M3 Playbook > Phase 4: Migration > 4.2 Maintain and Execute Risk Processes
4.1 Monitor and Control Program Execution
4.3 Develop Operations and Maintenance (O&M) Governance
4.2 Maintain and Execute Risk Processes
Program Management
Objective
Execute risk management processes to identify and mitigate risks and issues throughout the migration.
View Best PracticesTask Activities
-
Shared
Maintain and update Risk Management Plan as necessary
-
Shared
Develop and employ mitigation strategies continuously throughout the migration
-
Shared
Maintain and update Risks, Actions, Issues, and Decisions (RAID) Log with new risks and status of risk mitigation at a minimum of every 2 weeks throughout the migration
-
Shared
Report on new risk and ongoing risk mitigation activities in governance meetings and Status Reports/Dashboards, informing QSMOs as necessary
-
Shared
Perform M3 Risk Assessment
4.2 Best Practices
- Maintain a risk management function within the PMO to coordinate all risk management activities across the customer and provider before migration
- Hold regular risk management meetings and include risk management into status reporting and escalation procedures. Include documentation of risks in RAID Log in order to facilitate communication of risks
- Maintain risk management roles and responsibilities for customer and provider team members and executives, and train team members on identifying and mitigating risks
Stakeholders
Customer
- Executive Sponsor
- Business Owner
- Program Manager
- Risk Manager
- PMO Lead
- PMO Team
Provider
- Executive Sponsor
- Business Owner
- Program Manager
- Risk Manager
- PMO Lead
- PMO Team
Inputs
- Governance Structure and Process
- Status Reports/Dashboards
- Independent Verification and Validation (IV&V) Plan
- Risk Management Plan
- Risks, Actions, Issues, and Decisions (RAID) Log
