Different people have different perceptions about risks. Some people want to avoid all risks and some always assume the best and don’t see any risks. It is important to establish a common Risk Strategy at the beginning of the project to ensure a common understanding and proper use of Risk Management. The project manager should determine the priorities with the project sponsor and then update the team.
Some benefits of Risk Management are:
- minimizes issues and surprises
- decreases probability of issues occurring
- increases probability of project success
- Business risk - normal business risk. e.g. Business conditions changes during the project or scope, time, budget for your project is changed
- Insurable risk - This could be e.g. Tornado. The risk should be avoided or at least the impact be reduced (e.g. buy insurance)
- Known risk - e.g. not enough resources available at a particular time to achieve project objectives
- Unknown risk - these risks are always there and you will have to deal with it
To make Risk Management successfull the Project Manager as well as the Project Team has to understand, accept and use the risk management process.
Please note that the Risk management process needs to be applied during all project stages
Example:
- Business requirements are submitted
- Risk Management determines risks associated with these business requirements- Project schedule is build
- Risk Management determines risks associated with the timeline, resources and effort Estimates
The Risk Management process contains the following 7 steps
1. Identify the risk (e.g. Expert interviews, brainstorming, questionnaires, etc.)
2. Analyze the risk (e.g. how likely is this risk? High/Medium/Low)
3. Prioritize the risk (e.g. what is more important to you scope, time or budget?)
4. Find an appropriate response to the risk (e.g.
- Accept the risk – if the risk can’t be avoided, minimized or transfer you will have to deal with this risk
- Minimize the risk – this means reducing the probability of this risk to occur or at least minimize the impact when it occurs. It’s important to note that the risk cannot be completely eliminated.
- Transfer the risk – in this case we shift the risk to another party but we do not eliminate the risk
- Avoid the risk – in this case the risk is eliminated. This means you know about this risk and can plan to avoid it.
6. Evaluate how the execution worked (review risks regularly, e.g. review how the risk probability was impacted etc.)
7. Document the results (e.g. this will provide valuable info for your lessons learned records)
Here is an example of a Risk Management Plan 
Column in Excel possible field values
Risk Status open, closed
Last Review date
Risk Description
Probability of Risk High, Medium, Low
Risk Impact High, Medium, Low – this is related to the
probability of the risk
Current status (compared to previous status) Better, Same, Worse
Risk Owner Name of Risk Owner Response Accept, Avoid, Transfer, Minimize
Notes Additional info’s regarding Response
