Episode 12 – Managing risk

Agile Plays

Episode 12 - Managing risk

Play Episode Pause Episode

Mute/Unmute Episode Rewind 10 Seconds 1x Fast Forward 30 seconds

00:00 / 16:47

Spotify

RSS Feed

Share

Link

Embed

Risk management has been a key part of project management since at least the 1950s with academic publications since Mehr and Hedges (1963). Now no-one would approach projects without a healthy amount of risk management. Let us look at how risk management in projects differs from Agile development.

This podcast is AI-generated based on material from the “Agile Plays” website and book.

Transcript

Hey there. Welcome to our deep dive into agile risk management. Absolutely. We're diving into how risk is handled in agile, especially compared to, those traditional project management methods. Ready?

It's a fascinating area, especially since agile and risk management, at first glance, seem almost contradictory. I can see that. Agile all about embracing change, while traditional risk management is about sticking to a plan. Right. One of our sources, the Agile Playbook, uses this great analogy.

In traditional project management, you have the, the iron triangle. Yes. The iron triangle of scope, time, and resources. Right. It kind of assumes you can define everything upfront and then manage any deviations from that initial plan.

But as we know, in the real world and especially in software development, things rarely go exactly to plan. Exactly. And that's where Agile comes in. Right? Yeah.

So how does risk management even work when you don't have this fixed plan to, to guide you? That's a really good question. While Agile may not have a fixed plan in the traditional sense, it doesn't mean we throw risk management out the window. Identifying potential risks initially is still incredibly valuable. It forces teams to think about challenges they might encounter.

Okay. That makes sense. But I'm still trying to wrap my head around how you manage risk when the plan is constantly evolving. I mean, isn't that the whole point of agile? Mhmm.

To be adaptable, responsive to change. It is. And this is where close collaboration with the customer becomes critical. Think of it as a feedback loop from the get go. Agile teams work closely with customers.

They constantly seek feedback and integrate new information. This helps them identify and address risks as they arise rather than waiting until they become big problems. So it's almost like agile risk management is less about predicting the future and more about being prepared to, to adjust to whatever comes your way. Yeah. That's a great way to put it.

It's about acknowledging that we can't foresee every risk, especially in a fast paced, ever changing environment like software development. Which brings us to emergent risk. Right? Risks that you simply can't anticipate at the start of a project. Exactly.

Traditional risk management often struggles with emergent risk because it's so focused on sticking to the plan. Yeah. Agile, on the other hand, is designed to handle these unexpected challenges. By working in short iterations, gathering feedback, and adapting continuously, agile teams can address emergent risks as they appear without, derailing the entire project. The, the agile playbook actually mentions an interesting analogy for this.

They compare an agile team to a rugby team, constantly adapting and adjusting their strategy based on the flow of the game. That's a powerful analogy. Agile teams like a rugby team are fluid and collaborative, always ready to pivot and change direction as needed to achieve their goal. It's less about a rigid plan and more about responding effectively to the, to the ever changing dynamics of the field. I see.

I see. This adaptability is fascinating, but it makes me wonder about another aspect of risk management, mitigating risk. How do agile teams actively reduce risk when they're not working from a fixed plan? That's where the agile principle of continuous improvement comes into play. Right.

Remember, in agile, we're not just delivering software. We're also constantly refining our processes. We're learning from our experiences. Yeah. And this learning is directly applied to risk management.

So it's about building in mechanisms to identify and address risks as you go along? Precisely. Agile methodologies, like scrum, have built in practices for this. Daily stand up meetings, sprint reviews, and retrospectives, these are all opportunities for the team to discuss what's working, what's not. Identifying potential risks or roadblocks, it's about creating a culture of open communication and continuous learning.

So it sounds like agile risk management is less about avoiding risk all together Mhmm. And more about having the agility to respond to it effectively. Exactly. And this is where the idea of the backlog comes in. The backlog, this prioritized list of tasks and features, is constantly being refined, reordered based on new information and emerging risks.

This allows agile teams to stay flexible, adapt to change without losing sight of the goals. You know, it's funny. You mentioned backlog, and I instantly think of this super modern tech savvy term. But the agile playbook points out its roots actually go way back. Oh, you're referring to that, that historical tidbit about medieval fuel management?

Exactly. Who would have thought that the way we manage work in software development today has something in common with how people manage fuel for fires centuries ago? It's a reminder that even seemingly modern concepts often have roots in the past. But what's fascinating here is how this historical practice sheds light on the core principles of agile risk management. I'm curious how so.

Think about it. In medieval times, they had to constantly replenish their fuel supply to keep the fire going. They couldn't just gather a huge pile of wood at the beginning and expect it to last. They had to adapt to changing conditions like weather, demand, and adjust their fuel management accordingly. You're right.

