10.1 Introduction to Project Risk Management
PMBOK Guide 5th
Edition defines risk as an uncertain event or condition that, if it occurs,has a positive or
negative effect on one or more project objectives such as scope, schedule, cost or quality. During uncertain
economic times, large scale companies such as Healthy Living Pte,focuses on risk management in order to
achieve balance in progressive business growth aswell asto assure high quality deliverables for any project.
The GSCMP is an on-going project by the Healthy Living Pte. A project team assigned for GSCMP is
working at a progressive rate to meetthe project deadline and deliver the expectedquality product. GSCMP
is a large scale project that makes it complex enough for any uncertain error to pop up. Since the project
team was assigned two months already through the project, GSCMP would be vulnerable for both internal
and external organizational risks. Thus Risk Management assessment is carried out to achieve balance
among the Ten knowledge work areas and Five process groups of the project.
In general terms, Project Risk Management is a brief document providing information to Project Team,
Project Manager and team members directly as well as indirectly about potential uncertainties. Risk
Management documents risk activities of a project, techniques and tools for risk management, data
requirements for risk analysis and guidance on how to respond to risk proactively. ( Project Risk
Management Guide. (2014))
For a successful completion of GSCMP, it is very crucial for the project team to analyze, identify
and document the possible exposures of the project. Conducting a risk management analysis would
assist our project team to:
 Recognize high impact and low impact uncertainties and provide with possible outcomes.
 Achieve better business outcomes through more informed decision making.
 Have a better project control reducing overhead and time.
 Eventually approaching to GSCMP project success.
GSCMP Risk Management Documentation includes systematic processes of planning, identifying,
analyzing ad responding to the project risks. For the GSCMP to meet its successful completion, a
balanced project risk management is necessary. A balanced risk management would determine
efficient processes that match GSCMP’s tolerance for risk. The documentation is an effective way
of allocating resources for risk management that deals with threats effectively.

10.2 Risk Management Plan:
Planning is the initial step of risk identification and risk assessment that determines the critical
areas of a project. By defining how to conduct risk management activities, careful and explicit
planning would enhance the probability of success during each five process groups of the GSCMP
system. Planning risk management is important for the GSCMP system since it could ensure the
degree, type and visibility of risk as well as the importance of the project to the company. Planning
is also important to provide sufficient resources and time to identify risk management activities
for the GSCMP and to establish an agreed-upon basis for evaluating risk. ( Project Risk
Management Guide. (2014).) This stage of the risk management process would begin as the
GSCMP was conceived and be completed early during the project planning.
While planning risk management there are certain factors that are to be input in order to develop a
tool to design the plan and to achieve maximum outcomes that would influence to the risk respond.
Input:
 Project Scope Management:
Determining the scope of the GSCMP is an essential part of the risk management process since it
provides a clear picture of the range of possibilities associated with the project and its deliverables
and establishes the framework for how significant the risk management effort would ultimately be
achieved.
 Cost Management Plan:
Planning and estimating cost that determines how risk budgets, contingencies and management
reserves would be accessed.
 Communication and Scheduling:
Defining and scheduling interaction that would occur during the initial and development stage of
the GSCMP project is significant to share information on various risks.
 Organizational Process Assets:
Enterprise environmental factors such as risk attributes and tolerance would contribute to
determine the degree of risk that Healthy Living Pte would withstand. Not only that, there are

certain organizational process assets such as risk categories,roles and responsibilities, authority
levels for decision-making, stakeholder registers and lessons learned that would be considered
by the project team that could influence developing a risk management plan for the GSCMP.
Figure: Planning Risk Management Processes. ( Project Risk Management Guide. (2014))
Technique applied to Plan Risk Management:
 Meetings and Analysis:
Project meetings are scheduled and conducted by the project team in order to develop a risk
management plan. High-level plans for conducting risk management activities are determined and
discussed at the meeting. For the GSMP, the project team would develop an estimation of cost
elements and schedule activities that are to be completed in order to minimize risk possibilities.
Risk contingency application approaches would be reviewed by our project team during these
meetings and a brief analysis would be conducted to categorize the potential risks, level and
probability of risks and impact of the risks for the GSCMP system.
Output:
 Risk Management Plan:
A brief descriptive Risk Management Plan is produced at this phase. The plan is a continuation
outcome of the meetings and analysis conducted by the GSCMP project team. The project
meetings are to be scheduled every two weeks during the development of the project and outcomes
are documented descriptively. The proposed risk management plan identifies categories of risk,

