You are on page 1of 7

Risk Management life-cycle

The following diagram shows the flow of Risk Management life-cycle:

Managing a risk undergoes following stages in its life cycle:


1. Risk Identification
2. Risk Analyses
3. Risk Response Planning
4. Risk Response Execution & Monitoring
5. Execution Verification

1. Risk Identification

During the first state of Risk Identification, the list of risks are submitted to Clarizen’s
Issues/Risk page. The application allows you to determine which risks may affect the
project or other business process and document their characteristics.

In Clarizen’s Risk Management life cycle (what is the Risk Management Life Cycle? You
don’t mention it at all, don’t know what you are referring to) you are at the Evaluation
stage:
It is highly recommended that you accurately enter all available information about the
Risk, including Severity and Priority. It is important to categorize Risks using the
Category field, this will help you in building strict risk classifications.

It is a best practice to include a description of the risk with the use case scenarios.

Tip!

You can use Notes and Attachments to provide additional information such as guidelines,
specifications and other types of materials available for the risk. You will use these
collaboration tools throughout the Risk life cycle to provide, save and track essential
information.

If the Risk was identified by the customer, link it to the corresponding customer(s),
identify if the resolution of the Risk was committed to and include the commitment date,
if any. Properly identifying the source of Risk will help you in giving the best possible
service to your customers.

If a Risk was identified within specific project, define To be Resolved in project already
at this stage.

The Risk should undergo the process of analysis and planning by a team of specialists. In
many cases, the risk management team are the people that help to assess the risk impact
as well as its strategy and the response execution plan. This team can differ from the core
project. It is best practice to assemble such team for the Risk.

Recommendation:

Subscribe the team members of the Risk for corresponding alerts and notifications using
Subscription command available from the Change Request page.

It is recommended to document the responses of the Approvers in the document attached


to the Change Request.

It is a common practice to list Risks using a Risk Register list.


A Risk Register is a tool widely used in Risk management for indentifying, analyzing
and planning risks.

Tip!

You can easily create a Risk Register report in Clarizen. Just enter the Reports page and
create a report named Risk Register.
Select the Risk entry in the Show results from list and add the following columns to be
displayed:
• Category
• Title
• ID
• %Probability
• Impact
• Risk Rate
• Risk Strategy
• Response Plan Description
• Contingency Plan
• Owner
• Due Date

You can filter the report by the To be Resolved in field or by the State Submitted or
Assign to fields for a specific user or by any other relevant condition.

It may be helpful to review the useful tools for Risk Identification in the section Risk
Management - Useful Tools and Techniques.

2. Risk Analysis

Risk Analysis is the next step within the Evaluation stage:


In this phase you prioritize risks for further action by assessing and combining their
probability of occurrence and impact, also called qualitative risk analysis.
You may also numerically analyze the effect of identifies risks on overall project
objectives (cost impact, schedule impact, etc), also called quantitative risk analysis.
The findings are to be documented in the properties of the corresponding Risk. This will
guarantee that at all phases you will be able to provide your team members with the most
complete and most up to date information on the Risk.
It may be helpful to review the tools for Risk Analysis tips in the section Risk
Management - Useful Tools and Techniques.

3. Risk Response Planning

At this step, still within the Evaluation stage, you develop options and actions to enhance
opportunities and to reduce the threats created by the risk.

In our block diagram, the planning steps follow the analysis stage. You need to take into
account that in many cases you will divide the planning step into two steps – preliminary
and final planning.
Preliminary planning is done to provide the team who is analyzing and decisiding on the
strategy of managing the risk with the estimations of work, time and budget investments.
Final planning is done to provide the implementation team with the schedule and content
of the required related works.
You can decide to go for one of the three possible options to provide the execution plan:
1. Describe the plan in the Risk property card in the corresponding fields of the
Assessment & Plan tab.
2. Define a work plan for Risk response execution by linking a Risk to the work item:
Project, Milestone or Task, in the corresponding project, and scheduling required
activities.
3. Both
When you link a Risk to a work item (option 2 and 3 above), this work item and its
subordinate work items represent the work plan for risk response execution.

Clarizen will automatically calculate the estimated Work that should be invested in the
risk response execution and you will be able to review it directly in the properties of the
Risk. The budget investments can be viewed in the properties of the work item itself.

Recommendation:

Be sure you delegate detailed planning to your team as you usually do to facilitate
collaborative Top-Down or Bottom-Up approach.

After the risk response execution starts %Completed, Actual and Remaining effort fields
in the Risk properties instantly represent the progress of the related work. The Project
team can track the progress of the risk response execution without going into the related
work plan details.

Tip!

There are two techniques for linking Risk and related work:

1. From the Risk (Issues) page: Link work item to the selected Risk in the “Related
Work” tab of the right side Info card (you can learn more about how to create related
work for a Risk in the Issues tutorial).

2. From the Current Project page or Work Items page: Link the Risk to the selected work
item in the “Related Issue” tab of the right side Info Card.Clarizen will complete the To
be Resolved in field automatically with the project corresponding to the linked work
item.

Please see a brief on the useful tools for Risk Response planning in the section Risk
Management - Useful Tools and Techniques.

After you are done with Planning you are ready for the next phase of the Risk life cycle
called Resolution or Risk Response Execution. Use the Mark as Opened command to
switch to the next phase of the life cycle.

4. Risk Response Execution & Monitoring


You are now in the Resolution phase of the life cycle.

This is a phase where you execute the response to the risk or, in other words, perform
activities to implement the strategy selected for Risk management.

Now you can proceed to actually perform the work detailed in the execution response
using Clarizen to track and monitor all activities. The related work plan can still be fine
tuned at this phase. Risk team members can review the progress of the work in the
%Completed, Actual and Remaining effort fields of the Risk property card.

If you do not work with related work plan, you can manually update %Completed,
Actual and Remaining effort fields in the Risk properties.

Use the Mark Resolved command to switch to the next Verification phase of the life
cycle after you completed all works required for implementing response plan of risk
management.

5. Execution Verification

You are now in the Verification phase of the life cycle.

In this phase you will verify the Risk Response Execution.

You will use the Risk definitions defined in the first phase of the life cycle, requirement
documents and collaboration materials that were created through all phases.
Use the Reopen command if the risk response execution did not pass the verification
criterions.

Use the command Close to close the Risk upon successful verification.