I see the connection. Just like those medieval folks had to manage their fuel supply to keep the fire burning, agile teams use the backlog to ensure a steady stream of work toward their goals, constantly adapting and replenishing based on evolving needs and priorities. Precisely. And this constant adaptation is central to how agile teams mitigate risk. By regularly reviewing, prioritizing the backlog, they can ensure they're focusing on the most important work while addressing potential risks as they emerge.

This idea of constant adaptation makes me think of something Henrik Nyberg wrote in the Agile playbook. He said that the key in agile isn't the process itself. It's the process for improving the process. That's a crucial point, and it's directly relevant to how agile teams manage risk. It's not about finding a perfect risk free plan.

It's about creating a system where you're constantly learning, adapting, and improving your approach to risk management. So it's about embracing the fact that you're gonna encounter risks along the way and having the, the mechanisms in place to address them effectively. Exactly. And that's where the agile values of transparency, inspection, and adaptation really shine. By openly discussing risks, regularly inspecting your processes, and being willing to adapt your approach, you create a more resilient and responsive development environment.

This is all incredibly insightful, but it raises another question. If agile teams are constantly adapting and responding to change, how do they ensure they're still delivering a high quality product? That's a great question and one that goes to the heart of how agile approaches quality assurance. It's easy to think that constant change might lead to compromises on quality, but that's not the case in agile. In fact, quality is baked into the agile approach from the very beginning.

That's interesting. The agile playbook actually dives into some history here, contrasting traditional scientific management with, a more collaborative management as a service model. Yeah. How does that relate to quality in agile? Well, traditional management with its top down approach often sees workers as just, cogs in a machine, agile flips that script, empowers individuals and teams, recognizing that the best solutions often emerge from collaboration, shared And when teams feel empowered and take ownership, quality naturally increases.

That makes a lot of sense. If you're invested in what you're building, you're gonna care more about how well it's built. The book also highlights the, the definition of done, this idea of being crystal clear about what finished actually means. It's not just about churning out code, is it? Absolutely not.

A robust definition of done encompasses everything required to deliver a high quality product. It might include things like thorough testing, proper documentation, even user feedback integration. It ensures that each piece of work is truly ready for the customer. So it's about building quality into the process from the start rather than trying to tack it on at the end. Precisely.

This ties into the concept of technical debt. You see, if teams are constantly cutting corners to meet deadlines, they accumulate this debt that will eventually need to be repaid often with interest. Yeah. It's like building a house on a shaky foundation. Eventually, it'll catch up with you.

Ouch. That sounds like a recipe for disaster down the line. You But I can see how the pressure to deliver quickly might lead to those shortcuts. It's a common pitfall, but the, agile playbook stresses the importance of actively managing technical debt. They suggest setting a budget for addressing it just like any other essential task.

That's a smart strategy. You're essentially acknowledging that maintaining a healthy code base is a crucial investment for the, the the long term success of the product. Exactly. And this proactive approach extends beyond the code itself. The book emphasizes dedicating time for personal development, learning new skills, improving existing ones, recognizing that the team's ability to deliver high quality work hinges on their individual growth.

It's like you said earlier, empowering individuals and teams. The Agile playbook even recommends using checklists to ensure quality, which at first glance seems a bit counterintuitive in a flexible environment like Agile. It's not about being rigid, but leveraging checklists as a tool for consistency, avoiding common mistakes. They even cite an example from Boeing back in 19 thirties, where checklists played a crucial role in preventing catastrophic accidents during test flights. It's a powerful reminder.

Even in complex, constantly evolving environments, checklists can be a valuable tool for maintaining a high level of quality. So we've talked about quality at the team level, but what about scaling agile risk management across an entire organization? How do you ensure everyone is aligned, working towards the same goals, especially when you have multiple teams working on different parts of a product? That's where the concept of value streams comes in. This is a crucial aspect of scaling agile and ensuring effective risk management across the organization.

Okay. I'm all ears. How do you go from these smaller self managing agile teams to a whole organization that's, that's successfully managing risk? Think of a value stream as the end to end flow of work that delivers value to the customer, encompassing everything from the initial idea to the final product in their hands. So it's about connecting the dots between individual teams, understanding the bigger picture of how value is created.

Exactly. And it involves identifying and managing potential risks and bottlenecks. Along that entire value stream, it requires a shift in thinking from individual team backlogs to a more holistic value stream backlog. That's starting to click for me. Instead of each team working in isolation, there's this shared understanding of all the work required to deliver the final product or service.