analyzes qualitative and quantitative risk and determines responding to risk and monitoring
protocols during the GSCMP lifecycle.
 Roles and Responsibility for Risk Management:
Risk manager is assigned among the team members of the GSCMP project team. The risk manager
is responsible for arranging meetings with the project manager, other team members and
stakeholders. The risk manager is supported by the GSCMP project team as well as the
stakeholders to settle the cost of the project, mange schedule and determine specific
responsibilities and tasks that to be completed during the GSCMP system. The risk manager is
also responsible for conducting qualitative and quantitative analysis to determine the probability
and impact of the potential exposures.
 Risk Breakdown Structure:
RWS provides a structure that breaks down the potential categories of risk processes of a project
into hieratical manners. For the GSCMP system, the new project team constructed a risk
breakdown structure that would identify risks to a consistent level of detail and contributes to the
effectiveness and quality of the final GSCMP product. Since the new project team has been
appointed two month post the GSCMP had started, our project team would use the previously
prepared framework to develop a new RWS simplifying the list of categories of risks.
GSCMP
Category Sub-Category
Technical Scope Objectives, Requirements, Technical
Processes, Performances and Reliability,
Network/Security Training, Quality, Unit Testing.
Financial Financial Funding, Overrun Budget, Tender
Processing.
Organizational Sponsorship, Business Processes, Culture,
Environment.
Management Project Management, Communication, and Human
Resource management.

External Political Issues, Pressure groups, Weather,
Legislative policies, Suppliers, Market, Customers.
Figure: Risk Management Overview
10.3 Risk Identification:
According to the issues versus knowledge area mapping, the following issues there identified as
potential risks of GSCMP.
Problem
No.
Risk
ID
Risk Statement
P9 R01 No proper tendering process
P10 R02 Overrun by budget
P11 R03 No testing plan developed
P15 R04 Lacking Security and Network skills (Technical skills)
P17 R05 Uncategorized risks with no detailed Action Plan

10.3.1 Identifying Risk:
Risk identification is an iterative process to review existing as well as new risks that would appear
through the project lifecycle. According to the mapping Issues verses Knowledge Areas, five risks
have been identified for the GSCMP system.
Risk ID Risk Statement Tools used to
Identify
Category of Risk
R01 No proper tendering
process
Documentation
Review and Risk
Analysis Meeting
Financial Risk
R02 Overrun by Budget Documentation
Review, Expert
Judgment
Financial Risk
R03 No testing plan
developed
Documentation
Review, Risk
Analysis Meeting
Technical Risk
R04 Lacking Security and
Network Skills
Expert Judgment,
Risk Analysis
Meeting
Technical Risk
R05 Uncategorized risks
with no detailed
Action Plan
Brainstorming, Risk
Analysis Meeting
Management Risk
 Documentation Review (R01, R02, R03):
GSCMP project team would review previous project documents including plans, assumptions,
previous project files and other information to construct a structure for a new risk management
and risk identification process. While reviewing the previous documents, any lack of consistency
between project plans, assumptions and requirements would lead team members properly
categorize and identify risks.
Documents prepared by the previous project team of the GSCMP are thoroughly reviewed by the
new project team members. Not only that, documents from previous projects under the Healthy
Living Pte are reviewed to compare tendering process along the years. The GSCMP project started
without any organized tendering process for hardware and software suppliers. As a result, the
project costs have exceeded it budget limit, risking a massive financial damage to the company.
By the reviewing related documents team members are able to categorize and highlight the major
risk areas.
While reviewing previous documents presented by the previous GSCMP project team, our team
members came to conclusion that, the project was initiated without developing any testing plan.

