How to Create a Project Risk Management Plan

Most of your project problems can be avoided or greatly reduced through risk management. The simple act of identifying and discussing risks goes a long way towards reducing problems in your project. Let's look at how to develop a project risk management plan. As a bonus, I will provide a risk management plan example and a risk management plan template.

Here are some questions that we should answer in our plan:

  • How will you identify risks?
  • Who will be involved?
  • How often will you perform risk management activities?
  • What tools and techniques will you use?
  • Who will own the project risks

What is a Project Risk Management Plan?

The risk management plan is a plan that describes how a project manager will execute the risk management processes and the integration with other project activities. 

How to Get Started

As you start, it's a good idea to see whether organizational risk management assets are available. There is no need to reinvent the wheel. If you have a PMO, see if they have a risk management template. If not, check with other project managers.

Warning - do not use the same plan for every project. The template simply provides a starting point. Work with your team to right-size your risk management plan.

The risk management plan should be commensurate with the size and complexity of your project. That is, for simple projects, your risk management plan may be a page or two. For large, complex projects, the plan may be much longer.

Work with your team to ensure healthy discussion about how you will manage risks. Much of the value of the plan is not in the physical document - it's in the discussion and interaction with your team.

More...

“If you go to work on your goals, your goals will go to work on you. If you go to work on your plan, your plan will go to work on you. Whatever good things we build end up building us." —Jim Rohn

Click to Tweet

What to Include in Your Project Risk Management Plan

1. Project risk background

Describe how your project supports your company's strategic plan and why the project is important. Is this project like other projects the company has completed in the past or is this project out of the ordinary (and therefore riskier)? How complex is the project? What parts of the project are most risky? How much experience does the team have in managing risks?

2. Methodology

Describe the methods of how you will identify risks, assess risks, perform risk response planning, and monitor risks.

3. Roles and responsibilities

Who will perform which risk management activities? Consider designing a responsibility chart/matrix. List roles such as project manager, risk owner, project team, and stakeholders along with their responsibilities.

4. Timing

Define how often you will perform risk management activities. Standard practice is to review risks weekly during your project meetings. If you have an agile project, consider discussing risks for a couple of minutes in your daily stand-up meetings.

5. Risk categories

Define the categories of your risks. Standard categories include schedule, scope, quality, and budget. You may find a risk breakdown structure (RBS) in the organizational process assets that provide a longer list of categories and sub-categories. (Companies with strong risk governance may require that you use a standard set of risk categories.)

6. Definitions

Define risk management terms such as probability, impact, risk, issues, risk appetite, and risk tolerance. Defining probability and impact and your probability and impact scale (e.g., 1-10, 10 being highest) is critical to minimize bias in risk assessments/ratings.

7. Risk attitude, appetite, and tolerance

What is management's attitude toward risks in your project? Where do they want to take risks? Where are they risk adverse? How tolerant is the management of schedule slippage? Is a schedule slippage of two weeks okay? How about four weeks? How about cost variance tolerance?

8. Reporting format

What format will you use to report risks? What will you include?

Risk Management Plan Example

People learn much from examples. Therefore, take a look at this example of a risk management plan. As you can see, these plans don't have to be complicated or lengthy.

Other Project Risk Management Plan Components

For larger, more complex projects, you may wish to also include some of the following:

  • How will risks be recorded/captured? In a spreadsheet, in SharePoint, in a project management tool?
  • Will there be risk audits? If so, who will perform them? What is the purpose of the audits?
  • Who will be responsible for risk reassessments/reviews?
  • How will you calculate risk scores (e.g., probability x impact)?
  • Will there be go/no go decisions during the project? If so, when?
  • What tools and techniques will you use to identify risks, qualify risks, quantify risks, and monitor risks?
  • Will you quantify risks? If so, which ones? The highest risks?
  • How will lessons learned be documented? When? By whom? How will the lessons learned be shared with other project managers?
  • How will you determine whether the project is performing well? What metrics will be monitored?
  • Must organizational standards and policies such as an Enterprise Risk Management policy be followed? Who enforces this? How is the policy enforced?

Yes, it takes time to define a risk management plan. However, this may be the best investment in your project. Done properly, risk management saves time, reduces stress, and positions your team for success. Start with a solid foundation. Start with a well-defined, management-approved risk management plan.

Download the Risk Management Plan Template

Never created a project risk management plan? No problem. I've got you covered. Download my template. Feel free to modify the template to suit your needs.

Join the 21 Day Challenge

Feeling uncertain about the future of your projects? Not sure how to untangle the mess?

Spend five minutes per day for 21 days--discover practical risk management techniques that can help you turn uncertainty into success!

Plus, you'll get weekly project management tips.

Powered by ConvertKit