QUALITY SYSTEM ASSESSMENT

Enterprise Risk Management

1 SCOPE

Every IT services organization’s business growth depends primarily on successful management and
execution of large projects. This is especially true in case of new customers where relationship is
evolving and technology is relatively new to executing SBU. Such projects need specialized
facilitation and processes that should be applied from the project start. This document details the
facilitation provided to such critical projects under the Enterprise Risk Management framework.

These ERM processes supplement current PSSP facilitation. The ERM group provides support in risk
management. The risks can be mitigated with the help of various groups like Technical Architects of
the BUs, Estimation Focus Group, Design and Architecture Process Group of QDI and V&V CoE. The
responsibility to implement the recommendation lies with the BDO/PM.

Some projects may turn critical during execution because of unforeseen circumstances such as
unexpected load of change requests, replacement of client PL or Subject Matter Expert (SME) etc.
Hence critical project processes should be applicable to these projects as well.

Projects may be identified as critical during RFP stage or may become critical during their execution.
Both categories need special attention. This document explains the tasks that go into the successful
completion of any critical development project.

Enterprise Risk Management facilitation is applicable for all types of projects at Organization

2 PROCEDURE
2.1 Identification of Critical Projects
• In case of a New Project Critical Project Identification Questionnaire(which
contain Static and Dynamic questions based on the project types) is used in
additional to the risk management questionnaire
• In case of Active projects , ERM criteria which are stated below are used as input

• Additionally PMs, BDOs, Delivery Heads may also suggest projects as critical and
may seek ERM assistance

2.2 ERM facilitation activities performed at the start of the project are as follows:
• Designated ERM champion collects the following documents before the scheduled
ERM visit
• Proposal, SOW, Contract
• If required, Contact teams like Contracts, Business Finance Manager
• Risk questionnaire, ePMS CPSA Radar inputs like milestones and
questionnaire
• Any informal feedback about PM, BDO, Customer
• Meet the project team and get the inputs on the project progress. If required
contact BDO/ BU PMO for any inputs required
• Update the Quick Scanner with details received from the project visit. The Quick
Scanner would assist in qualitatively and quantitatively identifying the project
risk level

Page 1 of 2

Confidential
QUALITY SYSTEM ASSESSMENT

• The ERM activities performed during the course of the project depend on the
project risk level assigned to the project. As per the Risk Level the SLA needs to the
followed up.
1. In case of high risk projects, following activities are performed:
1. Detailed report prepared and sent to BDO.
2. ERM visits to be on weekly basis
3. BU Head, Delivery Head, and Management Committee is also
updated with high risk project details and progress
2. In case of medium risk projects, following activities are performed:
1. Detailed report prepared and sent to BDO.
2. ERM visits to be on a fortnightly basis
3. Delivery Head also updated with high risk project details and
progress
3. In case of Low risk projects, following activities are performed:
1. Quick Scanner required to be updated
2. ERM visits to be on a monthly basis
3. Projects get reported through the monthly dashboard

As per the Risk Level the SLA needs to the followed up.

• Risk Aggregation is also done by the ERM team on account and BU level.
• Every month’s individual BU dashboard are required to be archived by respective
ERM Champion in Archival folder on ERM portal

Page 2 of 2

Confidential