Past documents are an essential paper works to gain more information about the on-going project.
By going through tiny details from the old documents and reviewing their organizational and
success criteria, the new GSCMP team would develop a new testing plan which would be
conducted after each phase of the system have been completed. Planning and carrying out unit
testing would guide the project team to assure the expected quality of the end product.
 Brainstorming (R05):
The major goal of brainstorming is to gather a comprehensive list project risks. To gather more
information about the GSCMP, the project team would perform brainstorming sessions with a
multidisciplinary group of experts who are not part of the GSCMP project. These are the experts
who have been working with the organization and are familiar with similar projects.
The GSCMP project team would generate ideas about the project risks by following a tradition
free-form brainstorm session. Ideas contributed by the participants would categorize the Risk
Breakdown Structure. Reviewing the previous project plan and brainstorming new ways to
breakdown the risk criteria would identify specific risks.
Figure: Brainstorming Process for GSCMP
 Expert Judgment (R02 & R04):
These are the techniques based on experts’ opinions. The GSCMP project team would seek
scholars’ opinions who have years of experience in project management. This tool would benefit
the GSCMP system for three main reasons:
(a) It would be useful to evaluate the failure rate and the success criteria of the overall project
(b) Years of experiences on past projects to assess factors about the new project are applied to
reach any conclusion
(c) This technique would help the project team to adapt exceptional circumstances.
Technical scholars who have been working on large scale project such as GSCMP, are capable of
identifying any technical weaknesses documented. Once the GITS project team takes over the
GSCMP, team members would consult to a project management IT expert to review the technical
factors presented in the project documentation.
To develop a suitable budget estimation, GITS members would consult a scholar to determine the
strength and weaknesses of the previous budget. This way a new updated budget estimation could
be developed.
Gathering a groupof Experts
from HealthyLiving Pte.
Ideas contributedbythe
participants are put together
categorized risk structure
plan

 Risk Analysis Meeting (R01, R02, R04, R05):
GITS team members conduct risk analysis meetings at a regular frequency to review and discuss
the findings from documentation review and expert judgment. During these meetings, project risks
are analyzed and risk response and solutions are developed.
10.4 Risk Analysis:
10.4.1 Qualitative Risk Analysis:
Qualitative risk analysis is a process of assessing the impact and likelihood of identified risks. The
process categorizes risk according to their potential effect on project objectives. Conducting
qualitative risk analysis for the GSCMP project, the project team would be able to determine the
importance of addressing specific risks and to develop a proper risk response guide.
 Probability and impact assessment
Qualitative risk analysis would require the probability and consequences of the risk to be
evaluated. The five risks that have been identified by the Global Supply Chain Management
Project team are assigned to probability and impact values according to the data collected from the
techniques used to identify the risks such as, expert judgment, project meetings, brainstorming etc.
Risk probabilities and impacts are rated in terms such as high, medium and low.
PROBABILITY IMPACT
High
Chance of risk to occur is more
than 70%
High
Huge impact on time, cost, and
quality of the project success
Medium
Chance of risk to occur is between
30% to 69%
Medium
Medium impact on time, cost, or
quality which required minor
action
Low
Chance of risk to occur is below
30% or might not even happen
Low
Minor impact on time, cost, or
quality of the project which
required monitoring on risk
Table: Probability and Impact degree

Determing Probability vs Imapct:
Figure: Probability vs Imapct Graph ( Mindtools.com. (2016))
 Low Impact-Low Probability:
Risks that can be often ignored sincee they don’t have the potential for any real harm in the on-
going project.
 Low Impact-High Probabiliy:
Risks located on the top left of the graph are of moderate degree of impact. Even if these risks
occur, the organization could cope with them are move on.
 High Impact-Low Probability:
Located in the bottom right of the graph, these risks are of high importance though having very
less chance of occuring. A contingency plan would be applied to reduce the impact of these
exposures.
 High Impact-High Probabity:

