Professional Documents
Culture Documents
Risk Summary
Risk Summary
Risk Management
Status Report: states where the project stands now. Can
use earned value analysis as preparation for these
reports.
Progress Report: states what has been accomplished. CPI
and SPI can be used here as well as showing task /
activity accomplishments
Forecasting Report: predicts future status and progress.
CV, ETC, and EAC computations can be used
Definitions
Risk management planning is the process of deciding how to deal with and plan for project risks
Stakeholder risk tolerances, WBS and the project charter are several inputs to Risk Management Planning
It is a way to measure a person’s risk tolerance: utility function
Delphi Technique: it is a technique to solicit expert opinion anonymously. Several experts in the desired area are sent a
questionnaire, report or similar matter. Each one sends back their opinions. The opinions are collected.
Risk identification should be performed as early as possible during all project phases especially during the project planning
phase. Risk identification is an iterative process
A risk event is an occurrence that can affect the project for better (opportunity) or worse (threat)
Outputs from risk identification are a list of possible risks and triggers
Risk identification will examine the impact of risks on the triple constraint: time (schedule), resources and scope, while
assuring a high level of quality
Risk Analysis
Qualify the identified risks by assessing the impact and likelihood of occurrence
Use scales of probability and impact to create a risk rating matrix. Prioritize the risks.
Quantify the risks by assessing numerically the probability of each risk and the impact it will have. This analysis can lead to
both time and cost contingencies
Expected monetary value for each risk event (EMV) = PROBABILITY * IMPACT = EMV. EMV can help define budget reserve
requirements
Monte Carlo simulations can determine riskiness and probability of impact overtime. The results are often shown as an S
Curve
The risk response plan will include specific actions to take if critical risk events occur, time and cost contingency budgets,
and assessment of project termination liabilities
It is important to monitor non critical risks for symptoms
Avoidance is the type of response used to find a different approach so as to avoid the risk
Mitigation is the type of response used to revise scope, cost, schedule or quality without impact on the project, in order to
reduce uncertainty on the project
Acceptance is the type of response used when the risks may be acceptable (low impact / probability)
To develop a contingency plan should the risk occur is called active acceptance
To deal with the risk as they occur is called passive acceptance
Transference or deflection is the type of response where you buy an insurance or contract to someone more experienced in
order for them to assume the risk
Monitoring and Control
Risk Management
Execute and update the risk response plan as well as
making sure that the project assumptions are still valid
The earned value analysis is a major tool for monitoring
overall project performance
Type of risk that remains after avoidance, mitigation and
transfer responses have happened: Residual
Type of risk that happen as a direct result of
implementing a risk response: Secondary