Project risk management as simple as it may seem and less regarded by many is a key component for a better project plan, time management, cost estimation and project scheduling. Project risk management is a term that encompasses and involves all processes concerned with identification, analyzing and response to project risk. It also consists of maximizing the results of likely positive events and minimization of the impacts of negative events. An effective project execution is also achieved through inclusion of risk management at all stages of the project starting from the planning, to implementation and finally execution.
Experts have stated that a proper and strong project risk management process can reduce project problems by as much as 75 – 90%, combining it with concrete project management plans, defining a proper scope, managing change and communication, a good project risk management helps in reducing and eliminating surprises and unexpected project risks. A good project risk management process can also help with resolving problems when they occur.
Seven steps in project risk management process are:
- Step 1: this step states that everyone involved in the project planning process should list at least 10 possible risk items. This also helps tackle assumption because some risks that are believed to be known are often neglected and they end up occurring. Scope creep is a perfect example because even with a perfect management process, it could still arise and cause problems. It is best to tackle it rather than ignore it.
- Step 2: involves collection of all the listed risks and compiling them into a single list (master list) with duplicates removed.
- Step 3: assessment of the probability and impact of the risks outlined in the master list is the third step. This can be achieved by giving each risk a rating (numerically) or otherwise in order of vulnerability (low, medium, high). Detectability is also important because risks that are not detected or hard to detect e.g. scope creep are even more risky.
- Step 4: involves dividing the planning team into smaller groups and dividing the master list into portions and giving it to them. They are then to find out the warning signs for the risks. These warning signs (triggers) should be documented and none should be overlooked.
- Step 5: involves the small groups that identified the risks to also structure out preventive measures.
- Step 6: here, the small groups created from the planning team develop a “contingency plan” for majority of the risks. This plan should include response to be taken if a risk occurs. This is usually done for risks with high vulnerability so as to give room for proper management of the risk management process because if the risk management process takes a lot of time and couldn’t be executed, then it is a futile effort.
- Step 7: this is the final step in the risk management planning process. It involves giving each risk “an owner”. This owner is usually responsible for tackling the risk should it occur and utilizing the approved contingency plan. Though other members are advised to also be vigilant for all risks.
At the end of the above steps, a risk register is created. It is advisable to have this register in tabular format so that it could carry enough information on one page.