- Plan Risk Management
- Identify Risks
- Perform Qualitative Risk Analysis
- Perform Quantitative Risk Analysis
- Plan Risk Response
- Monitor and Control Risks
Plan Risk Management is a process that involves the project manager, sponsor, team, customer, and other stakeholders. The question that needs to asked here is how much time should be spent on risk management based on the needs of the project. Also we have to figure out who will be involved and how we will do risk management. Risks can be classified into external, internal, technical and unforeseeable.
External risks come from outside, such as regulations or market conditions.
Internal risks are based on time, cost, scope changes, planning or lack of people, people, staffing and lack of experience.
Technical risks come from change in technology
Unforeseeable risks are those that you could not have thought of.
Identify Risks should involve everyone in the project. Start identifying risks from the start of the project. This is the time to create a risk register. The register will contain:
- A list of risks
- List of potential responses
- Root causes of risks
- Updated risk categories
Perform Qualitative Risk Analysis
Perform Quantitative Risk Analysis
Plan Risk Response can be to avoid, mitigate or transfer a risk. Avoid as in don’t do the task which will “causes” risk. Mitigate as in reduce the impact of the threat. Transfer as in make someone else responsible, such as an insurance company.
Monitor and Control Risk