Select Page


Project Management: Risk Assessment

Project Management: Risk Assessment
By Larry Gunter

In this article, I am recommending action for a project team to pursue when addressing risk management. This action includes steps necessary to handle project risks. The team’s objectives, risk process, activities and output are detailed out for this recommendation.

Team Objectives

The team objectives can be very broad topics to assess for risks. Many risk assessments that address the broad objectives, do not fully evaluate the cause which works to fulfill that objective. Risks to the mechanism of the objective is just as important to look for as evaluating the overall objectives (Gray & Larson, 2008, p. 200). It is important to evaluate the entire range of potential risks to the team’s objectives. Three team objectives should be evaluated using an impact scale.

Project Objectives

Low (1) to High (2) 1 2 3 4 5
Total Revenue – 100% 100 % loss – first 3 months < 75% loss – after first 6 months <50% loss after first 9 months <25% loss after first 11 months <0% loss after first 13 months
Special Offerings – (10 options available) Remove 1 offering Remove 3 offerings Remove 5 offerings Remove 8 offerings Remove 9 offerings
Quantity Produced – 100% Production reduced by <9% Production reduced by 10 – 20% Production reduced by 20 – 40% Production reduced by 40 – 60% Production by more than 60%

Risk Event Process

The process for handling risk events is a mathematical evaluation that estimates the impact of the risk events on the project. Read the Complete Article

Risk Management Strategies, Tools, and Techniques

Risk Management Strategies, Tools, and Techniques
By Kathie York

This essay is an excerpt from an assignment for the Assessing and Managing Project Risk course in my Master of Science in Project Management program. The tasks for this question were:

Describe, compare, contrast, and fully analyze the various strategies and tools/techniques for each of the six PMBOK risk management processes (for both negative and positive risks)

(In this document, negative risks are “risks.” Positive risks are “opportunities.”)

The six PMBOK risk processes are (from Chapter 11 of the Fourth Edition PMBOK):

  • 11.1 Plan Risk Management
  • 11.2 Identify Risks
  • 11.3 Perform Qualitative Risk Analysis
  • 11.4 Perform Quantitative Risk Analysis
  • 11.5 Plan Risk Responses
  • 11.6 Monitor and Control Risks

11.1 Plan Risk Management

The Risk Management Plan (RMP) is an overview of the entire risk process, initiated at the beginning of a project. It is usually completed during the planning phase. The project manager (PM), and other stakeholders as necessary to this project, help develop the plan. Read the Complete Article

Risk Planning in Project Management

Risk Planning in Project Management
By Keith MathisPM Expert Live

When taking on any endeavor, you have to be prepared for the inevitable risk that will arise. No project ever runs perfectly. Snags will arise. You need to be prepared for what you will do when the time comes or, even better, you need to know how to prevent as many hurdles as possible.

A risk is any uncertain event or condition that may take place. All risks have a cause and a consequence. However, not all risks are negative. Some risks may be an opportunity. There are six processes to follow when planning and managing risk.

Risk Management Planning

According to the A Guide to the Project Management Body of Knowledge – 3rd Edition (PMBOK®), “risk management planning is the process of deciding how to approach and plan the risk management activities for a project.” Whether you decide to identify risks before the project begins or in the middle, a Risk Management Plan should be drafted. Read the Complete Article

Managing Project Risks

Managing Project Risks (#28 in the Hut Introduction to Project Management)
By JISC infoNet

All projects bring with them an element of risk. In the best-planned projects there are uncertainties and unexpected events can always occur for example project staff might leave unexpectedly, the budget might suddenly be cut or a fire or theft might affect the project progress. The majority of risks are however related to the fact that your plan is based on estimates and they are therefore manageable. Risk management is a mechanism to help you to predict and deal with events that might prevent project outcomes being delivered on time.

Risk management is probably the single most important part of project management.

Identifying Project Risks

You will undertake an initial risk assessment as part of starting up the project. Basically you are asking the questions:

  • What could possibly happen to affect the project?
  • What is the likelihood of this happening?
Read the Complete Article

Root Cause Analysis in Project Management

Root Cause Analysis in Project Management
By Dave Nielsen

Root Cause Analysis (RCA) is typically associated with operational activities, but there is no reason that the practices that make this tool so effective in getting at the root cause of operational problems can’t be used to determine the cause of a project problem. The Root Cause Analysis method, when properly used, gives the project manager the ability to diagnose a problem that negatively impacted the project and remove it when it is first noticed. Lessons Learned is a similar tool, but is not designed to address one specific problem, nor is it designed to be used on the spot. RCA is one of a family of tools I’ll call “continuous improvement” tools because their purpose is to improve project performance and they can be used over and over.

