Risk Management Terms & Risk Management Process
Risks are the unforeseen events that may have positive or negative effects on a project’s goals. These events may originate from various types of resources such as financial errors, poor management, security threats, accidents, and severe climatic conditions. Many people think that risks have always negative effects to a project’s goal. However, during a project’s life, some positive risks which have positive effects on a project may occur. Risk management practices involve identification, assessment, and prioritization of risks throughout a project’s life cycle. This article reviews common Risk Management Terms for conducting an efficient Risk Management Process.
Basic Steps of the Risk Management Process
Risk is a part of every task and delivery within a project. Project management team members usually start establishing a risk management process by analyzing the things that may go wrong. Because problems may inevitably arise from unexpected origins. In order to establish an effective risk management strategy, some basic steps must be followed.
The PMBOK Guide recommends below six processes for an effective risk management
- Analysis (Qualitative and Quantitative)
- Response Planning
- Monitoring and Controlling
A Short Definition of Risk Management Terms
There are several terms used to describe various steps of risk management. Sometimes professionals may confuse these terms. Below are some of the widely used risk management terms.
Issue is a risk that has already happened. In other words, a risk is an event that has the potential to cause loss. On the other hand, issue is a current problem.
- Issue Management
Issue management is the practice of coping with current problems. Problem-solving and decision making are common techniques for issue management. However, risk management strategies (Acceptance, Avoidance, Reduction, Transfer, Sharing) are different than issue management strategies.
- Known Risks
Known risks are the risks that can be identified and analyzed before their occurrence. For example one of your project’s main subcontractor terminated the agreement with you during a critical phase of the project. You analyzed this risk before it’s occurrence and bring another certified subcontractor for the same task quickly.
The contingency reserve is added to the project’s budget to manage known risks.
- Unknown Risks
Unknown risks are the risks that cannot be identified and analyzed before their occurrence. A risk response planning is not possible to manage this kind of risks proactively. For example, you are building a dam project and during the execution of social events occurred. Management reserve is added to the project’s budget to manage unknown risks.
- Negative Risks
Negative risks are threats that have negative impacts on the project’s goals. Negative risks may cause time loss, money loss, stakeholder and customer dissatisfaction. To manage negative risks efficiently removes or minimizes their negative impacts.
For example, a machine malfunction may slow down your productivity. If it happens you cannot complete the tasks on time.
- Positive Risks
Positive risks are the desired events or opportunities that have positive impacts on the project’s objectives. Project manager and stakeholders get satisfied in case of their occurrence. Increasing their probability of occurrence is a good risk response strategy.
For example, your company is conducting a healthcare project. The client will pay a bonus in case of early delivery. If it happens, your planned profit rate for this project will increase.
- Residual Risk
Residual risks are the risks or danger that remain after implementing a risk response plan. It is difficult to remove the risk completely so that the remained risk is deliberately accepted.
For example, a transportation company reduces the risk of an accident by improving maintenance. However, a residual risk remains due to the driver’s fault.
Risk is an unforeseen or uncertain event and if it occurs, it will cause positive or negative impacts on the project’s objectives.
- Risk Management
Risk management is a process of understanding and managing project risks in a proactive manner. Risk management involves strategies such as Acceptance, Avoidance, Reduction, Transfer, and Sharing.
- Risk Owner
A risk owner is a person who manages monitors and controls the identified risks within a project. Also, he is responsible for the implementation of risk response strategies.
In small and less complex projects, risk owner and the risk action owner can be the same person. In large and sophisticated projects, risk owner and the risk action owner are usually different.
- Risk Threshold
Risk treshold is the amount of risk which an organization could accept. For example, a company has a policy that if risk increases project’s direct costs not more than 5% is acceptable. However, a percentage of more than 5% is not a value that the company is willing to accept.
- Risk Tolerance
Risk tolerance is the degree of risk that an organization can accept (or absorb).
- Risk Trigger
A risk trigger is something that stimulates a risk to arise. For example, poor maintenance is a risk trigger for machine malfunctions.
- Secondary Risk
A secondary risk is a new risk that is occurred as a result of risk treatments.
There are various terms used to describe concepts related to risk management. Understanding each risk management term helps to improve risk management processes within the organization. Effective risk management practices are helpful to determine a project’s strengths, weaknesses, opportunities, and threats. In order to ensure your project’s success, plan how you will handle potential risks so you can determine and mitigate problems. For successful project management, risk management is critical, because most of the time risks trigger severe losses. In this article, we review common risk management terms , if you want to add or share anything regarding the subject, please use the comments section.