Project Management

Risk Management Plan

What Goes Into a Risk Management Plan?

Whenever I managed a project, I paid a lot of attention to the Risk Management Planning. PMI is working on a Standard for Risk Management which can tell you just how important it is to make or break a successful project. It is a subject worthy of an entire standard.

The things the Risk Management Plan includes are:

1.   Risk Management Planning – this is deciding how to approach, plan and execute the risk management activities for a project.

2.   Risk Identification – this determines which risks may affect the project and documenting their characteristics. Some risks are not important enough to do further work on them. This all depends on the risk tolerance of the Stakeholders. For example, if you were buying a car and identified the risks as having a major repair or replacing a tire, you may consider the risk of replacing a tire not to be of significant consequence to stop you from buying the car. If, however, you thing the risk of losing the engine block to be high, you would probably pass on the car.

3.   Qualitative Risk Analysis – this is the process of prioritizing risks for subsequent further analysis or action by accessing and combining their probability of occurrence and impact. In the car analogy, replacing the tire may have a high probability but a low impact. In this case, you may cease to analysis it further but perhaps put a budget contingency in for the possible replacement.

4.   Quantitative Risk Analysis – this is where you numerically analyze the effect on the overall project objectives of the identified risks.

5.   Risk Response Planning – for a subset of the identified risks, you develop options and actions to enhance opportunities, and to reduce threat to project objectives. Note: not all risks are bad. You may have a risk of getting increased resources.

6.   Risk Monitoring and Control – this is where you track identified risks, monitor residual risks (that may come from an action to reduce the primary risk), identify new risks, execute risk response plans and evaluate their effectiveness during the project life cycle.


These processes interact with each other and with the processes of the other knowledge areas. Each process can involve effort from one or more groups of team members based on the needs of the project. Processes in practice may overlap and interact in details not presented in this post. I will write a separate post talking about process interactions.



[i] Most of this information can be found in Guide to the Project Management Body of Knowledge (PMBOK Guide) 3rd addition. @2004 Project Management Institute, Four Campus Boulevard, Newton Square, PA 19703-3299 USA


September 28, 2008 - Posted by | PMP, Risk Management |

No comments yet.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: