Project Risk Management
Project Risk Management
(Project Name)
Student Name
Walden University
Date
Table of Contents
Project Risk Management Approach 1
Project Risk Assessment ( Q ualitative ) 1
Project Risk Assessment ( Q uantitative ) 1
©2018 Walden University 2
Project Risk Management Approach
Project risk management planning involves deciding how risk management activities will be conducted over the life of a project. The output of project risk management planning is the project risk management plan. Risk management is an iterative process. The risk management plan should be updated when any substantial changes to the project are made and/or when a risk event occurs.
· Explain how risk management will be approached for the project. (3–4 paragraphs)
Project Risk Identification
Once the approach and process for managing project risk have been determined, it is time to identify potential project risks and document them in a risk register. It is helpful to think about possible sources or categories of project risk as a way to organize the risk list. It may not be possible to identify every risk that could occur during the project but risk management is an iterative process. Over the life of the project, risks will be reviewed often and the risk register will be updated as needed.
· Describe the process you will use to identify risks. Who will you include? When will you conduct these activities? How will you document the results? (3-4 paragraphs)
· Describe the source of project risks that you plan to use, such as weather, vendor, staffing, technology, etc. (2-3 paragraphs)
· Document project risks in the risk register in columns A-F.
Project Risk Assessment (Qualitative)
Once project risks have been identified, the project team must analyze them to try to determine the likelihood (probability) of occurrence and the effect to the project (impact) should a given risk event occur. All risk analysis begins with qualitative analysis. To ensure accuracy and completeness, the project team should study both the risk event itself and the interactions between risk events.
· Explain how risk measurement scales will be developed. Will you use a standard organizational set of measurements or define your own? (2–3 paragraphs)
· Explain how risks will be prioritized based on the defined qualitative measurement scales. (2–3 paragraphs)
· Document risk measurement scales and their meaning in the project risk register (in columns H–J). For example:
· What does a “2” mean for probability? Is that 20% or 20–40%?
· What does a “4” mean for impact? Is it (a) Project fails to meet one objective, or (b) Project exceeds budget or timeline by 20%?
Project Risk Assessment (Quantitative)
Once project risks have been qualitatively assessed, the project team must review those with the highest risk factor scores (probability x impact) and further analyze them using quantitative risk analysis methods. For this project:
· Use expected monetary value (EMV) as the quantitative method.
· Explain how risks will be prioritized based on the EMV method. (2–3 paragraphs)
· Document the EMV risk measurement information in the project risk register in column K.
Project Risk Response
Risk responses and action steps are defined during the risk response planning phase. Here the project team must plan the actions that will be taken should any identified risk actually materialize. This is typically done for some subset of the total population of risk issues identified—most likely those that are of the highest probability and/or impact. Risks can be both negative (threats) and positive (opportunities). The possible strategies for responding to negative risks include: avoid, transfer, mitigate, and accept. The possible strategies for responding to positive risks include: exploit, enhance, share, and accept.
· Summarize the approach for developing risk response strategies. For example, which risks will you first attempt to avoid? Will you do it based on the risk factor score (P*I) or EMV? (3–4 paragraphs)
· Describe the process you will use to determine risk triggers (the event that tells you that the risk event is imminent). (2–3 paragraphs)
· Document the risk triggers in the project risk register in column G.
· Document risk response strategies (plans) for each risk in the project risk register in columns L–M. The risk response strategies should be derived from the eight strategies from the PMBOK (PMBOK® Guide).
Risk Monitoring & Control
Risk monitoring and control is about ensuring that you are responding to risks as planned, identifying and planning response to newly identified risks, and reviewing and updating all contingency reserves (time and money). The risk management plan should include the steps, processes, or procedures that will be used to continually monitor and update the risk register throughout the life of the project.
· Describe the method(s) you will use to monitor if risks are being triggered. (2–3 paragraphs)
· Describe the method(s) you will use to identify and plan responses to newly identified risks. (2–3 paragraphs)
· Describe the method(s) you will use to review and update any contingency reserves. (2–3 paragraphs)
©2018 Walden University 2
Risk Register
Note: First line is an example. Delete it when creating your own risk register.
|
A |
B |
C |
D |
E |
F |
G |
H |
I |
J |
K |
L |
M |
|
Risk No. |
Risk Name |
Risk Event Description |
Risk Impact Description |
Risk Type |
Risk Source |
Risk Trigger |
Impact Score 1 to 5 |
Prob. Score 1 to 5 |
Risk Factor P*I |
EMV* |
Response Type
|
Response |
|
X |
Rain |
Rain on the day of the picnic reduces attendees. |
Result is a less festive event, reduced employee morale, and costs that can’t be reimbursed. |
Other |
Weather |
Chance of rain >=30% forecasted 7 days prior to picnic. |
4 |
2 |
8 |
$20,000 |
Mitigate |
Set up enough large tents to house all scheduled attendees. In addition to outdoor activities, plan indoor events or activities in tents. Encourage everyone to come rain or shine. |
|
1 |
|
|
|
|
|
|
|
|
|
|
|
|
|
2 |
|
|
|
|
|
|
|
|
|
|
|
|
|
3 |
|
|
|
|
|
|
|
|
|
|
|
|
|
4 |
|
|
|
|
|
|
|
|
|
|
|
|
|
5 |
|
|
|
|
|
|
|
|
|
|
|
|
|
6 |
|
|
|
|
|
|
|
|
|
|
|
|
|
7 |
|
|
|
|
|
|
|
|
|
|
|
|
|
8 |
|
|
|
|
|
|
|
|
|
|
|
|
|
9 |
|
|
|
|
|
|
|
|
|
|
|
|
|
10 |
|
|
|
|
|
|
|
|
|
|
|
|
*EMV = probability of risk event * cost/impact if it does occur. Example: If it rains, and we do nothing, people will not show up and we will lose our $100,000 that is due for payment to caterers, event planners, etc. With a 20% chance of rain, the EMV = $100,000 * 20% = $20,000. If we can mitigate the impact for less than $20,000, by implementing the response plan, it may be considered a good investment to do so.