Understanding Project Risk Management: A Comprehensive Guide

Students will gain an understanding of the nature of project risk and the type of issues the Project Director and Project Manager should review prior to their respective project phases commencing.

 

1.    A Message from Your lceted

2.    What is a Project Risk And Where Do They Exist

3.    Risk Identification

4.    Risk Assessment, Mitigation and Control Ownership

5.    The Risk Register – Structure & Function

6.    Examples of a Risk Register

7.    Summary from your lceted

 

A Message from Your lceted

When starting a new project - it is vital for the Project Director to identify and assess what could possibly go wrong during the life of the project and to identify what strategies and actions to put in place to reduce the impact of these risks should they eventuate.

 

Effective risk management will result in the project team and project stakeholders understanding which risks are the most significant and how they should be managed.  

 

Risk Analysis and Management is an essential project management activity that reduces the number of unexpected negative events during a project’s lifetime. and gives the project team the tools and strategies required to mitigate the impact of such events.

 

Let’s look at the process of risk management and a range of common project risks you as a Project Manager you would be accustomed to seeing in your project risk register.

 

What is a Project Risk And Where Do They Exist

They can be found in every aspect of a project and can occasionally originate from entirely external to the project and the project team's activities. Risks can be classified and ordered in a number of ways, but it can be helpful to use something like the PMBOK knowledge areas as a structure to focus attention across all aspects of the project.

No matter how rigorous the risk planning process is, not every risk will be identified, similarly not every risk identified will require its own management plan because it can be tracked and managed within normal project processes, such as project meetings.

 

Risk Identification

There will always be a risk that the Project Scope has not been resolved and scope creep or scope change will disrupt the delivery and impact on time and cost.

 

Similarly, it is rare for a project to not have risk exposure to time and cost. These standard risks are predictable and can usually be managed using routine project management procedures and protocols.

 

It is essential, however, for the Project Manager to also identify the risks that are unique to the project. These risks may need specialized assessment and management. These unique risks are usually identified through discussion with the broader project stakeholder group where specialist knowledge of the needs of the project leads to recognition of elements that potentially put the project at risk. This risk identification can occur through one-on-one discussion or through a risk management workshop that brings together all project stakeholders to review the project objectives and the issues that potentially impact its success.

 

Using the PMBOK knowledge areas as a structure for discussion helps to focus attention across all aspects of project delivery.

 

Risk Assessment, Mitigation and Control Ownership

Risk assessment is measuring the likelihood of something occurring and the impact of the issue on the project if/when it occurs.

This assessment will determine whether specific action will be required to avoid its occurrence or reduce its impact.

 

The action taken to limit the occurrence and reduce the impact is also referred to as mitigation. Some mitigation actions are routine such as discussion of project safety and project progress at regular project meetings. Other risks will require their own management plans and specifically curated and reported activities.

While the Project Director and Project Manager must have general oversight across the entire risk profile, all project risks should have a designated control owner.

1.    The control owner is responsible for devising and activating the specific risk management protocols and for tracking and reporting on the outcomes.

2.    The control owner will depend on the nature of the risk and who within the stakeholder group is best able to understand and control that aspect of the project.

3.    The control owners will typically be line or discipline managers.

 

The Risk Register – Structure & Function

The risk register is used to list all of the identified project risks and to measure their likelihood and impact on the project.

The register records, in summary, form all the proposed actions to be taken to avoid a given risk or reduce its impact. The register provides a reference point for the whole project team and identifies who within the team is responsible for establishing and managing the controls.

The register provides at a glance an indication of which risks are a priority for the project and which require targeted management, and which can be managed under business-as-usual protocols.

The risk register is an essential reference document for periodic review of a project’s risk profile – reviewed typically at key project stage milestones. The review of the projects risk profile should assess:

1.    Whether the risk remains

2.    Whether there has been any change to likelihood or impact

3.    Whether the risk management strategies, controls and control ownership remain sufficient.

4.    Whether any new risks have emerged

 

Examples of a Risk Register

What follows is an example of a typical project risk register. 

Review each of the identified risks and consider: 

1.    What circumstances might cause the likelihood or impact to change and how that might drive the controls that need to be implemented?

2.    Whether any additional control activities could be employed to reduce the impact

3.    Who in the project team is best placed to own the risk and its controls.

4.    What would have happened to the project if this risk and its controls had not been made part of a risk management strategy?

 

Download the document by clicking the link below and supporting our work.

 

Summary from your lceted

Many of these risks are dealt with under business as usual processes – that’s why we have these routine processes. A project’s unique and technically specific risks are the ones most likely to catch the project team unaware. These risks can only be identified and assessed through broad engagement with all project stakeholders. It’s the Project Managers' responsibility to ensure that appropriate risk controls and control ownership are established. The risk management process will assist the project team deal with most eventualities.