There is some misconception on the role of risk buffer in price calculation. This misconception often results in price pressure for professional services offer.

Let’s get this sorted out.

Every service offer, bigger than a couple of man-days, has its risk to be on target during delivery. Even if we offer a man-pool, the risk is there. We talked about this on the previous snack.

To give more chances in being on target with project delivery, we calculate risk buffers. Typically risk buffer is calculated on top of the original workload (and other costs) for the scope or man day pool we offer.

In this sense, the risk buffer is always part of the cost side of the offer calculation.

And I mean the cost side. This is a fundamental assumption.

If we agree risk buffer is cost, then we agree we calculate gross margin on risk buffer as well to get to the final price.

This way we separate the cost of an offer from the margin and price of that offer.

The cost information with a risk buffer is our worst-case scenario simulation at the time we price the offer.

Agreeing to the above, the risk buffer should never be a trade-off of the offer price adjustments for customer expectations.

Unfortunately, we all have seen a lot of compromise here. Why?  Because risk is risk - there is no scope behind it. It is unnecessary overhead on price.

But, Is this so?

The proper approach is to define a risk buffer by having a risk definition review when estimating the proposal. Typically based on experience and lessons learned there is some degree of prediction of what could happen and what it is potential impact on project cost.

Although it is the most appropriate approach recommended by many methodologies, It is not always easy to apply in practice.

There are at least a few factors that make it harder. First, there may be not enough knowledge or experience available at the time we need to prepare the estimate.

Second, it is hard to assess the probability or impact of risk. Many times, those two obstacles drive very inaccurate risk definitions or even resign from it.

But if we go with this method, we should remember one good rule related to risk definition.

If risk estimation exceeds 50% probability - it should become part of the solid cost already.

The other approach is scoring the project on risk. It is as simple as defining the typical profiles of projects based on size, resource diversity, type of service, type of billing, customer familiarity, reusability of assets, any other factor relevant to our projects.

Based on the score we can select the level of risk buffer needed in percentage.

Now, when it comes to real values of the risk buffer, we may have a few ways we express it. It is either a specific value amount, % of cost (those w/o risk), or workload. The last one is not always practical as many risks are not workload related.

Ideally, we should have both value amount and percent information at hand.

But for our discussion let's focus on percent value.

What are the values we should consider for the risk buffer?

Regardless of the method, the risk buffer should fit between 5 and 25 percent of the cost (w/o risk buffer).

If the risk buffer is lower than 5% this is OK, but probably marginal to be helpful.

If the risk buffer is more than 25% of the cost, there is something not right with scoping, as risk is starting to dominate cost calculation. Of course, no one stops us to have this level of percent, but maybe some risk should be considered as a solid cost?

The other good check on the size of the risk buffer is to calculate how many average man-days it can cover and validate this against the total workload.

Can we cover the biggest individual risk impact with this buffer amount?  This is very useful proof to see the usefulness of the risk buffer.