For nine episodes, we've talked about how to use AI as a thinking partner.
How to prompt better. How to ask Socratic questions. How to
stop commanding AI and start coaching it.
That's half the story.
The other half is showing you what happens when you
actually build with it.
So for the next four episodes, we're changing gears. No more
theory. We're showing you what I've built—real agents, production systems,
tools running right now on real client projects.
And we're starting with the one that's most personal to me.
Her name is ARIA. The Advanced Risk Intelligence
Agent.
The Vision I Wrote in 2008
Back in 2008 and 2009, I wrote two books where I described
what I believed was the future of project management.
Not better Gantt charts. Not more sophisticated scheduling
algorithms.
I described systems—actual systems—that could
take everything we learned from completed projects and automatically apply them
to new ones.
Systems that could look at a project before it started and
say: "Based on everything we know, here's where you're going to
get into trouble."
I laid out a vision of organizational memory. A
database that captured not just what went wrong, but why it
went wrong, and how often that same pattern showed up across different
projects. A system that weighted lessons by severity and repeatability, so the
most dangerous patterns surfaced first.
People loved it.
Here's what killed it: the manual effort.
You needed someone to interview every project team member
after every project closed. Someone to categorize the lessons. Calculate the
weights. Update the database. Run the queries. Build the reports.
And when that person left? The system died with
them.
The theory was sound. The technology just wasn't there yet.
Fast forward to 2024. I'm watching large language models get
better and better at structured reasoning. And I realized something:
Technology finally caught up to the idea.
What you're about to see is what happens when you take that
2008 vision and rebuild it with AI.
The Problem We've Been Ignoring for Decades
Let me describe how most organizations handle project risk.
New project starts. You open the kickoff meeting. Someone
pulls up a risk register template—probably the same one that hasn't been
updated in 20 years.
You ask: "What could go wrong?"
Budget overruns. Scope creep. Resource constraints. Vendor
delays.
The usual suspects.
You assign probability scores. Low, medium, high. You assign
impact scores. You multiply them. You get a number. You use that number to
decide how much contingency to request.
And here's the question nobody ever asks: Where
did those scores come from?
They came from someone's gut. Someone's intuition. Maybe
someone who's been around long enough to remember a similar project. Maybe
someone who's new and has no idea—they just pick medium because it feels safe.
And when the project closes—whether it succeeds or fails
spectacularly—you do a lessons learned session. You write down what happened.
You file it away.
And six months later, when the next project starts, nobody
remembers any of it.
Right now, there are treasure troves of lessons learned
sitting in Excel documents and SharePoint folders. Untouched. Unleveraged.
Forgotten.
We've been doing this for decades. It's absolutely
insane.
What We Should Be Doing Instead
Here's the vision. Here's what ARIA makes real.
We should be capturing every variance that matters—every
schedule delay over a threshold, every cost overrun, every scope change that
rippled through the project.
We should be structuring that data. What was the
cause? What was the effect? What category does this belong to? How severe was
it? Has this pattern happened before?
And then, when a new project starts, we should be able to
say:
"This project shares characteristics with these five
historical engagements. Those projects had these specific failure patterns.
Based on that, here's your risk profile—not a guess, but a calculation."
That's exactly what ARIA does.
Why ARIA Is Different from Asking ChatGPT
You might be thinking: "Rick, I can already ask
ChatGPT about project risks."
Sure. And it'll give you a perfectly reasonable list pulled
from PMBOK and every PM article ever published on the internet.
But it won't know that your vendor management
process breaks down consistently on projects over $2 million.
It won't know that your design phase always runs 30%
longer than planned with remote teams.
It won't know that your change control process only
works when a specific executive sponsors it.
ARIA knows—because ARIA is built on your lessons
learned, your project history, your organization's
DNA.
This isn't AI giving you generic advice. This is AI
making your institutional memory operational.
And here's the part that changes everything for executive
conversations:
Instead of walking into a budget meeting and saying,
"We think we need a 15% contingency buffer because... it feels
right"—
You walk in and say:
"This project shares characteristics with 12
historical engagements in our database. Those engagements slipped an average of
68 business days, driven primarily by requirements and scope failures. Based on
that pattern, ARIA recommends a contingency of 129 business days and
approximately $1.43 million. Here's why."
That's not a guess. That's a defended position.
The Math Behind ARIA: PERT
ARIA is built on the PERT methodology—Program Evaluation and
Review Technique. This was developed by the US Navy in the 1950s during the
Polaris missile program. They needed a way to estimate completion times when
there was massive uncertainty.
Here's how it works:
For any risk exposure, you define three scenarios:
- Optimistic
(O): Best case. Risk doesn't materialize. Exposure = zero.
- Most
Likely (M): What you actually expect. ARIA uses a baseline of
five days.
- Pessimistic
(P): Worst case. ARIA pulls this from your historical
database—the actual delay when this risk materialized in
past projects.
Then you calculate:
Expected Value = (O + 4M + P) ÷ 6
This gives you a statistically sound estimate that accounts
for uncertainty. Not a wild guess. Not a simple average. A weighted
probability.
