Risk Management Terms & Risk Management Process
Risks are the unforeseen events that may have positive or negative effects on a project’s goals. These events may originate from various types of resources such as financial errors, poor management, security threats, accidents and severe climatic conditions. Many people think that risks have always negative effects to a project’s goal. However during a project’s life some positive risks which have positive effects on a project may occur. Risk management practices involves identification, assessment, and prioritization of risks throughout a project’s life cycle. This article reviews Risk Management Terms for conducting an efficient Risk Management Process.
Basic Steps of the Risk Management Process
Risk is a part of every task and delivery within a project. Project management team members usually start establishing a risk management process by analyzing the things that may go wrong. Because problems may inevitably arise from unexpected origins. In order to establish an effective risk management strategy, some basic steps must be followed.
The PMBOK Guide recommends below six processes for an effective risk management
- Analysis (Qualitative and Quantitative)
- Response Planning
- Monitoring and Controlling
A Short Definition of Risk Management Terms
There are several terms used to describe various steps of risk management. Sometimes professionals may confuse these terms. Below are some of the widely terms.
Issue is a risk that has already happened. In other words, risk is an event that has a potential to cause loss. On the other hand issue is a current problem.
Issue management is the practice of coping with current problems. Problem solving and decision making are the common techniques for issue management. However, risk management strategies (Acceptance, Avoidance, Reduction, Transfer, Sharing) are different than issue management strategies.
Known risks are the risks that can be identified and analyzed before their occurrence. For example one of your project’s main subcontractor terminated the agreement with you during a critical phase of the project. You analyzed this risk before it’s occurrence and bring another certified subcontractor for the same task quickly.
Contingency reserve is added to the project’s budget to manage known risks.
Unknown risks are the risks that cannot be identified and analyzed before their occurrence. A risk response planning is not possible to manage this kind of risks proactively. For example you are building a dam project and during the execution social events occured. Management reserve is added to the project’s budget to manage unknown risks.
Negative risks are the threats that have negative impacts on the project’s goals. Negative risks may cause time loss, money loss, stakeholder and customer dissatisfaction. To manage negative risks efficiently removes or minimizes their negative impacts.
For example a machine malfunction may slow down your productivity. If it happens you cannot complete the tasks on time.
Positive risks are the desired events or opportunities that have positive impacts on the project’s objectives. Project manager and stakeholders get satisfied in case of their occurrence. Increasing their probability of occurrence is a good risk response strategy.
For example your company is conducting a healtcare project. The client will pay bonus in case of early delivery. If it happens, your planned profit rate for this project will increase.
Residual risks are the risks or danger that remain after implementing a risk response plan. It is difficult to remove the risk completely so that the remained risk is deliberately accepted.
For example a transportation company reduces the the risk of an accident by improving the maintenance. However a residual risk remains due to the drivers fault.
Risk is an unforeseen or uncertain event and if it occurs, it will cause positive or negative impacts on the project’s objectives.
Risk management is a process of understanding and managing project risks in a proactive manner. Risk management involves strategies such as Acceptance, Avoidance, Reduction, Transfer and Sharing.
A risk owner is a person who manages monitors and controls the identified risks within a project. Also he is responsible for implementation of the risk response strategies.
In small and less complex projects, risk owner and the risk action owner can be the same person. In large and sophisticated projects, risk owner and the risk action owner are usually different.
Risk treshold is the amount of risk which an organization could accept. For example, a company has a policy that if a risk increases project’s direct costs not more than 5% is acceptable. However a percentage more than 5% is not a value that the company is willing to accept.
Risk tolerance is the degree of risk that an organization can accept (or absorb).
A risk trigger is an something that stimulates a risk to arise. For example poor maintenance is a risk trigger for machine malfunctions.
Secondary risk is a new risk that is occured as a result of risk treatments.
There are various terms used to describe concepts related with risk management. Understanding each risk management term helps to improve risk management processes within the organization. Effective risk management practices are helpful to determine a project’s strengths, weaknesses, opportunities and threats. In order to ensure your project’s success, plan how you will handle potential risks so you can determine and mitigate problems. For a successfull project management, risk management is critical, because most of the time risks trigger severe losses.