Project Risk Management Process

Introuction To Project Risk Management

A recent investigation into the recent rise in failed projects, financial meltdown and the deadly environmental hazards occurring globally have proved that non-inclusion of risk management in the planning and entire stage of the project, poor and total neglect of project risk management practices and overlooking minor risks account for majority of them.

Best services for writing your paper according to Trustpilot

Premium Partner
From $18.00 per page
4,8 / 5
Writers Experience
Recommended Service
From $13.90 per page
4,6 / 5
Writers Experience
From $20.00 per page
4,5 / 5
Writers Experience
* All Partners were chosen among 50+ writing services by our Customer Satisfaction Team

While experts have stated that a proper and strong project risk management process can reduce project problems by as much as 75 – 90%, combining it with concrete project management plans, defining a proper scope, managing change and communication, a good project risk management helps in reducing and eliminating surprises and unexpected project risks. A good project risk management process can also help with resolving problems when they occur.

To have a better understanding, ability to structure, implement and execute a good project risk management practice; we need to understand the processes involved in “PROJECT RISK MANAGEMENT” properly.

What Is Project Risk Management?

Project risk management according to the project management body of knowledge book, chapter 11, Pg. 111, it is a term that encompasses and involves all processes concerned with identification, analyzing and response to project risk. It also consists of maximizing the results of likely positive events and minimization of the impacts of negative events.

Also according to Vicki Wrona, a project management professional, before we begin a project risk management process, we must have a justified knowledge of major key definitions. Project risks according to the Project management institute perspective are “at their core, unknown events”. These events are often positive or negative. This makes “RISK”, neutral though most time is spent on tackling negative project risks (threats) rather than the positive (opportunities).

Processes Involved In Project Risk Management

A proper project risk management includes the following four processes: –

Risk identification
Risk quantification
Risk response development
Risk response control

These processes are often implemented with different names though they all arrive and achieve the same goal. Also they are often renamed and combined as stated below: –

Risk identification and quantification are often treated as a single process and the resultant process is called “risk analysis” or risk assessment. Risk response development is also often referred to as “” risk response planning and risk response development often referred to as “risk management”.

Whether they are referred to individually or collectively, they usually maintain their requirements, tools and output. A proper analysis of these processes is stated below.

Risk Identification

involves the identification and determination of the possible risks that are more likely to affect the project and properly documenting the properties and effect of each one. This process is not a “once in a project” affair. It is meant to be carried out regularly as long as the project is being carried out. It should also include both internal (activities that can be controlled or influenced by the project team such as cost estimation) and external (risks beyond the project team’s control such as business laws or government action) risk. Risk identification could be achieved by either identifying “causes and effects” (events likely to occur and what will be the result) or “effects and causes” (outcomes to be avoided or appreciated and method of occurrence).

Risk Quantification

This step involves evaluation of the risks identified in the first step and risk interactions to assess the range of possible project outcomes. Its primary aim is to determine which risks need response. It is complicated and affected by a number of factors but is not limited to them. They include: –

Threats and opportunities can interact in unforeseen ways such as regular delays could cause consideration of a new strategy thereby reducing total project duration.
A single risk could trigger multiple effects such as: – a late delivery of a vital part of the project could result in penalty (fines and payments), over run cost, delay in schedule and often a poor quality product.
Reduced cost may favor a stakeholder at the expense of the other. (opportunity for one, loss for the other).
Mathematical principles used may create a false impression and negatively affect reliability and precision.
Risk Response Development

This step in the project risk management activities involves clearly defining enhanced steps to utilize opportunities and respond to threats. Threat response usually fall into one of three categories:-

Avoidance which has to do with eliminating a threat by eliminating the cause. All risks cannot be eliminated but certain ones can often be eliminated.
Mitigation which deals with reducing the expected cost of a risk event by reducing the occurrence probability, buying insurance and using proven technology.
Acceptance which deals with acknowledging the occurrence of a risk and developing a plan to tackle the risk in cases when it occurs.
Risk Response Control

This step involves execution of the developed risk management plan in response to the risk events during the course of the project. Whenever there are changes made to the project, the first three risk management processes (identification, quantification and response) are repeated. It is a good practice to bear in mind that even the most comprehensive and thoughtfully structured analysis cannot point out all risks and likelihood of occurrence correctly. This makes the project risk management processes an activity to be repeated often.

After a clear definition of all the activities project risk management entails, it is best to have a “step-by-step” approach for proper execution of all involved activities as a (PROJECT RISK MANAGEMENT).

Project Risk Management Process

Vicky Wrona again outlined a possible “7 step” outline as a project risk management process. They are: –

Step 1: – this step states that everyone involved in the project planning process should list at least 10 possible risk items. This also helps tackle assumption because some risks that are believed to be known are often neglected and they end up occurring. Scope creep is a perfect example because even with a perfect management process, it could still arise and cause problems. It is best to tackle it rather than ignore it.

Step 2:- involves collection of all the listed risks and compiling them into a single list (master list) with duplicates removed.

