Select Page


What Is the Silver Lining for Projects?
By Marge Tam

The proverb “For every cloud there is a silver lining” can be interpreted as for every difficult situation there is some good to it. The proverb is of said to the person that would welcome such an encouragement during trying times, and the person is unable to see any positive way forward.

In the framework of Project Management, the Project Risk Management Process brings the silver lining to the uncertainties that come with managing anything that occurs in the future. Many people tie the word ‘risk’ with the negative connotation. However, according to the PMBOK, there are both negative and positive risks. The negative risk has potential impacts downstream to the overall health of the project projects such as project slip, budget overrun, and unsatisfied customers. While positive risks are essentially opportunities that brings about return on investment, increased revenue and overall process improvements.

One of the major issues with Project Risk Management is the thought of risks being mistaken to be the same as problems. Risks are all about managing future events, while problems are events that have already occurred. Therefore, managing problems would not be the same as managing risks. Project Risk Management Process when appropriately applied and implemented for specific organizations can turn negative risks into positive risks, therefore risks are turned into opportunities. Thus, the silver lining is being transformed from the cloud. This article focuses on managing the negative risks for the positive outcome, by understanding what Project Risk Management process is and how it can be tailored to fit the needs of each individual project.

Project Risk Management deals with processes that include identifying, assessing, and addressing project risks. Risk Management involves planning for future events, and not past events such as problem. Problem resolution would be addressed more appropriately with issue management. The Project Manager plays an important role in facilitating the implementation and execution of the entire Project Risk Management Process.

Risk Identification

A Risk Identification meeting would be led by the Project Manager to identify all potential risks to the project. Each risk attribute should be identified and described in a brief description. This can be recorded with flip charts, index cards, or post-it notes. For virtual teams, the risk attributes can be submitted via an on-line questionnaire. An on-line meeting can be held where input from the participants would be recorded. Once all the input has been gathered, the risk attributes would be entered into a spreadsheet and grouped to similar areas, with duplicate items removed.

Risk Assessment

This step involves understanding and prioritizing all the risk attributes gathered during the Risk Identification step, so that the project team can address the risks based on the priorities, and necessary work items be identified an included in the WBS and Project Plan.

Both the probability and impact of the risk are being assessed before the risk can be identified as a true risk for immediate attention.
The probability is the assessment of the chance of the risk from occurring, and the score of 1 to 10 can be assigned, with 1 being the lowest chance, and 10 being the highest chance for the risk to occurring.

The impact of the risk can be analyzed by the Quantitative Impact, meaning how much potential impact would there be in terms of project budget, schedule, resources, etc… These are measurable impacts based on numbers. For the Qualitative Impact, these are measured based on relative or description scales. For both Quantitative and Qualitative Impacts, they can be measured from a scale of 1 to 10, with 1 representing the lowest impact.
In order to obtain a score and the prioritization scheme for managing the risks, a risk score is assigned to each risk by multiplying the two numbers,
Risk Score = Probability x Impact (Qualitative or Quantitative).

The risks with the highest score will have the highest priority for addressing the risk, while risks with the score of zero will not require a full risk mitigation plan.

Risk Management Plan

Once the list of risks have been identified and analyzed, it would be tracked under a Risk Management Plan as listed below. Assign the top 5 to 10 risks with owners for resolution. Each risk will also have a risk reducing plan, for taking actions to reduce the probability of the risk. Each owner would then be responsible to identify the mitigation plan1 – Avoidance, Transfer or Acceptance of each risk. This can also be considered the contingency plan which includes actions to be executed in the event that the risk is triggered. All new tasks that have been created as a result of the Risk Management Plan would be included in the Project Plan for scheduling purposes.

Execute Risk Management Plan

When the Risk Management Plan has been completed, it will enter into monitoring mode. The risk triggers would be reviewed each week to determine whether a risk has occurred or might occur, and the appropriate actions to be followed up accordingly. When changes that impact budget, cost, or scope, this Project Management Risk Management process would be repeated to identify, analyze and address risks.

The next time that you come across a bump on the road when managing a challenging project, rethink how you are addressing the risk management plan on the project, and hopefully this will allow you to identify the silver lining behind the cloud that is preventing the project from achieving success.

1Mitigation Plan – involves coming up with a plan that describes the action to be taken in the event that the risk occurs, in order to minimize the potential impact. The following are the typical type of mitigation plans:

Avoidance – involves updating the project plan to remove the risk or condition such that the risk would be avoided, so that the project objectives are protected from any negative impact.

Transfer – this is the act of shifting the consequence of the risk to someone else, yet the risk is not completely eliminated.

Acceptance – understanding the risk and taking ownership of any consequences in the event that the risk is triggered.

Marge Tam, PMP started her career in technology where she practiced project management to deliver multi-million dollar initiatives with consistent on time, on budget and on scope performance. Her strong business acumen has allowed her to help organizations achieve return on investment through continuous process improvement, and innovative technology solutions. She gains tremendous stride in sharing industry best practices in Project Management as well as building high performance teams. Marge can be reached through this link,

Recommended PM App

Recommended PM App