Winston Churchill said, “True genius resides in the capacity for evaluation of uncertain, hazardous, and conflicting information.” In this article, I share 30 risk evaluation tips to help you tap into your genius. Enjoy!
- One of the top reasons for evaluating risks is to determine which risks are most significant.
- Always perform the qualitative risk assessment. The assessment is quick, but keep in mind –it’s also subjective.
- Determine if organizational assets such as a risk register template and probability/impact rating scale are available to jump-start your evaluation.
- Be sure to update the risk register each time you evaluate your risks.
- When evaluating each risk, consider the causal factors, the risk itself or uncertainty, and the impacts.
- Probability is the likelihood that a risk may occur.
- Impact is the effect or consequence on the project if the risk occurs.
- Multiply probability and impact to calculate a risk score (e.g., 4 x 5 = 20).
- Be sure to define your rating scales for probability and impact.
- Concerned with the velocity (e.g., time-to-impact) of your risks? Consider rating velocity along with probability and impact. Here is an example of how you can calculate a risk score using velocity: Risk Score = (Probability + Velocity) x Impact.
- Improve the quality of your risk information through interviews and workshops before evaluating your risks.
- There may be multiple causal factors for a single risk.
- There may be multiple impacts for a single risk.
- Some root causes are common to multiple risks. Responding to these root causes often provide high leverage.
- Look out for the high power/high influence stakeholders who wish to bias risk ratings for their own benefit.
- Beware – some individuals may be biased in their assessments because they lack an understanding of the risks. Educate stakeholders on the risks.
- Perform an assumption analysis before evaluating your risks.
- Not all bias is bad. For example, if the sponsor says that the budget is the most important priority, consider this factor in your ratings.
- Things change. Therefore, conduct periodic risk reviews.
- Consider evaluating your risks again when there are significant changes in the project or when you hit project milestones.
- Lots of small risks can create a large cumulative risk exposure.
- When multiple activities converge into a successor activity, the risk for the successor activity is greatly increased.
- Sum the individual risk scores to calculate the total project risk score. You may divide the project risk score by the number of risks to calculate the average risk score.
- Risks that may occur later in a project should be considered as a higher risk than the risks that may occur early in the project. Why? There is less response time, greater uncertainty, and greater impact.
- The same risk may occur multiple times in the same project. Should you use the same risk response? Yes, if the response plan is working. Look for ways to tweak the response for a one-two punch.
- Want a way to analyze risks at a higher level than the individual risks? Group risks by category (e.g., time, cost, scope, and quality). Sum and compare risk scores by category. How have the risk exposures in the categories changed from one risk review to the next risk review? Why did the exposures change?
- Determine high-priority risks. Define a risk threshold (e.g., risks with a risk score of X or higher).
- Be sure to involve appropriate stakeholders in the evaluation of your risks.
- Right size your risk evaluation process.
- Perform quantitative risk assessments when more detailed information is required for project decisions. Quantitative risk analysis is not always mandatory.
Join the 21 Day Challenge
Receive daily emails--learn to identify, evaluate, respond to, and control project risks.
Spend five minutes per day for 21 days--discover practical risk management techniques that can help you turn uncertainty into success!