There are many approaches to project risk management planning, but essentially the risk management plan identifies the risks that can be defined at any stage of the project life cycle. The risk management plan evaluates identified risks and outlines mitigation actions. A risk management plan should be periodically updated and expanded throughout the life cycle of the project, as the project increases in complexity and risks become more defined.
Risk management ideally takes a project throughout the phases of risk identification, risk assessment and risk resolution. With the advancement in project management studies and techniques, risk management has taken a main place in the project life cycle; in most cases at the outset of the project itself.
How do you Plan your Risk Management?
The risk management plan should be a part of your overall project plan. The risk plan for smaller projects can be as simple as a risk management matrix. Complex projects require more thorough risk analysis and planning. For each risk outlined in the risk matrix you will want to create a thorough analysis for each.
The main goal of creating the risk matrix is to prioritize your risks. You will never be able to eliminate all risk, but you can prioritize and document risks to attempt to mitigate or eliminate them.
The risk management matrix will document the following items:
1. Risk and Consequences – Brainstorm risks before you being your project and continue adding to your risk management plan as the project moves throughout it's lifecycle. What risks can be associated with this project? Will the risks affect the schedule, resourcing or budget?
2. Probability – the table should contain a probability of the risk occuring. This can be a percentage or a number.
3. Impact – what is the impact to the project if the risk should occur? Build a scale appropriate for the project – smaller projects can use a simple impact of 1-5 (minimal to major) whereas larger projects may want a more formal scale.
4. Priority – Probablity * Impact will give you an idea of the priority of the risk. Higher priority items should be mitigated and planned for before lower priority items.
5. Mitigation Response – a brief overview of mitigation steps to eliminate or reduce the risk.
Example Risk Management Matrix
Start by building a six column table. The columns will be named after each of the five items in the previous section. The first column can simply be an ID column.
- Risks and Consequences
- Migitation Response
Risk Management in Action
Once you have your risk management plan outlined, you can start adding tasks to your project plan for helping mitigate or eliminate risk. In the example above, we can add tasks to our project plan for hiring an additional gardener and looking for a new subcontractor incase the current one doesn't work out.
Project Risk Management, with the help of the above mentioned factors and documents, depends primarily on the three major steps of Risk Identification, Risk Assessment and Risk Resolution. It is a sequential process which involves assessing and classifying risks using the PI-Matrix and the Decision Making Tree system.
Risk Management is an integral part of a project and is an ongoing process. When initiated at the beginning of a project, most risks may be identified and controlled or measures to counter act them may be developed such as involved with Change Management or Project Disaster Recovery.
Image Credit: Author, Amanda Dcosta