Residual Risks vs Secondary Risks: What is the difference between risk and residual risk?

Residual Risks vs Secondary Risks examples infographic

Residual Risks vs Secondary Risks: What is the difference between risk and residual risk?

Residual Risks vs Secondary Risks – We have to face risks in our daily lives. In some cases, we try to avoid them. However, risks are inevitable situations that may affect our plans. The same goes for organizations and projects. Risks often increase the chance of injury or loss within the projects. However, a risk does not always have negative effects. Sometimes they may be positive. Positive risks have favorable impacts on project goals. Therefore project teams take actions to make them happen. Risks can also be categorized as identified and unidentified risks. Residual risks and secondary risks are the identified risks that you will create response plans to manage them if required. In this article, we will discuss residual (Residual Risks vs Secondary Risks) and secondary risks using examples.

Before to start, let’s take a glance at the basic risk management terms;

Risks vs Residual Risks vs Secondary Risks

A risk is an uncertain event or condition. If it occurs, it will affect the project objectives (or at least one project objective). Basically, risks can be divided into two main categories;

Positive risks are the opportunities that may have positive impacts on the project’s objectives. On the other hand, negative risks are threats that may have negative impacts on the project’s objectives.

Therefore, risk response strategies to deal with negative risks are different than the strategies for positive risks.

Below are the risk response strategies for negative risks

  1. Escalate
  2. Mitigate
  3. Transfer
  4. Avoid
  5. Accept

Below are the risk response strategies for positive risks

  1. • Escalate
  2. • Enhance
  3. • Exploit
  4. • Accept
  5. • Share

As you see, escalate and accept can be used to manage both positive and negative risks.

Risk is an important concept in project management. Therefore, project managers should be trained in risk management to keep the risks at a minimum level for their project’s health. They must think about all aspects of their projects.

Simply put, risk management involves identifying, analyzing, and responding processes throughout the project life cycle.

[vc_message message_box_color=”alert-warning” icon_type=”fontawesome” icon_fontawesome=”fas fa-paste” css=”.vc_custom_1704390974010{background-color: #fffddb !important;}”]

Facts:

  • Both residual risks and secondary risks are encountered in project management.
  • Risk management is the key to navigating project uncertainty and minimizing negative impacts.
  • Residual risks are inherent to the project and remain after implementing a risk management plan. Examples include weather delays or unexpected project scope changes.
  • Secondary risks arise as a consequence of the chosen risk response strategies for mitigating other risks. For instance, implementing a new work schedule to address delays could create safety hazards as a secondary risk.

[/vc_message]

1. Residual Risks vs. Secondary Risks: Navigate Project Uncertainty with Confidence

Every project faces uncertainty. Risk Management is your key to navigating these challenges. But understanding the difference between Residual Risks and Secondary Risks is crucial for effective mitigation strategies. Residual Risks are those that remain after implementing your Risk Management Plan. These inherent project risks, like weather delays, have been Identified, Assessed, and a response strategy like Acceptance has been chosen due to limitations.

Secondary Risks, on the other hand, are a whole new beast. They arise as a consequence of your chosen Risk Response Strategies. Imagine implementing a new work schedule to mitigate delays (your initial risk). This new schedule might create Secondary Risks like unforeseen safety hazards. These unforeseen consequences require additional Risk Management efforts.

By understanding the distinction between Residual Risks and Secondary Risks, you can proactively address both and ensure project success.

2. Tame the Project Unknown: Demystifying Residual vs. Secondary Risks

Don’t let project uncertainties keep you up at night! A solid grasp of Residual Risks and Secondary Risks empowers you to make informed decisions. Residual Risks are the inevitable challenges that remain after implementing your Risk Management Plan. Think of a budget overrun due to unexpected weather delays. This risk was Identified, Assessed, and due to limitations, Accepted as a potential cost.

Secondary Risks, however, are a different story. These new risks emerge as a result of your chosen Risk Response Strategies. For example, if you decide to mitigate delays by implementing a new work schedule, you might introduce Secondary Risks like increased worker fatigue or safety concerns. These unforeseen consequences require further Risk Management.

By understanding the difference between these two types of risks, you can proactively identify and address Secondary Risks before they derail your project.

3. Project Risks: Friend or Foe? Mastering Residual and Secondary Risks

Project risks – they’re not your enemy, but they do require careful management. Residual Risks are the inherent challenges that remain after implementing your Risk Management Plan. These risks, like project scope creep, have been Identified and Assessed, and a response strategy like Mitigation (reducing the impact) has been chosen.