Root Cause Analysis should be used when the project manager notices a problem in the project. Read the Complete Article

Project Risk and Risk Management

Project Risk and Risk Management
By David Litten

Whenever we undertake a project, risk is inevitable, since projects enable change – and whenever you have change, it introduces uncertainty and hence risk.

A risk is defined as an uncertain event which should it occur, will have an effect on the project meeting its objectives. These uncertain events can be positive in which case it would be called an Opportunity, when negative it is called a Threat. Both have the common thread of uncertainty.

When carrying out risk management, the purpose is to reduce the probability and impact of threats and to increase the probability of opportunities and/or their positive impact. It is helpful to consider that risk is “an event that may all may not occur in the future, but if it does occur it will have an impact on the project objectives“.

The Business Case will contain information weighing project cost and risk against the business benefits. Read the Complete Article

Risk Log / Risk Register

Risk Log / Risk Register
By The Office of Government Commerce – OGC, UK

Purpose of the Risk Log / Risk Register

The Risk log, in relation to a specific activity or plan (e.g. project), lists all the identified risks and the results of their analysis and evaluation. Information on the status of the risk is also included. Risk log is the PRINCE2™ term but this may also be known as a risk register.

These details can then be used to track and monitor their successful management as part of the activity to deliver the required, anticipated benefits.

Fitness for Purpose Checklist

  • Is the Risk log part of a framework for managing risk?
  • Does the status indicate whether action has been taken or is in a contingency plan?
  • Are the risks uniquely identified (including to which project they refer if the risk relates to a programme)?
  • Has each risk been allocated an owner?
Read the Complete Article

Importance of Risk Analysis in Project Management

Importance of Risk Analysis in Project Management
By Sam Zaydel

Lately, the focus in project management across industries has been put on Risk and ways of mitigating various risks, both known and unknown. And yet it seems that Risks and issues which arise from some of the known or unknown risks are a direct result of lack of adequate analysis being done, prior to the project moving into the design and build, or development, or engineering, or whatever you call the phase where actual work takes place. Analysis is one of the key pieces which, if not done with diligence and not given enough time will most often lead to problems, which in turn could cause a failure of a project.

A little background on why I believe Risk Management and Analysis should go hand in hand… Risks are something that we commonly have to deal on our projects. Let’s look at a dummy project and establish a scenario. Read the Complete Article

Quantitative Risk Analysis

Quantitative Risk Analysis (#5 in the series How To Effectively Manage Project Risks)
By Michael D. Taylor

Once the qualitative assessments of project risks are completed, the estimates can be examined to determine the magnitude of the risks. A technique that not only considers risk probability and risk consequence but also takes into account the project priorities is the “weighted risk factor (WRF)” technique. For each sets of project risks a WRF is calculated as follows:



  • “RF” means Risk Factor1 = (P+C) – (P x C), where P stands for Risk Probability, and C stands for Risk Consequence.
  • The value for weight (W) is dependent upon its project priority within the triple constraint.
  • W1, W2, and W3 are valued 0 through 1.0 depending on the priorities of the project, and together must sum to 1.0.

A completed WRF table might look like the following.

Weighted Risk Factor (WRF) Example

Weighted Risk Factor (WRF) Example

The question facing the risk management team is what to do with the results. Read the Complete Article

Qualitative Risk Analysis and the Risk Rating Matrix

Qualitative Risk Analysis and the Risk Rating Matrix
By Joseph Phillips

Once you’ve identified your risks, it’s time for qualitative risk analysis. Qualitative risk analysis qualifies the risks for in-depth analysis. Basically, you and the project team discuss the identified risks, the probabilities of those risks occurring, and their impact if the risks actually do occur.

The most common approach to this process is to create a risk rating matrix. Here’s a quick sample of a risk rating matrix using an ordinal scale:

Risk Impact Probability Score
Vendor Very high Medium High
Developer skills High Medium High
Firmware changes Medium Very low Low
Asteroid High Very low Low
Travel delays Low High Medium

Within your project, you have to determine which of these risks deserve additional analysis. Typically you’d say the risks with a medium score or higher should be taken seriously and are promoted to quantitative risk analysis. Read the Complete Article

Recommended PM App

Recommended PM App