Poker Risk Management
Risk Poker Planning Poker is often used for agile approaches, such as scrum, in order to prepare an estimate relating to the size of the backlog items (for user stories for example). Major differences are often ascertained in respect to story points assigned by different participants. And that leads me to the poker analogy. Poker is an incredible game. It is about risk management and knowing when to go for it and when not to. So is the VC business. Early stage venture capital is a lot like poker. The first round is the ante. I think keeping the ante as low as possible is a good thing. The Risk Management function of the Back Office operations for Cybergaming works on solutions that an are built on a highly advanced device identification and reputation management platform to prevent online fraud, abusive behavior, and unauthorized access to online services.
- Poker Risk Management Definition
- Poker Risk Management
- Poker Risk Management Strategy
- Poker Risk Management Services
- Poker Risk Management Software
Time to read: 7 minutes (11 if you watch the video's also)
Often I hear people say that Scrum does not take care of risk: there is no risk log, risk is not on the agenda of the Sprint Review or Retrospective as a standard agenda-item. The Development Teams need to be accountable for the quality of the product and how it's made. That's a risk right there! If there is not one person accountable for quality, being on time, within budget, building the right thing... How is risk managed in Scrum?
I'll break it to you right away. Scrum is all about risk management. Ken Schwaber talks a little bit about it in this short video:
Risk is personal
First let's think about what risk actually means. According to the Oxford English Dictionary:
(Exposure to) the possibility of loss, injury, or other adverse or unwelcome circumstance; a chance or situation involving such a possibility.
That's a very broad definition. Reading it like this makes it also subject to personal interpretation. And I think we all look at risk a little bit different. Risk has also a lot to do with our own personal involvement. If someone I don't know will cross two buildings on just a rope without safety net, that's very risky for that person, but not for me.
That also relates to the work that we do. For some the same project or product outcome can hold far more risk for one than for others in the same project that we do.
Different types of risks
Within work related environments, we usually talk about:
- Financial risk - can we pay for it?
- Business risk - will it be used? Does it solve the problem?
- Technical risk - can it be made/build? (often in relation with finance, when a product becomes possible to build, but too expensive).
Controlling risk with Scrum
Scrum is a very good way of controlling risk in a number of ways. I'll elaborate on these different types of risk in the context of using Scrum.
Financial risk
When we are going to build a new product or change an existing one, we would like to know the costs of or change or innovation. Unfortunately, the complexity of the development of these products causes for great uncertainty and thus makes it difficult to estimate what the costs of a project will be upfront.
This often is a difficult subject for many, because the way we run projects (not using Scrum) is often first establishing scope, finances and resources (what we now call people). With Scrum, some say we skip that phase, but actually, we don't. We build it up empirically, because that's the best way to control the future in complex environments.
However, we are not giving anybody a blank cheque. We define clear roles and responsibilities.
We establish the role of the Product Owner. He or she is in control of the budget and planning of the product.
We establish a self-organizing Development Team of cross-functional professionals who can get the job done, from start to finish.
Poker Risk Management Definition
We ask a Scrum Master to facilitate this Scrum Team to encourage empirical process control and coaches this team to be a little bit better every day.
Poker Risk Management
Then we ask the team how long it will take them to validate the first wishes into a concrete result. The shorter the better, because that saves money, that might otherwise be wasted on building the wrong thing.
Often I advise sponsors of teams like this in an organization to fund just a couple of Sprints at first and look at the results after every Sprint. Have a conversation with the Product Owner and Development Team about the results and the return on investment. This means the costs are pretty predictable. It's the costs of the team + out of pocket expenses for these Sprints.
The sooner the first release goes out to the users, the sooner the financial risk decreases!
Business risk
Business risk is the risk of people (users) not actually using your product, thus not solving the problem that the product needed to fix in the first place. This happens all the time. And not because our teams are dumb or stubborn, but mostly because a customer really knows what he needs the moment he can actually use the product. Everything before that is useful (Product Backlog refinement, requirements engineering, talking to users, doing surveys etc.) but does not take away the risk of people not actually using your product. Look at this short clip to illustrate:
Within Scrum, the Product Owner's role is to keep in close contact with stakeholders and the Development Team, so the right thing will be build. Reviewing the releasable increment together with those stakeholders every Sprint and (to speak from Eric Ries perspective) pivot or persevere from there.
The Product Owner is not a business stakeholder, it's not an analyst. It's the business representative in the team to manage and monitor that business risk, to create the best possible outcome.
When I started using Scrum, I remember this was one of the key elements that I liked so much: there is no more 'us and them', we work collectively to solve business problems.
Technical risk
Poker Risk Management Strategy
Technical risk actually can be sub-divided into two categories:
- Can it be build with a good ROI?
- Can we maintain the product during and afterwards?
These are important questions to keep asking yourself along the product development effort. Everyday, decisions need to be made by the Development Team if the effort that is put into a certain feature is worth the value to the Product Owner. So communication is key here.
And in second part: being able to maintain the product. Always keep a scout's view on technical issues. What I mean by that is: whenever you encounter bad technical quality, make it (at least a little bit) better.
Now, again, 'done' comes into play here. Within Scrum, defining what is meant by 'done' is important to be in control of technical risk. This can enhance the quality and maintainability of the overall product.
Technical skills, tools and improvements can be adopted in a good definition of done. The right testing, validation, documentation etc. can reduce the technical risk.
Poker Risk Management Services
To conclude: the best way to reduce risk in general is: build potentially releasable increments for users.
I remember someone on LinkedIn mention:
The day we started to deliver, people stopt asking about our velocity.
Scrum values
I started out this article with the definition of risk and how subjective it can be. The Scrum values are extremely important to make sure that overall risk is transparant and dealt with at the right time, by the right person, with proportional effort.
Poker Risk Management Software
Take a couple of minutes to look at these values in respect to risk. What's the effect of these values on risk?
Complex environments are full of risks. You can fear them, analyze them, calculate them. Or you could build the product, inspect and adapt and deliver a done increment each Sprint.