Project risk is an uncertain event or condition that, if it occurs, has a positive or a negative effect on a project objective.
Risk management: Risk management is the systematic process of planning for, identifying, analyzing, responding to, and monitoring project risk. It involves processes, tools, and techniques that will help the project leader maximize the probability and consequences of positive events and minimize the probability and consequences of adverse events. Project risk management is most effective when performed early in the life of the project and is a continuing responsibility throughout the project.
Note: Geniusproject does not include the management of positive risks
The project risk management process helps project sponsors and teams make informed decisions regarding project alternatives. Risk management encourages the project team to take appropriate measures to minimize:
Adverse impacts to project scope, cost, and schedule. Management by crisis.
Risk identification: Risk identification involves identifying potential project risks and documenting their characteristics. Risk identification results in a deliverable; the project risk list.
Qualitative Risk Analysis: Qualitative risk analysis assesses the importance of the identified risks, and develops prioritized lists of these risks for further analysis or direct mitigation. The team assesses each identified risk for its probability of occurring and its impact on project objectives. Team members review the qualitative risk during the project’s lifecycle. When the team repeats qualitative analysis for individual risks, trends may emerge. These trends can indicate the need for more or less risk management action on particular risks, or whether a risk mitigation plan is working.
Risk Response Planning: Risk response planning focuses on the high-risk items evaluated in the qualitative risk analysis. It identifies and assigns parties to take responsibility for each risk response. This process ensures that each risk requiring a response has an owner. The project leader identifies the best strategy for each risk, and then designs specific actions to implement it. These strategies and actions include:
Avoidance. The team changes the project plan to eliminate the risk or to protect the project objectives from its impact. The team might achieve this by changing scope, adding time, or adding resources.
Mitigation. The team seeks to reduce the likelihood or consequences of a risk event to an acceptable threshold. They accomplish this via many different means that are specific to the project and the risk. Mitigation phases, although costly and time consuming, may still be preferred to going forward with the unmitigated risk.
Acceptance. The project leader and the project team decide to accept certain risks. They do not change the project plan to deal with a risk, or identify any response strategy other than agreeing to address the risk if and when it occurs.
Risk monitoring and control: Risk monitoring and control keeps track of the identified risks, residual risks, and new risks. It also ensures the execution of risk response plans, and evaluates their effectiveness. Risk monitoring and control continues throughout the
project life cycle. The list of project risks changes as the project matures, new risks develop, or anticipated risks disappear. Periodic project risk reviews repeat the tasks of identification, analysis, and response planning (see previous tasks). Risk ratings and prioritization commonly change during the project life cycle.
Choosing alternative response strategies. Implementing a contingency plan.
Taking corrective actions. Re-planning the project.