M3 Playbook > Phase 4: Migration > 4.2 Maintain and Execute Risk Processes
4.1 Monitor and Control Program Execution
4.3 Develop Operations and Maintenance (O&M) Governance
4.2 : Maintain and Execute Risk Processes
Program Management
Objective
Execute risk management processes to identify and mitigate risks and issues throughout the migration.
View Lessons LearnedRecommended Best Practices
-
Shared
Maintain and update Risk Management Plan as necessary
-
Shared
Develop and employ mitigation strategies continuously throughout the migration
-
Shared
Maintain / update Risks, Actions, Issues, and Decisions (RAID) Log mitigation status at regular cadence
-
Shared
Use leadership meetings to report risk mitigation activities, inform stakeholders, & make decisions
-
Shared
Perform Risk Assessment
4.2 Lessons Learned
- Maintain a risk management function within the PMO to coordinate all risk management activities across the customer and provider before migration
- Hold regular risk management meetings and include risk management into status reporting and escalation procedures. Include documentation of risks in RAID Log in order to facilitate communication of risks
- Maintain risk management roles and responsibilities for customer and provider team members and executives, and train team members on identifying and mitigating risks
Stakeholders
Recommended stakeholders, inputs, & outputs may vary by implementation; however, agencies that contributed to this Playbook reported these factors as increasing the likelihood of success.Customer
- Executive Sponsor
- Business Owner
- Program Manager
- Risk Manager
- PMO Lead
- PMO Team
Provider
- Executive Sponsor
- Business Owner
- Program Manager
- Risk Manager
- PMO Lead
- PMO Team
Inputs
- Governance Structure and Process
- Status Reports/Dashboards
- Independent Verification and Validation (IV&V) Plan
- Risk Management Plan
- Risks, Actions, Issues, & Decisions Log
