Department of Defense Risk, Issue, and Opportunity Management Guide for Defense Acquisition Programs

Abstract

This guide is one of several Department of Defense (DoD) policy and guidance documents that address the Department's focus on risk management. As evidenced in these documents, the Department recognizes a significant relationship between effective risk management and program success. This guide builds from previous editions of the DoD Risk Management Guide but reflects revisions to emphasize managing not only program risks but also issues and opportunities. Department of Defense Instruction (DoDI) 5000.02, Operation of the Defense Acquisition System, requires program managers (PM) to implement effective risk management, noting the goal is to both mitigate risks and create opportunities for technology development outcomes that could have a positive impact on meeting performance objectives as well as thresholds. In 2015, the Under Secretary of Defense for Acquisition, Technology, and Logistics emphasized risk management as a focus of the DoD Better Buying Power initiative: Risk management is an endeavor that begins with requirements formulation and assessment, includes the planning and conducting of a technical risk reduction phase if needed, and strongly influences the structure of the development and test activities. Active risk management requires investment based on identification of where to best deploy scarce resources for the greatest impact on the program risk profile. PMs and staff should shape and control risk, not just observe progress and react to risks that are realized. Anticipating possible adverse events, evaluating probabilities of occurrence, understanding cost and schedule impacts, and deciding to take cost effective steps ahead of time to limit their impact if they occur is the essence of effective risk management. Risk management should occur throughout the lifecycle of the program and strategies should be adjusted as the risk profile changes. Risk management is an integral part of program management and systems engineering. A program must align risk appetite with organizational capacity to manage and handle risks and apply informed judgment to allocate limited resources to the best effect. Sound judgment to achieve this balance is at the core of program management. This guide asserts that risk, issue, and opportunity management should be forward-looking, structured, continuous, and informative. The management approaches must be tailored to the scope and complexity of each program's needs. Acquisition professionals may debate the best approach for managing risk, but they agree that effective qualitative and quantitative risk, issue, and opportunity management are critical to a program's success. Although this guide focuses primarily on the government program office, DoD recognizes that industry plays a central role in executing the management necessary for delivery of acquisition products. A close collaboration between government and industry is an essential ingredient of productive and economic risk, issue, and opportunity management. Government and industry may on occasion differ in the prioritization of risks, driven in part by differing perspectives or incentives. Nevertheless, a shared commitment to a disciplined process, realism, and openness to observations borne of knowledge, even when inconvenient, underpins the value of the collective effort. The guide is organized as follows: Section 1: Introduces the scope and changes in this revised edition of the guide. Section 2: Describes the planning and documentation of the program’s risk management process. Highlights planning as the first step in the risk management process. Section 3: Discusses the five steps in the risk management process: planning, identification, analysis, handling, and monitoring. Provides detailed guidance and examples to assist programs to build and customize the process. Section 4: Describes proactive risk management through integrating with other program management tools such as the Work Breakdown Structure (WBS), Integrated Master Plan (IMP), and Integrated Master Schedule (IMS). It also discusses other techniques and metrics such as schedule risk analysis(SRA), cost risk analysis (CRA), performance risk analysis (PRA), and Technical Performance Measures (TPM). Section 5: Defines the issue management process as a distinct and complementary management process. An issue is an event or situation with negative consequences that has already occurred or is certain to occur. This distinction between an issue and a risk differentiates how they are managed. Section 6: Describes the application of opportunity management including the similarities and differences between opportunity and risk management. The opportunity management process is examined for undertaking potential enhancements to a program so the PM and functional leads can identify and implement initiatives to yield improvements in the program’s cost, schedule, and/or performance baseline. Section 7: Highlights considerations to manage risks related to internal and external interfaces with interdependent programs. It discusses the different priorities of interdependent programs and techniques to manage and control cross-program risks. Appendixes: The appendixes provide additional information, lessons on common risks previously observed, templates, and a vignette that may help program offices manage risks, issues, and opportunities. Most sections also contain a text box with expectations that program office leadership should have in mind as they seek to improve the planning and execution of risk management processes and techniques.