And then ARIA takes it further. She calculates exposure—the
combination of expected delay, probability you assign, impact you assign,
category weight, and how much your organization historically suffers from this
type of risk.
That exposure number, measured in both days and dollars, is
what ARIA uses to rank your risks and calculate your contingency.
And here's the beautiful part: When a project
closes and ARIA ingests the lessons learned, she updates the pessimistic
scenario values. The database learns. The next estimate gets smarter.
ARIA's Six Modes
Mode 1: Lessons Learned Ingestion The fuel that
powers everything else. Bring ARIA a completed project—closeout documents,
status reports, post-mortems. She extracts variances over your threshold,
structures them, asks you to confirm before writing to the database. No garbage
in, no garbage out.
Mode 2: Risk Assessment The flagship. A new
project starts, you give ARIA the basics, she runs your database against it
using fuzzy matching, scores the top 20 most relevant historical risks, asks
you two questions per risk (probability and impact), and generates a fully formatted
Excel workbook with an executive summary, risk register, and PERT calculations.
Presentation-ready in minutes.
Mode 3: Risk Coach Targeted guidance in the
moment. You come to ARIA with a question—"We're about to start vendor
negotiations. What should I watch for?"—or you feed her a status
report that feels off. She analyzes it against the database and gives you a
narrative memo: preventative questions, mitigation suggestions, early warning
indicators, evidence signals to monitor.
Mode 4: Project Closeout When a project ends,
ARIA walks you through a structured interview. What happened? Where did you
deviate? What caused the variances? She captures it, flags anything volatile
for the database, and ensures lessons actually get recorded for the next team.
This feeds Mode 1. It's a closed loop.
Mode 5: Project Health Check For projects going
sideways—or when leadership wants an honest read. ARIA analyzes your project
documents, tracks sentiment over time (are updates getting more hedged? is tone
shifting from confident to defensive?), and produces a color-coded assessment
across eight dimensions:
Schedule trajectory. Budget integrity. Scope stability. Team
dynamics. Stakeholder engagement. Risk posture. Delivery confidence. Process
adherence.
With course correction recommendations prioritized by
urgency.
Mode 6: Maintenance Behind-the-scenes database
management. Category weight updates, metadata management, quality control. The
housekeeping that keeps everything else trustworthy.
Watching It Work: A Live Risk Assessment
Let me show you what ARIA actually does.
The project: Dynamics 365 implementation for a
manufacturing client. 2.7M—a 22% reduction). Nine months. Fixed price.
Client wants a "like for like" replication of their current ERP. Thin
requirements.
I gave ARIA those details and let her run.
Within two minutes, before she even asked me a question,
ARIA flagged something:
"Two characteristics you've noted—a like-for-like
replication with thin requirements, combined with a fixed-price contract that
was cut 22%—align almost exactly with the single highest-severity record in the
entire database."
She had seen this before.
Then she loaded the questionnaire—12 risks, in batches of
five—each one with plain-language descriptions of what 0, 1, 2, and 3 mean, so
you're scoring with context, not guessing.
The first question referenced a real historical
engagement:
"An integrator never ran formal requirements
gathering and configured the ERP to mimic legacy green screen behavior. UAT
failed completely after two years. The systems integrator was removed. The
project slipped 240 business days."
Then it asked: Is this likely to happen on this project?
What's the impact if it does?
I scored it a 3 on both.
Four minutes later, ARIA generated the Excel workbook.
Executive Summary:
- Total
recommended contingency: 129 business days
- Confidence
band: 91 to 167 business days
- Contingency
dollar value: $1.43 million (approximately 68% of
contract value)
- Top 5
risks by exposure score
- Executive
narrative ready to present
PERT Calculations Tab: Full transparency. Every
risk, every scenario, every multiplier, every formula. No black box.
Risk Register: Full scored list with
probability, impact, exposure in days and dollars, source project references,
and AI-generated mitigation strategies.
That workbook was ready in under 10 minutes.
Not a template. Not a guess. A mathematically grounded,
historically evidenced risk assessment.
What This Really Means
For 30 years, I've been saying that project managers should
be dream makers—not administrators. That our job is to clear the path so teams
can do their best work.
ARIA takes one of the most time-consuming, highest-stakes
activities we do—risk management—and makes it faster, smarter, and grounded in
evidence.
That's time you get back.
Time to coach your team. Time to build stakeholder
relationships. Time to think instead of calculate.
And that defended contingency number? That's your
credibility.
Walking into an executive meeting and saying "here's
what the data says we need, and here's why" is a completely
different conversation from "I think we should add a buffer."
ARIA doesn't replace project managers. She amplifies us.
She gives us the organizational wisdom that used to walk out
the door every time someone retired or changed jobs. She is your organization's
memory—one that doesn't forget, doesn't get promoted, and gets smarter every
time a project closes.
This is what I described in 2008.
This is what technology finally let us build.
Next time: Meet Atlas—the estimation
engine. If ARIA protects you from risk on the back end, Atlas builds your
estimates on the front end with the same rigor. Practice libraries,
three-scenario PERT modeling, fully formatted Excel workbooks generated in
minutes. Production ready. Running on real engagements right now.
— Rick A. Morris
No comments:
Post a Comment