Before we start working on becoming a risk management guru, let us first understand what it exactly means by risk. Risk is nothing but a quantifiable likelihood of loss or less than expected gains. Examples of risk can be credit risk, financial risk, income risk, event risk etc.

The process of accessing and quantifying business risks and taking measures to control or reduce them is termed as risk management. Risk management is a very critical part of planning for businesses. Risk can be managed for a project, a department or an organization as an entity. Irrespective of the entity type, the basic risk management process remains conceptually the same.

Preparing for PMP® Certification? Take this test to know where you stand!

Risk management is defined in ISO 31000 as the effect of uncertainty on objectives, whether positive or negative. The risk management process start with the identification of the acceptable risk level of the entity in question. A risk and threat analysis needs to be done to know the legal and regulatory requirements, drivers and objectives of the entity.

It is observed that a good risk management process with a strong project management practice decreases risk by 80 to 90 percent. To do a risk and threat analysis, first list down all potential risk items. Now assess the probability or likelihood and impact of each risk item in the list. This can be done by assessing the risk on a scale of 1 to 5 and the impact of that risk. Prioritize the risk list to identify what is more critical.  It is now time to identify measures to counter calculated risks. Identify the root cause and the downstream effect of all the high risk items in the list.

Overall threat of risk = Probability * Impact

Focus on the high threat risks. A cost benefit analysis is now done to decide on what to do with those risks:

  • Mitigate: Risk mitigation involves performing actions and activities ahead of time to either prevent a risk from occurring or minimizing its impact.
  • Avoid: Avoidance is to prevent from taking actions that increase threat too must to justify the benefit.
  • Accept: All risks that are accepted must be monitored periodically to assess any change in impact or probability which might require attention.
  • Transfer: Transfer keeps the risk intact but transfers responsibility elsewhere. Insurance is a very common way of doing it.

It is very important to do risk contingency planning. Contingency planning involves creating fallback plans in case efforts to prevent a risk fail.

Risks must be tracked and monitored on periodic basis to evaluate the effectiveness of risk handling actions against calculated metrics of its probability and impact. Risk and issue tracker helps reduce the adverse effects proactively. The risk management plan thus helps with response plans to mitigate risks at any point of time. Time frames for review of risks must be mentioned as a part of the risk management plan. Learning from the risk management process must be shared with the quality assurance team to capture knowledge and best practices as a part of the risk knowledge base for the future.

The Risk Management Framework thus is a step by step process of categorizing, selecting, implementing, assessing, authorizing and monitoring risks & their controls. Creating and following a framework for risk management defines the overall approach for decision making.

I hope you know enough about risk management to be able to understand the importance of identification, assessment, prioritization and managing risk.

 

PMP is a registered trademark of the Project Management Institute, Inc. 

About the Author

Priyanka MehtaPriyanka Mehta

Priyanka Mehta is PMP, ITIL, Six Sigma Green Belt and CLP Certified professional with over 14 years of extensive experience in the areas of IT Application Planning, Project/Program Management, Service Delivery Operations & Team Management.

View More

Find PMP® Certification Training in these cities

PMP Certification Training Course in AtlantaPMP Certification Training Course in AustinPMP Certification Training Course in BostonPMP Certification Training Course in CharlottePMP Certification Training Course in ChicagoPMP Certification Training Course in ClevelandPMP Certification Training Course in DallasPMP Certification Training Course in DenverPMP Certification Training Course in DetroitPMP Certification Training Course in FargoPMP Certification Training Course in HoustonPMP Certification Training Course in IrvingPMP Certification Training Course in Jersey cityPMP Certification Training Course in Las VegasPMP Certification Training Course in Los AngelesPMP Certification Training Course in MiamiPMP Certification Training Course in Mountain ViewPMP Certification Training Course in NashvillePMP Certification Training Course in New York CityPMP Certification Training Course in Orange CountyPMP Certification Training Course in OrlandoPMP Certification Training Course in PhiladelphiaPMP Certification Training Course in PhoenixPMP Certification Training Course in PittsburghPMP Certification Training Course in PleasantonPMP Certification Training Course in PortlandPMP Certification Training Course in RaleighPMP Certification Training Course in RochesterPMP Certification Training Course in San DiegoPMP Certification Training Course in San FranciscoPMP Certification Training Course in San JosePMP Certification Training Course in SeattlePMP Certification Training Course TampaPMP Certification Training Course in Washington
  • Disclaimer
  • PMP, PMI, PMBOK, CAPM, PgMP, PfMP, ACP, PBA, RMP, SP, and OPM3 are registered marks of the Project Management Institute, Inc.