Risk Management Plan

The risk management plan describes how risk management will be structured and performed on the project. It becomes a subset of the project management plan (Section 4.2.3.1). The risk management plan includes the following:

• Methodology. Defines the approaches, tools, and data sourccs that may be used to perform risk management on the project.

• Roles and responsibilities. Defines the lead, support, and risk management team membership for cach type of activity in the risk management plan. Assigns people to these roles and ciarifics their responsibilities.

• Budgeting. Assigns resources, and estimates costs needed for risk management for inclusion in the project cost baseline and establishes protocols for application of contingency reserve (Section 7.2.3.1).

• Timing. Defines when and how often the risk management process will be performed throughout the project life cycle, establishes protocols for application of schedule contingency reserves and establishes risk management activities to be included in the projcct schedule (Scction 6.5.3.1).

• Risk categories. Provides a structure that ensures a comprehensive process of systematically identifying risks to a consistent level of detail and contributes to the effectiveness and quality of the Identify Risks process. An organization can use a previously prepared categorization framework which might take the form of a simple list of categories or might be structured into a Risk Breakdown Structure (RBS). The RBS is a hierarchically organized depiction of the identified project risks arranged by risk category and subcategory that identifies the various areas and causes of potential risks. An example is shown in Figure 11-2.

The Risk Breakdown Structure (RBS) lists the categories and sub-categories within which risks may arise for a typical project. Different R8Ss will be appropriate for different types of projects and different types of organizations. One benefit of this approach is to remind participants in a risk identification exercise of the many sources from which project risk may arise.

The Risk Breakdown Structure (RBS) lists the categories and sub-categories within which risks may arise for a typical project. Different R8Ss will be appropriate for different types of projects and different types of organizations. One benefit of this approach is to remind participants in a risk identification exercise of the many sources from which project risk may arise.

Figure 11 -2. Example of a Risk Breakdown Structure (RBS)

• Definitions of risk probability and impact. The quality and credibility of the Perform Qualitative Risk Analysis proccss requires that different levels of the risks' probabilities and impacts be defined. General definitions of probability levels and impact icvcls arc tailored to the individual project during the Plan Risk Management proccss for use in the Perform Qualitative Risk Analysis process (Section i 1.3). Figure i 1-3 is an example of definitions of negative impacts that could be used in evaluating risk impacts related to four project objectives. (Similar tables could be established with a positive impact perspective). The figure illustrates both relative and numeric (in this ease, nonlinear) approaches.

• Probability and impact matrix. Risks are prioritized according to their potential implications for having an effect on the project's objectives. A typical approach to prioritizing risks is to use a look-up table or a Probability and Impact Matrix (Scction 11.3.2.2). The specific combinations of probability and impact that lead to a risk being rated as "high," "moderate," or "low" importance, with the corresponding importance for planning responses to the risk (Scction 11.5), arc usually set by the organization.

Defined Conditions for Impact Scales of a Risk on Major Project Objectives

(Examples are shown for negative impacts only)

Project Objective

Relative or numerical scales are shown

Very low /.05

Low /.10

Moderate /.20

High /AO

Very high /.80

Cost

Insignificant cost increase

<10% cost increase

10-20% cost increase

20-40% cost increase

>40% cost increase

Time

Insignificant time increase

<5% time increase

5-10% time increase

10-20% time increase

>20% time increase

Scope

Scope decrease barely noticeable

Minor areas of scope affected

Major areas of scope affected

Scope reduction unacceptable to sponsor

Project end item is effectively useless

Quality

Quality degradation barely noticeable

Only very demanding applications are affected

Quality reduction requires sponsor approval

Quality reduction unacceptable to sponsor

Project end item is effectively useless

This table presents examples of risk impact definitions for four different project objectives. They should be tailored in the Risk Management Planning process to the individual project and to the organization's risk thresholds. Impact definitions can be developed for opportunities in a similar way.

Figure 11-3. Definition of Impact Scales for Four Project Objectives

Figure 11-3. Definition of Impact Scales for Four Project Objectives

• Revised stakeholders' tolerances. Stakeholders' tolerances may be revised in the Plan Risk Management proccss, as they apply to the specific project.

• Reporting formats. Defines how the outcomes of the risk management processes will be documented, analyzed, and communicated. Describes the content and format of the risk register as well as any other risk reports required.

• Tracking. Documents how risk activities will be recorded for the benefit of the current project, as well as for future needs and lessons learned. Documents whether and how risk management processes will be audited.

Project Management Made Easy

Project Management Made Easy

What you need to know about… Project Management Made Easy! Project management consists of more than just a large building project and can encompass small projects as well. No matter what the size of your project, you need to have some sort of project management. How you manage your project has everything to do with its outcome.

Get My Free Ebook


Post a comment