Step 3: – assessment of the probability and impact of the risks outlined in the master list is the third step. This can be achieved by giving each risk a rating (numerically) or otherwise in order of vulnerability (low, medium, high). Detectability is also important because risks that are not detected or hard to detect e.g. scope creep are even more risky.

Step 4: – involves dividing the planning team into smaller groups and dividing the master list into portions and giving it to them. They are then to find out the warning signs for the risks. These warning signs (triggers) should be documented and none should be overlooked.

Step 5: – involves the small groups that identified the risks to also structure out preventive measures.

Step 6: – here, the small groups created from the planning team develop a “contingency plan” for majority of the risks. This plan should include response to be taken if a risk occurs. This is usually done for risks with high vulnerability so as to give room for proper management of the risk management process because if the risk management process takes a lot of time and couldn’t be executed, then it is a futile effort.

Step 7: – this is the final step in the risk management planning process. It involves giving each risk “an owner”. This owner is usually responsible for tackling the risk should it occur and utilizing the approved contingency plan. Though other members are advised to also be vigilant for all risks.

At the end of the above steps, a risk register is created. It is advisable to have this register in tabular format so that it could carry enough information on one page.

Golden Rules For A Successful Project Risk Management.

According to Bart Jutte, managing director of Concilio, a consultancy specialized in project risk management; these 10 steps usually result in proper project risk management implementation. They include: –

Make risk management part of your project.
Identify risks early in your project.
Communicate about risks.
Consider both threats and opportunities.
Clarify ownership issues.
Prioritize risks.
Analyze risks.
Plan and implement risk response.
Register project risks.
Track risks and associated tasks.
Benefits Of Project Risk Management
It contributes to the overall success of the project because it points out threats and opportunities which are either eliminated or utilized.
It results in better business outcomes through more informed decision making activities achieved from corrections made after the risk management activities.
Uncertainties are recognized and a forecast of possible occurrences is provided.
Gives room for better control, tackles time wasting and has greater focus on benefits.
It influences innovation and positive thinking.
Effects Of Negligence And Poor Project Risk Management

(Using Real Life Scenarios)

Catastrophic Example

· The “hurricane Katrina” is an example of negligence of project risk management by the government. During the construction and development of the country, the then government didn’t focus on the risks this project (development) would cause. Even after this, the current government ignored weather reports and warnings of failing levies and the damage that floods could bring.

This led to the death of 1300 people and loss of over 250,000 homes with property worth billions being destroyed. If project risk management had been implemented at the development period, the effect of weak levies and flood would have been identified and tackled and this would have prevented this risk (hurricane Katrina).

Loss Of Market, Customers And Brand Trust

· Chrysler Corporation introduced the “PT CRUISER” in 2000, with hopes of delivery via dealer showroom in 2001. At the supposed “available date”, it wasn’t available. Chrysler and it’s dealers encouraged its customers to deposit for “a guaranteed delivery”. Eager customers did this but only few cars were produced due to manufacturing constraints and poor production efforts and conditions.

This resulted in a refund of all deposits to the prospective customers and a further loss of faith in Chrysler by its customers. They decided that instead of waiting for the PT Cruiser, they decide to patronize other vehicles from other manufacturers.

If Chrysler had included project risk management in their project (PT Cruiser), the production and delivery constraints would have been discovered and tackled and the goals of the project (delivery of the PT cruiser by 2001) would have been met.


Project risk management as simple as it may seem and less regarded by many is a key component for a better project plan, time management, cost estimation and project scheduling. An effective project execution is also achieved through inclusion of risk management at all stages of the project starting from the planning, to implementation and finally execution.

Finally if project risk management is properly understood and a stepped approach included in this book is followed with application and adherence to the 10 golden rules for a successful project risk management, there is possibility or a very successful project because the risk management points out and gives you room to tackle, correct and utilize problems that could have risen at the execution / completion of the project.


10 Golden rules of project risk management.

Bart Jute

Founder and consultant at Concilio.

Your risk management process: A practical and effective approach

Vicki Wrona

Project Management Professional (PMP)

President of Forward Momentum, LLC, instructor with Westlake Training and development.

Project management – Risk Management

CJ Williams

Tutor & Mgt. Consultant

Brighton School of Business & Mgt. in the UK.

A Guide to the Project Mgt. Body Of Knowledge (PMBOK)

PMI Standards Committee

William R. Duncan

Director Of Standards.

Risk Analysis & Risk Management

Evaluating and Managing the Risks You Face

Mind tools website

Basics of Managing Risks

Neville Turbit

IT consultant / Principal of Project Perfect.


Project Risk Management

chapters 1, 3, 8, 9, 10

By Bruce T. Barkley

Copyright 2004

Project risk management: a proactive approach

Chapters 1, 3, 5

By Paul S. Royer

Copyright -2001

Practical Project Risk Management: The Atom Methodology

Chapter 1, 2, 3 6

David Hillson& Peter Simon


You Might Also Like

I'm Alejandro!

Would you like to get a custom essay? How about receiving a customized one?

Check it out