Risks located at the top right in the graph are of severe degree of risks that can result in
damanging an organization’s financial and organizational base. These are priority risks that are
to be closely monitoered and elimminated.
10.4.1.1 Risk Ranking:
 Priority: By multiplying probability and impact risk priority is calculated that later helps
to rank risk according to their severity.
Risk
ID
Risk Statement Probability Impact Priority- Analysis
R01 No proper tendering
process
0.6 0.4 0.24 High
Probability-
Medium Impact
R02 Overrun by Budget 0.8 0.8 0.64 High
Probability-
High Impact
R03 No testing plan developed 0.4 0.6 0.24 Medium
Probability-
Medium Impact
R04 Lacking Security and
Network Skills
0.2 0.6 0.12 Low
Probability-
High Impact
R05 Uncategorized risks with
no detailed Action Plan
0.4 0.2 0.08 Medium
Probability-
Low Impact
Table: Risk Priority Table
10.4.1.2 Probability and impact matrix
Probability
High
R01
R02
Medium
R05
R03
Low R04
 High
 Medium
 Low
Low Medium High
Impact
Table: Probability vs Impact Matrix

 Risk Ranking
Risk
ID
Risk Statement Probability
(%)
Impact
(scale from 0-
10)
Priority-
(Scale from 0-
10)
Rank
R02 Overrun by budget 80% 8 6.4 1
R03 No proper tendering
process
60% 4 2.4 2
R01 No testing plan developed 40% 6 2.4 3
R04 Lacking Security and
Network Skills
20% 6 1.2 4
R05 Uncategorized risks with
no detailed Action Plan
40% 2 0.8 5
Table: GSCMP Risk Ranking
10.4.2 Quantitative Risk Analysis:
Quantitative Risk Analysis process aims to analyze numerically the probability of each risk and
its consequence on project objectives as well as the extent of overall project risk. (A Guide to
Project Management Body of Knowledge. (2000))
There are certain factors that would be taken under consideration by the GITS team while
analyzing quantitative risk for GSCMP. Cost management plan is one of them. Since cost
management plan establishes the format of planning and estimating budget, it influences to
determine the approach for quantitative risk analysis. Scheduling, similar case studies and risk
database from proprietary sources would also contribute to quantitative analysis process.
Tool used:
 Expected Monetary Value:
Expected monetary value is a statistical process for calculating the average outcome of any future
scenario that may or may not occur. After wrapping up qualitative risk analysis, quantification of
each risk is calculated to check the validity of qualitative analysis numerically.
Generally, EMV is calculated using decision tree analysis where the value of each possible of
outcome is multiplied by it probability of occurrence.
According to the budget estimation conducted by GITS team members, 10% of the whole budget
is reserved as a Contingency plan and 5% for Management is reserved.
Contingency Reserves: Budget allocated for possible future events. (Known occurrence)
Management Reserves: Budget allocated for the unknown occurrence.
EMV = 21,782.7* Probability

For GSCMP quantitative risk analysis, probability of each risk event is multiplied by the
contingency reserves in order to calculate EMV.
Risk
ID
Risk Statement Probability Cost
(Contingency
Reserves)
EMV
R02 Overrun by budget 80% 21,782.7 17,426.16
R03 No proper tendering process 60% 21,782.7 13,069.62
R01 No testing plan developed 40% 21,782.7 8,713.08
R04 Lacking Security and
Network Skills
20% 21,782.7 4,356.54
R05 Uncategorized risks with no
detailed Action Plan
40% 21,782.7 8,713.08
Table: GSCMP Quantitative Analysis Table
10.5 Risk Response:
Risk Response planning follows the qualitative and quantitative risk analysis processes performed
by the project team. It is a process that helps to develop opinions and actions to enhance
opportunities and lessen project threats.
Global Supply Chain Management Project team would develop a risk response plan by identifying
major threat areas and assigning a Risk Manager to monitor and control each of the risk
documented in the project. The Probability and Impact Matrix would be used to categorize risks
that would determine in which response group they would fall into.
Risk Response Groups:
 Risk Avoidance (R01 & R02):
Involves the project management plan to eliminate the threat entirely. Intense measures such as
extending schedule, changing cost strategies isolating project objectives etc are taken could be
taken. The most radical risk avoidance strategy is to shut down the project entirely. (Project Risk
Management Guide. (2014))
 Risk Transfer (R04):
Majority of the negative impact of risks are shifted to a third party. This way the third party gets
responsibility for the management. Though the risk is not eliminated, liability of risk is transferred.
Risk transfer often involves making a payment to the third party who is taking over the risk.

