4 Tips for Developing a Risk Management Plan


Steven Covey introduced the concept of Quadrant II activities—working on things that are important but are not urgent. Planning is a powerful Quadrant II activity that can save you time and energy. Think about the future so you can make better decisions in the present. Let’s talk about how to plan your risk management.

two people developing a plan

First Things First

Some people think of risk management plans in the wrong way. Risk management plans are not a list of risks and how you plan to respond. That's your project risk register. Rather, this plan is your approach to risk management.

  • How do you plan to identify and evaluate risks?
  • How will you develop risk response plans?
  • When will you review risks and your risk management processes?
  • What are your risk thresholds?
  • How will you escalate issues?


Tips for Developing Your Plan


Review lessons learned, project charter, and the project management plan

I’ve said it before and I’ll say it again. Wise project managers learn from other projects, particularly similar projects. Take the time to review lessons learned from prior projects. What can you discover from previous approaches to risk management? Furthermore, if the lessons learned have not been documented, interview the project managers to obtain their insights.

Next, review the project charter. What are the key project deliverables? What are the top risks? Who are the key stakeholders?

Additionally, review the project management plan. Is there a fixed date for the project? Has the budget been set? Will procurements be required? What do we know about the scope of the project?

PMBOK® Guide – Sixth Edition, Page 401.


Determine what to include

Another Covey saying is, "Begin with the end in mind." What will your risk management plan include? Here are some common components:

  • Project risk background
  • Methodology
  • Roles and responsibilities
  • Timing of risk management activities
  • Risk categories
  • Risk attitude, appetite, and tolerance
  • Reporting format
  • Glossary 

Determine who will help develop the plan

There are subject matter experts (SMEs) inside and outside your organization that can help you develop your plan. Project managers can't know everything. For example, you may need expertise in:

  • Financial and accounting
  • Information technology
  • Design
  • Testing
  • Business analysis
  • Operations
  • Human resources
  • Auditing

Develop the plan

So, we’ve reviewed lessons learned, determined what to include in our plan, and determined who to engage in the development of the plan. Next, we actually develop the plan. This process may include:

  • Interviews
  • Meetings
  • Data analysis

I often have one meeting early in my projects to develop the risk management plan. Meeting participants include project team members, key stakeholders, and others outside the organization who may be impacted by the project.


How about you?

Not sure about the value of developing a risk management plan? Give it a try and see for yourself. Develop a risk management plan for one of your new projects. It does not have to be lengthy. Many of my risk management plans are a couple of pages in length. Click here to see an example. Focus on adding value.

Join the 21 Day Challenge

Risks derail projects. We make risk management easy to understand and practical to apply, putting you back in the driver's seat.

Spend five minutes per day for 21 days--discover practical risk management techniques that can help you turn uncertainty into success!

Plus, you'll get weekly project management tips.

Powered by ConvertKit

About the author 

Harry Hall

My name is Harry Hall and I'm the guy behind the projectriskcoach.com and the author of The Purpose Driven Project Manager. Risks can derail projects, resulting in challenged and sometimes failed projects. I make project risk management easy to understand and practical to apply, putting project managers in drivers seat.

You may also like

7 Ways to Improve Project Estimates

How to Escalate Project Risks

What Project Managers Should Know About Monitoring Project Risks

{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}