The Essentials of Project Risk Management

Brandi Johnson

Aug 26 2016 7 min read

Risk is an inherent part of any project. Having the essential tools needed to manage and mitigate these project risks will help you protect your project against the risks that threaten to take it off-track.

The Project Management Institute provides the following process to manage project risks:

  1. Plan risk management.
  2. Identify risks.
  3. Perform qualitative risk analysis.
  4. Perform quantitative risk analysis.
  5. Plan risk responses.
  6. Monitor and control risks.

Let’s break down each component of the risk management a bit further.

Step 1. Plan Risk Management

In the same way that you have a method to run your project, you should have a clear method for how to manage risks in your project. Your risk management plan should be appropriate for the types of risks that you’re likely to face, and the importance of the project to your organization. When planning for your risk management, identify the tools and techniques you are going to use, as well as your communication plan for stakeholders.

Depending on the importance of the project and the types of risks you face, you may also create a risk breakdown structure. The risk breakdown structure is a method of organizing potential causes of risk into a hierarchy.

Step 2: Identify Risks

When identifying risks, you simply determine which risks may affect your project, and document their characteristics. This helps you and your team anticipate events that affect your project. This step isn’t about resolving the risk. Instead, you and your team identify the risks and compare risks against one another, so it’s easier to respond to the risks with the highest impact.

Step 3: Perform Qualitative Risk Analysis

How likely is it that this risk will occur? What will the impact of this risk be? The answers to these questions are the fundamentals of qualitative risk analysis. This allows you, as the project manager, to reduce the level of uncertainty in your project and focus on high-priority risks. Phase 3 should be a quick phase in your project risk management process. It lays the foundation for quantitative risk analysis and feeds directly into planning risk response.

Step 4: Perform Quantitative Risk Analysis

During your quantitative risk analysis, you analyze the identified risks based on numeric rankings.In some cases, you won’t have enough data to develop appropriate risk models. In these cases, you’ll need to use your best judgment about if you need quantitative risk analysis, and which method you will use. Common methods of data gathering and representation include interviewing members of previous project teams and probability distributions based on the likelihood of a risk occurring.

Step 5: Plan Risk Response

When you identify a risk, it’s natural to want to jump to planning a response. By working through this process, you can address risks based on their priority. You can insert the resources and activities you need into your project plan and budget. Your risk response plan should also assign an owner for the risk response for each agreed-to and funded risk response. Remember – not all risks to projects are negative. For negative risks – or threats, your response plan is typically to avoid the risk, transfer the risk to a third party, mitigate the risk, or accept it. Some risks have a positive impact on your project. For these risks, you’ll want to exploit them, enhance them by increasing the likelihood of the opportunity occurring, share the opportunity with a third party better equipped to handle the opportunity, or accept it (if it occurs).

Step 6: Monitor and Control Risks

The final step in project risk management is to control risks. This is when you put your plan into place – implementing response plans, tracking identified risks, monitoring residual risks, and evaluating your risk responsiveness throughout the process. During this process, you’ll determine if your project assumptions are still valid, remove assessed risks that have changed, ensure that your risk management procedures are being followed, and plan for any contingencies in cost or schedule based on alignment with your current risk assessment.

At first review, the process of managing project risk may seem as complex as managing the project itself. By layering risk management into your project management process, you can have more successful projects with fewer headaches.


Brandi Johnson

Related Articles

Feature of the Month: Scenario Planning

Scenario planning is a strategic management tool, which is essential for professional services teams and  organizations looking to anticipate and...

Christian Langley

Mar 28 2024 3 min read

Want to see Cloud Coach in action?

Cloud Coach is secure and customisable platform for successfully delivering customer projects of all shapes and sizes.

See Cloud Coach In Action

Cloud Coach is secure and customisable platform for successfully delivering projects of all shapes and sizes.

Schedule a tailored demo with one of our project specialists.

  • Fill out the form below
  • Our team will reach out within 24 hours to discuss your unique requirements
  • We’ll schedule a 1:1 demo with one of our product specialists  
medal 2 1
reCAPTCHA logo@2x

protected by reCAPTCHA

medal 2 1

Thank you

A Cloud Coach advisor will be in contact by email within one working day to arrange your demo.