Secondary Risks, however, are a byproduct of your chosen mitigation efforts. Imagine mitigating scope creep by breaking down the project into smaller tasks. This new approach might create Secondary Risks like communication breakdowns between teams managing smaller tasks. These unforeseen consequences require additional Risk Management measures.

By differentiating between Residual Risks and Secondary Risks, you can develop a comprehensive risk management plan that addresses both, ensuring a smooth and successful project journey.

Risk Management Terms and Short Definitions – projectcubicle

Secondary Risks

secondary risks-min

According to The PMBOK® Guide, Secondary Risks are the risks that arise as a direct outcome of implementing a risk response.

In other words, after a risk identification process, risk is identified and a response plan is created. After the implementation of the risk response plan, a new risk that may originate from the implementation is called a secondary risk.

For better understanding, let’s analyze the secondary risk example below.

Secondary Risk Example

Let’s assume that you are a project manager of a highway project. You excavated a trench to stop flowing rainwater on your worksite. However, there is a chance that during the night operations, a worker passing nearby may fall into the trench.

This is the secondary risk that may originate from the excavation of the trench.

Residual Risks

residual risks-min

According to The PMBOK® Guide, Residual Risks are the risks that are expected to remain after the planned responses of risk has been taken, as well as those that have been deliberately accepted. Also, as per the definition, residual risks are those that can be excepted after a risk response plan implementation. The limits of risk tolerance should be specified to decide if the amount of residual risk is acceptable or not. Also, if not, additional risk actions should be taken to minimize the effects of the risk.

For better understanding, let’s analyze the residual risk example.

Residual Risk Example

Let’s assume that you are a project manager of a bridge project and you have identified a risk that there is a chance of a storm in the next two days. Also, by analyzing the historical records, you determined the maximum storm surge height and created a contingency plan considering the records.

The case of occurring a higher storm surge height is your residual risk and you have to create a fallback plan to manage it.

What are the Differences Between Residual Risks and Secondary Risks?

Residual vs Secondary Risks Secondary Risks Residual Risks
Definition Arise as a direct outcome of implementing a risk response. Expected to remain after the planned response of risk has been taken
Action Required Not Always – It depends
Which Plan is Required? Response plan Contingency plan

Below are the differences between residual risks and secondary risks (Secondary Risk Example)

  • Secondary risks are those that arise as a direct outcome of implementing a risk response. Also, on the other hand, residual risks are expected to remain after the planned response of risk has been taken.
  • A contingency plan is used to manage primary or secondary risks. Also, fallback plan is used to manage residual risks. (Note that if an identified risk occurs, you will implement the contingency plan, and if it becomes ineffective, you will implement the fallback plan.)
  • Since the residual risks and secondary risks are identified risks, you will use the contingency reserve to manage them. (Not the management reserve because it is used for unidentified risks).
  • If the residual risks and secondary risks do not require a response plan, you will monitor them.

Residual Risk Example:

Project: Building a new bridge

Risk: Weather Delays

Scenario: During the construction of a new bridge, unexpected heavy rain and strong winds are identified as a potential risk (Risk Identification). The project team assesses the likelihood and impact of these delays (Risk Assessment). Due to the geographical location of the project and the nature of bridge construction, completely eliminating the possibility of weather delays might be impractical. Therefore, the chosen response strategy might be Acceptance.

Residual Risk: The project schedule includes a buffer period to account for potential weather delays. However, there’s still a chance that severe weather could cause delays exceeding the buffer period. This remaining risk, even after mitigation efforts (adding a buffer), is considered a Residual Risk.

Key Points:

  • Weather delays are inherent to construction projects in certain locations.
  • The project team actively manages the risk by including a buffer period.
  • The possibility of delays exceeding the buffer remains a Residual Risk.

Summary

Risk is any event or situation that can affect the project objectives. Also, risk management is an important step of project management that involves identifying, analyzing, assessing, controlling, avoiding, and minimizing risks. The risk identification process should consider residual risks and secondary risk example in order to avoid problems. Also, a response plan or a contingency plan should be created if they are major and effective. If they don’t require a response or a contingency plan, they should be monitored. The contingency reserve can be used to repair their potential damages.

According to the PMBOK Guide, Risk Management is one of the ten knowledge areas of project management. Therefore a project manager should be competent in risk management.

In this article, we discuss a few important risk management concepts. Also, we hope that they will be useful for the aspirants who will take the PMP Certification Exam. If you want to share anything, please use the comments section below.

See Also

Enhance risk response

External References

The impact of residual risk and resultant problems

Related posts


Leave a Comment