People face risks in their everyday life. In a similar manner, project teams, companies, organizations, and even projects face risks in their life cycle. Based on the risk type and circumstances, they practice methods to overcome the risks. Project risk management is a significant process that aims to manage the risks and eliminate the destructive effects of them. Project risk management plans are the road maps that use techniques to response risks and issues. Basically, a project risk management plan defines processes and obligations to perform risk identification, risk analysis, risk response planning, and risk control activities regularly. This article answers the following questions: What is a project risk management plan? and How to Write a Project Risk Management Plan?
What is a Project Risk Management Plan ?
Before to answer “what is a project risk management plan ?” it is a good idea to define the concept “risk”.
In project management, risk is an unforeseen or unexpected situation that has the potential to affect your project’s objective. It may have positive or negative effects on your project’s goals.
The PMI’s PMBOK Guide defines the risk as an uncertain event or condition that, if it occurs, has a positive or negative effect on a project’s objectives.
Risk management is a process of identifying, assessing, prioritizing and responding to any risk that emerges over the life cycle of a project to assist the project meet its goal. It is not a process just for eliminating risk. A successful risk management process decreases the number and level of risks and minimizes the effects of them to complete the project successfully. A risk management plan is needed in order to manage the project’s risks.
The risk management plan is a document is an extensive document which describes how risk management will be managed throughout the project life cycle .
How to Write a Project Risk Management Plan ?
As mentioned above, the project risk management plan is an extensive document which involves processes. Below are the processes to be performed while creating a project risk management plan.
• Plan Risk Management
• Risk Identification
• Risk Analysis
• Risk Response Planning
• Risk Monitor and Control
Now let’s discuss each process in detail.
Plan Risk Management
Plan risk management process is the first process of a risk management plan. In the Plan Risk Management process, you define how the project team will conduct risk management activities throughout the project. You should also define the specific project artifacts, approaches, and organizational policies for risk management.
Project scope, cost management plan, schedule management plan, enterprise environmental factors and organizational process assets are the inputs of the plan risk management process.
Identifying risks or risk identification process is important to define and categorize your project’s risks. In the Risk Identification process, you should define how the project team will identify risk and document risk characteristics. You should also define the techniques how the project team will utilize to identify and characterize risks, for instance, brainstorming, assumption analysis, root cause analysis, expert judgment, etc.
Creating a risk register is a part of the risk identification process.
After the identification of all risks of a project, the next step is to analyze each risk using qualitative and quantitative risk analysis techniques. Probability of occurrence and level of impact are two criteria used for evaluating risks. Qualitative risk analysis process relies on determining probability occurrence and level of impact of each risk. On the other hand, quantitative risk analysis relies on numerical and statistical analysis. Expected monetary value, decision tree analysis, Monte Carlo Simulation techniques can be used for quantitative risk analysis.
Risk Response Planning
In the Risk Response Planning process, you should define how the project team will enhance options and take actions to minimize threats and develop opportunities for project goals. Risk response strategies for positive risks and negative risks are different. It is not possible to eliminate all the project risks.
Below risk response strategies can be used for positive risks
Below risk response strategies can be used for negative risks (or threats)
You should also determine the high-level risk response strategies the project team may use such as avoidance, acceptance, monitor and prepare, mitigation, transference, etc.
Risk Monitoring and Controlling
In the Risk Monitor and Control process, you should define how the project team will control identified risks, will identify new risks and will close outdated risks. Risk monitoring and control process is required to keep track of the risks.
It is not possible to identify all the risks during the planning phase. Therefore project team members should continue to identify new risks throughout the duration of the project. In this step also you should describe the communication line between the risk response owner and the project manager. Holding status meetings regularly helps to monitor and control risks effectively.
No matter how your project is planned or performed, it will face risks and unexpected events throughout it’s life cycle. So you need to develop strategies and plans to overcome the risks when they arise and take action to prevent them. Some risks may be negative and some of them may be positive. So you must develop your risk management strategy based on the risk type.
The risk management plan is a live project management document which should be prepared, updated and controlled throughout the life cycle of the project. It is an effective tool for project managers to identify, analyze, plan, and control potential risks. Every company should implement a risk management plan for success. In this article, we answered the following questions: What is project risk management plan? and How to Write a Project Risk Management Plan ? We hope that it will be useful for readers.
Francois Simosa is the head of training for the Gragados Training Associates, which provides special project management and risk management training programs.