Project risk should form part of project control and should be proactively managed by the project manager and the use of risk management so that they can be either prevented or decreased; often up to 90 percent.
An individual or an organization who does not want to take risks is said to be risk averse.
PMBOK Risk management includes:
- Planning for risk management
- Identifying risks
- Qualitative analysis
- Quantitative analysis
- Planning responses
The purpose of risk management is to increase the probability and impact of positive events, and decrease the probability and impact of negative events on the project.
Projects bread uncertainty because they are about delivering change.
PMBOK Risk Definition
A PMBOK Risk is an uncertain event or condition that, if it occurs, has a positive or negative effect on the projects objectives.
A Threat is a situation or condition that is unfavorable to the project and may be:
- A negative circumstance
- A risk with a negative impact
- A negative set of events
- A possibility for negative changes
An Opportunity is a situation or condition that is favorable to the project and may be:
- A positive circumstance
- A risk with a positive impact
- A positive set of events
- A possibility for positive changes
Uncertainty is a lack of knowledge about an event that reduces confidence in conclusions drawn from the data.
Examples of PMBOK risk uncertainty might be:
- Work effort
- Quality requirements
Describing PMBOK Risk.
Risks are often WRONGLY stated as “there is a risk our project will overspend” This is not a statement of risk – rather a statement of the risk IMPACT. Without knowing the root cause of the risk, little can be done to manage it…
Consider this statement:
“due to the forecast of high winds in our area, there is a risk that the roof of the barn will blow off causing our cattle feed to be ruined and loss of our livestock”
This is an excellent statement since it includes the root cause (high winds), the area of risk (barn roof), and the impact (loss of livestock).
Other factors could include WHEN during the project, and the frequency of an individual risk.
PMBOK Risk Categories.
It makes good sense for an organization to keep lists of likely categories (particularly within their industry for example), and should be seen as an organizational asset. Such categories can be classified on many ways, and examples are:
- Customer satisfaction risk
- Quality risk Performance scope risk
- Resources risk
- Project management
- The suppliers
- Resistance to change
- Lack of knowledge of project management
- Stakeholder-caused risks
- Sponsor-caused risks
- Cultural risks
Checklist Analysis Risks are identified using one of the techniques previously described. The checklist is then used to make sure the risk identification process has addressed all the categories of risk.
Assumptions Analysis Analyzing what assumptions have been made on the project and if they are valid, used for the purpose of identifying more risks.
Diagramming Techniques These include cause and effect diagrams and flowcharts. When used as part of risk identification, they help identify additional risks.
PMBOK Risk Tolerances are the outer limit threshold areas of risk that are acceptable or unacceptable. Tolerance areas can include any component of the “triple constraint” as well as reputation and other intangibles that may affect the customer.
PMBOK Risk Information Gathering Techniques
- Brainstorming normally done in a meeting where one idea helps generate another.
- Delphi Technique an information gathering technique used to reach a consensus of experts on the subject.
- Expert Interviewing this consists of the team or project manager interviewing project participants, stakeholders or experts to identify risks on the project.
- Root cause analysis used to find the underlying source of a problem, and then to determine preventative actions.
- Strengths, weaknesses, opportunities and threats analysis (SWOT) This analysis looks at the project to identify these four areas and their related risks.
PMBOK Risk Register This is the main output and the place where most of the risk information is kept. It will be constantly updated with information as risk identification and later risk management processes are completed. The risk register becomes part of the project management plan and is also included in historical records which will be used for future projects.
For more information on passing your PMP Exam – CLICK HERE for my PMP Masterclass!