Many RFPs require narratives on the bidder’s understanding of risk and approach to risk management. Often, what bidders provide wouldn’t be out of place in a textbook: plain-vanilla risk management processes that lay out standard identification, assessment, and mitigation steps. Boring! Worse, they show no sign of being tailored for this scope of work: Indeed, they show no sign of ever having done this scope of work.
Now, granted, clients can do better than to ask about “approach.” But even if they do give you this fuzzy question, it’s not that hard to do a better response. Tips #1 to #4 are about thinking about risk from the client’s point of view. This tip is about being coherent in your risk response; that is, if you create a conceptual framework, using it in all questions that apply.
The RFP asked about risk management: two back-to-back questions in one section, and then again in another section.
Question #1 said, essentially, “How do you categorize risks?”
Question #2 said, essentially, “What risks do you see for this project?”
Question #3 said, essentially, “What risks do you see for this function?”
Using text copied/pasted from a corporate plan (because that glue tastes so good, I guess), Answer #1 was a textbook classification. Not wrong, you understand, but not super targeted.
Using text copied/pasted from another proposal for similar work, Answers #2 and #3 were much better targeted.
Hurray! Right? Well, maybe not.
Looked at together, the three answers had, essentially, no common ground. The classification framework introduced in Answer #1 was never used or even referred to again.
So. What does it mean to have a clever generic risk classification scheme that we don’t, you know, actually use in thinking about risks on actual projects or within specific functions?
Not much, I’d say.