 2008). To prevent any stakeholders from surprise of the risk happened there should be permanent communication process established to review existing risks and address new ones.
Reference:
Merna, T., & Al-Thani, F. F. (2008). Corporate risk management. Chichester, England: Wiley.
10 Golden Rules of Project Risk Management. (n.d.). Retrieved February 02, 2016, from https://www.projectsmart.co.uk/10-golden-rules-of-project-risk-management.php