Precisely. This value stream backlog becomes the central hub, constantly refined and reordered based on changing priorities, emerging risks. It provides a comprehensive view of the entire development process, allowing for better risk identification and mitigation across the organization. This makes me wonder, with this value stream backlog approach, how does the role of the product owner evolve? It seems they become even more crucial in ensuring everything aligns with the overall, product vision and strategy.

You're absolutely right. The product owner becomes essential in managing this value stream backlog, ensuring it truly reflects the customer's needs and the strategic goals of the organization. They essentially become the conductor of the orchestra, guiding the entire development process to allow the intended value. That's a fantastic analogy. But all this raises another crucial question.

How do we actually measure success in agile risk management? I mean, traditional metrics like schedule adherence or budget variance don't seem to fully capture the essence of agile, do they? You've hit the nail on the head. Those traditional metrics, while important, don't tell the whole story in agile. We need different measures of success that align with the core values.

Adaptability, value delivery, and continuous improvement. So what are some of those alternative metrics? The, the Agile playbook touched on this. Recommending focusing on metrics that are directly linked to successful performance. Easy to measure without creating extra work for the team.

They suggest a concept called the engineering scorecard, inspired by the balanced scorecard to track progress in key areas. That's a great idea. It offers a more holistic view of performance rather than just looking at isolated metrics. Exactly. Some key areas they suggest focusing on are flow, quality, and value.

Flow refers to how smoothly work progresses through the system. Quality ensures the product meets the required standards. And value focuses on delivering the right features to the customer. So flow is about efficiency, quality is about meeting standards, and value is about delivering what the customer truly needs. Precisely.

They recommend metrics like cycle time and throughput to track flow and quality. And for measuring value, they suggest looking at the percentage of work directly contributing to the strategic goals of the organization. That makes sense. It ensures the team is focused on the work that truly matters. The work that will deliver the most value to the customer, align with the overall strategic goals.

Exactly. And the book even includes a compelling case study demonstrating how a company successfully used this engineering scorecard to track their progress and improve their agile risk management practices over over time. It's always great to see real world examples that makes these concepts much more tangible, actionable. Absolutely. It's inspiring to see how these principles can be applied in practice to drive tangible, measurable improvements.

We've covered a lot of ground here from the fundamentals of traditional risk management to the nuances of agile, from the importance of a clear definition of done to the power of value streams and measuring success. It's been a fascinating exploration, and I hope this has given you a deeper understanding of how agile risk management works and why it's so crucial in today's dynamic and ever evolving business landscape. Absolutely. But before we wrap up, there's one last point I wanted to touch on, something that the, the agile playbook hinted at but didn't fully explore. We've talked about how agile embraces change.

But if you're constantly adapting and refining, how do you ensure the final product truly aligns with that initial vision? How do you prevent, what's often called scope creep and stay focused on those core objectives? That's a crucial question, and it highlights one of the biggest challenges in agile risk management, finding that sweet spot between being flexible to respond to change while also staying true to the project's original purpose and direction. So how do you, how do you walk that tightrope? Are there any practical strategies to ensure that Agile doesn't just turn into a chaotic 3 for all?

One key strategy is establishing clear communication and alignment right from the start. Yeah. The product owner needs to deeply understand both the customer's needs and the organization's strategic goals. Then they need to effectively communicate that vision to the development team, make sure everyone's on the same page. So it's about setting clear expectations and boundaries upfront, even though, you know, those boundaries might, might need to shift as the project evolves.

Exactly. And it's about constantly revisiting those boundaries, checking in with the customer and stakeholders to make sure the product still meets their needs, aligns with the overall vision. Which brings us back to those feedback loops we discussed earlier, the daily scrum meetings, sprint reviews, and retrospectives. They're not just about spotting and addressing risks, but also about keeping the team on track, delivering the right value. Absolutely.

Those feedback loops act as a sort of safety net, helping to prevent the project from viewing too far off course. And they provide a platform for open communication where everyone feels comfortable raising concerns, suggesting adjustments as needed. It sounds like trust is essential here. Trusting the team to make the right decisions, trusting the product owner to effectively represent the, the customer's needs, and trusting the process to guide everyone towards a successful outcome. You've hit the nail on the head.

Without that foundation of trust, agile risk management simply won't work. It's about fostering an environment of collaboration, transparency, and shared responsibility. Well, this deep dive has really given us a lot to think about. It seems the key takeaways are embracing change, collaborating effectively, and building that strong foundation of trust. It's been a pleasure exploring these concepts with you.

Agile risk management is a fascinating and ever evolving field, and I hope our conversation has provided valuable insights for your work. Absolutely. We hope this deep dive into agile risk management has left you with a clear understanding of how to navigate this exciting and dynamic landscape. Thanks for joining us, and happy developing.