Theme: Risk Flashcards
Risk is defined as…
an uncertain event that, should it occur, will have an effect on the achievement of objectives. It consists of a combination of the probability of a perceived threat or opportunity occurring, and the magnitude of its impact on objectives.
A threat is defined as…
a risk that has a negative impact.
An opportunity is defined as…
a risk that has a positive impact.
Risks need to be…
identified, assessed, planned for and controlled.
Risk principles (9)
- Understand the project context
- Involve the stakeholders
- Establish clear project objectives
- Develop a risk management approach
- Report on risk regularly
- Define clear roles and responsibilities
- Establish a support structure and supportive culture for risk management
- Monitor for early warning indicators
- Establish a review cycle and seek continual improvement
Risk theme minimum requirements (rules)
- Define the risk management approach which must cover:
- the way we identify and assess risks, implement responsibilities and communicate risk
- assess if the risks might affect the business justification
- the roles and responsibilities - We must maintain risk register
- Ensure risks are identified, assessed, managed and reviewed
- Use lessons to inform risk identification and management
Risk theme minimum requirements (products)
Risk management approach
Risk register
What does the risk management approach document include?
Information on how the risk will be managed: processes, techniques, procedures, responsibilities.
What does the risk register document include?
Provides a record of identified risks, their status and history.
During which process are risk management approach and risk register created?
Initiating a project
What is the relation between risk mgmt policy and risk mgmt approach?
The risk mgmt approach should be created based on the risk mgmt policy (it helps to define it).
Risk tolerance defines..
how much risk you are willing to take.
Any risks identified during “starting up a project” should be recorded in the project manager’s
Daily log and transferred to the risk register if the initiation stage is approved by the project board.
What information should the risk register contain? (8)
- Risk identifier
- A risk author
- Date registered
- Risk category (schedule, quality, legal etc.)
- A risk description
- The probability, impact and expected value of the risk
- Proximity
- Risk response categories
- Risk response
- Risk status (active / closed)
- Risk owner (there can only be 1)
- Risk actionee
Risk response categories (threat)
Avoid
Reduce
Prepare contingent plans
Accept
Share
Transfer
Risk response categories (opportunity)
Exploit
Enhance
Prepare contingent plans
Accept
Share
Transfer
Risk management procedure steps
- Identify (context, risks)
- Assess (estimate, evaluate)
- Plan
- Implement
-> Communicate
Which 4 documents should be examined while identifying the risk context?
Risk mgmt approach
Project mandate
Project brief
Project product description
Give some examples of techniques that can be used for risk identification
Review lessons Risk checklists Risk prompt lists Brainstorming Risk breakdown structures
It is crucial to identify 3 aspects of each risk…
Cause
Event
Effect
What 3 aspects should be evaluated while assessing the risk?
Probability - How likely are they to happen?
Impact - What will happen if it does?
Proximity - When will it happen?
What is Probability Impact Grid for?
It is a ranking system that provides assessment of risk severity.
What is risk owner responsible for?
management
monitoring
control of risk
What is risk actionee responsible for?
response to risk
supported by risk owner
