Project Risk Management
Project risk management is aimed a avoiding bad surprises once we start executing the project plan. During the creation of the project plan, we identify risk, analyses them and plan our action to avoid the risk, transfer it or implement a contingency plan if the risk occurs. After we have planned our risk management process for the project, we begin by identifying the risks that the project faces.
It’s important to remember that these risks can be adverse to the project in the sense of causing it to finish late or cost more.
Risk can also be positive or favorable in that is may let us deliver what’s expected for less cost and finish early. We do the risk identification process with the project manager, project sponsor, stakeholders and team members. Risk quantification is the process of evaluating the risks that have been identified and developing the data that will be needed for making decisions The objective of quantification is to establish a way of arranging the risks in the order of importance. In most projects there will not be enough time or money to take action against every risk that is identified.
Risk response development involves defining enhancement steps for opportunities and responses to threats. These generally fall into three categories • Avoidance – eliminating a specific threat, usually by eliminating the cause • Mitigation – reducing the expected monetary value of a risk event by reducing the probability of occurrence, reduce the risk event value, or both. • Acceptance – accepting the consequences. Risk response control is the process by which risks are kept in the forefront of management discussions and thus, reviewed on a cyclic basis.
Items that the risk register will hold in order to monitor and drive this process will include: • Outstanding action; • Action owner; • Action issue date; • Action status; • Action response; and • Action close-out date. The Risk Control Group will monitor the progress of the implementation of the agreed risk control measures. This will ensure that all risk control measures are incorporated efficiently and that any variations in the measure or any changes to the risk profile are identified and appropriate action is taken. The Risk Register will be a dynamic, growing document and will be updated, amended and revised on a regular basis.