4 Tips for Developing a Risk Management Plan


  •  Minute Read

Steven Covey introduced the concept of Quadrant II activities—working on things that are important but are not urgent. Planning is a powerful Quadrant II activity that can save you time and energy. Think about the future so you can make better decisions in the present. Let’s talk about how to plan your risk management.

two people developing a plan

First Things First

Some people think of risk management plans in the wrong way. Risk management plans are not a list of risks and how you plan to respond. That's your project risk register. Rather, this plan is your approach to risk management.

  • How do you plan to identify and evaluate risks?
  • How will you develop risk response plans?
  • When will you review risks and your risk management processes?
  • What are your risk thresholds?
  • How will you escalate issues?

The Difference Between a Risk Management Plan and a Risk Register


Tips for Developing Your Plan


Review lessons learned, project charter, and the project management plan

I’ve said it before and I’ll say it again. Wise project managers learn from other projects, particularly similar projects. Take the time to review lessons learned from prior projects. What can you discover from previous approaches to risk management? Furthermore, if the lessons learned have not been documented, interview the project managers to obtain their insights.

Next, review the project charter. What are the key project deliverables? What are the top risks? Who are the key stakeholders?

Additionally, review the project management plan. Is there a fixed date for the project? Has the budget been set? Will procurements be required? What do we know about the scope of the project?

PMBOK® Guide – Sixth Edition, Page 401.


Determine what to include

Another Covey saying is, "Begin with the end in mind." What will your risk management plan include? Here are some common components:

  • Project risk background
  • Methodology
  • Roles and responsibilities
  • Timing of risk management activities
  • Risk categories
  • Risk attitude, appetite, and tolerance
  • Reporting format
  • Glossary 

Determine who will help develop the plan

There are subject matter experts (SMEs) inside and outside your organization that can help you develop your plan. Project managers can't know everything. For example, you may need expertise in:

  • Financial and accounting
  • Information technology
  • Design
  • Testing
  • Business analysis
  • Operations
  • Human resources
  • Auditing

Develop the plan

So, we’ve reviewed lessons learned, determined what to include in our plan, and determined who to engage in the development of the plan. Next, we actually develop the plan. This process may include:

  • Interviews
  • Meetings
  • Data analysis

I often have one meeting early in my projects to develop the risk management plan. Meeting participants include project team members, key stakeholders, and others outside the organization who may be impacted by the project.


How about you?

Not sure about the value of developing a risk management plan? Give it a try and see for yourself. Develop a risk management plan for one of your new projects. It does not have to be lengthy. Many of my risk management plans are a couple of pages in length. Click here to see an example. Focus on adding value.

You may also like