nederlandsenlisch

1.3 Risk management process

Project risk management is about the activities that a project team or company carries out to optimize project risks. This handbook uses the following definition for project risk management:
“Project risk management is the systematic design, implementation and monitoring of actions to identify, prioritize and analyze project risks and to think up, select and implement responses to optimize these risks.”

The key concepts from the definition are explained below:

  • Systematic: project risk management is a structured methode to deal with risks, including clear responsibilities, priorities and tasks. This contrasts with an ad hoc approach that relies on luck to succeed.
  • Action: performing tasks is central to risk management. In essence, it is about head, hands and eyes: to think up tasks, carry them out and monitor if they materialize (see Chapter 9).
  • Identify: This is the process to discover the project risks that may be present. What risks form an opportunity or threat to the project? (see Chapter 4).
  • Prioritize: Sorting the risks in order of importance. This enables the project team to deal with the largest risks first (see Chapter 5).
  • Analyze: an understanding of risks is a precondition for taking effective measures. Analysis looks at the characteristics of individual risks and the relationship that exist between risks. Analysis can be qualitative or quantitative (see Chapters 6 and 7).
  • Responses: a perfect analysis is beautiful, but it only adds value if it results in workable responses that change a project’s risk profile (see Chapter 8).

The different steps of the risk management process are shown in figure 1.2. Project teams often go through these steps multiple times during a project as a result of new insights and project developments.


Figure 1.2: Risk management process
Risk management begins with identifying a risk and ends with the implementation of appropriate responses.

Risk management also has supporting processes. Communication is crucial: the project manager, team members, project board and stakeholders must discuss risks and the accompanying tasks. Research shows that a team member knew of the fatal risk in many failed projects, but that the project manager did not. This causes unnecessary project failures. Knowledge about present project risks is the first essential step towards action. Communication could be a team meeting, a brain storm session on the risks and responses, but also the distribution of progress reports and analysis for decision making. Other supporting processes are activities to set up and evaluate the risk management efforts (see Chapters 3 and 10). Furthermore, the introduction of systematic risk management in a company could be regarded as a support process (see Chapter 2). This requires that sufficient time and support are available in the project management team and the management team.