Most of your project problems can be avoided or greatly reduced through risk management. The simple act of identifying and discussing risks goes a long way towards reducing problems in your project.
Let's look at how to start the risk management process. Here are some questions that we should answer.
The risk management plan is a plan that describes how a project manager will execute the risk management processes and the integration with other project activities.
As you start, it's a good idea to see whether organizational risk management assets are available. There is no need to reinvent the wheel. If you have a PMO, see if they have a risk management template. If not, check with other project managers.
Warning - do not use the same plan for every project. The template simply provides a starting point. Work with your team to right-size your risk management plan.
The risk management plan should be commensurate with the size and complexity of your project. That is, for simple projects, your risk management plan may be a page or two. For large, complex projects, the plan may be much longer. Click here to see an example of a simple project.
Work with your team to ensure healthy discussion about how you will manage risks. Much of the value of the plan is not in the physical document - it's in the discussion and interaction with your team.
“If you go to work on your goals, your goals will go to work on you. If you go to work on your plan, your plan will go to work on you. Whatever good things we build end up building us." —Jim Rohn
Describe how your project supports your company's strategic plan and why the project is important. Is this project like other projects the company has completed in the past or is this project out of the ordinary (and therefore riskier)? How complex is the project? What parts of the project are most risky? How much experience does the team have in managing risks?
Describe the methods of how you will identify risks, assess risks, perform risk response planning, and monitor risks.
Who will perform which risk management activities? Consider designing a responsibility chart/matrix. List roles such as project manager, risk owner, project team, and stakeholders along with their responsibilities.
Define how often you will perform risk management activities. Standard practice is to review risks weekly during your project meetings. If you have an agile project, consider discussing risks for a couple of minutes in your daily stand-up meetings.
Define the categories of your risks. Standard categories include schedule, scope, quality, and budget. You may find a risk breakdown structure (RBS) in the organizational process assets that provide a longer list of categories and sub-categories. (Companies with strong risk governance may require that you use a standard set of risk categories.)
Define risk management terms such as probability, impact, risk, issues, risk appetite, and risk tolerance. Defining probability and impact and your probability and impact scale (e.g., 1-10, 10 being highest) is critical to minimize bias in risk assessments/ratings.
What is management's attitude toward risks in your project? Where do they want to take risks? Where are they risk adverse? How tolerant is the management of schedule slippage? Is a schedule slippage of two weeks okay? How about four weeks? How about cost variance tolerance?
What format will you use to report risks? What will you include?
For larger, more complex projects, you may wish to also include some of the following:
Yes, it takes time to define a risk management plan. However, this may be the best investment in your project. Done properly, risk management saves time, reduces stress, and positions your team for success. Start with a solid foundation. Start with a well-defined, management-approved risk management plan.
Never created a project risk management plan? No problem. I've got you covered. Download my template. Feel free to modify the template to suit your needs.
Feeling uncertain about the future of your projects? Not sure how to untangle the mess?
Spend five minutes per day for 21 days--discover practical risk management techniques that can help you turn uncertainty into success!
Plus, you'll get weekly project management tips.