 Risk Mitigation(R03 & R05):
Reduction either in the probability or the impact of an adverse risk event. By taking early actions,
the probability and impact of the risk event is minimized.
 Risk Acceptance:
Risk Acceptance strategy only exists because of the seldom possibility of eliminating the risk from
the project. Majority of the time, no actions are taken by organizations to minimize low
probability- low impact risks.
Risk ID Risk Statement Risk Response
R01 No proper tendering process Risk Avoidance
R02 Overrun by Budget Risk Avoidance
R03 No testing plan developed Risk Mitigation
R04 Lacking Security and
Network Skills
Risk Transfer
R05 Uncategorized risks with no
detailed Action Plan
Risk Mitigation
Table: GSCMP Risk Response Plan
10.6 Risk Monitor and Control:
Risk Monitoring and Control is a process of keeping track of identified risks, monitoring the alerted
tasks and identifying new risks. By ensuring risk execution plan and evaluating their effectiveness
in reducing risk, the GSCMP team would monitor and control records risk metrics. This is an on-
going process during the GSCMP project lifecycle that makes this process very crucial for
achieving stability during risk assessment.
GSCMP team would develop a risk monitor and control plan based on Risk Register data that
provides information on how to make effective decisions in advance of any risk occurring.
GSCMP Risk Monitor Strategy:
 Regular communication to all GSCMP stakeholders to assess periodically the acceptability
of the degree of five risks that have been identified.
 Risk Response plan be implemented successfully.
 Project assumptions and constraints have not been changed.
 Proper policies and documents have been followed.
GSCMP Risk Control Strategy:
GSCMP team would develop a risk control strategy considering few criteria:
 Choosing alternative risk management strategies.
 Implementing a contingency plan.

 Re-planning the project management plan to identify and control high ranking risks.
 Regular reporting of risk monitoring and control to assess any unanticipated threats and to
take necessary measures to mitigate them.
 By updating Risk register at an appropriate frequency and conducting risk audit meetings,
the project team would develop additional workaround plans that could be used while
emerging risks that were not previously identified. These workaround plans would be
properly documented into the project plan by the GSCMP team.
Tool used for GSCMP Risk Monitoring and Control:
 Project Risk Response Audit:
Project team would audit the effectiveness of risk response and document the root causes and the
significance of identified risks. Project Manager is responsible for conducting this audit and
ensuring each audit brings out fruitful results. GSCMP Risk audits would be performed with
discretely defined objectives at an appropriate frequency and be discussed and analyzed by the
project team at Project Risk Meetings every two weeks.
10.7 Risk Register:
Risk Risk
Cate
gory
Probability
(%)
Impact
(scale of 0-10)
Risk Score Risk
Rank
Risk Response Trigger Risk Owner
Overrun by budget Fina
ncia
l
80% 8 6.4 1 Risk
Avoidance
No Proper
tendering
processes
were
documente
d
Procureme
nt
Manager
No proper tendering process Fina
ncia
l
60% 4 2.4 2 Risk
Avoidance
Budget
overrun due
to lack of
proper
tendering
documentat
ion
Procureme
nt
Manager
No testing plan developed Tec
hnic
al
40% 6 2.4 3 Risk
Mitigation
No unit
testing were
planned
Project
Manager
Lacking Security and Network
Skills
Tec
hnic
al
20% 6 1.2 4 Risk Transfer Technical
staff were
not skilled
for the
respective
tasks
Technical
Team
Uncategorized risks with no
detailed Action Plan
Org
aniz
atio
n
40% 2 0.8 5 Risk
Mitigation
No Risk
Register
was
developed
Protect
Manager

10.8 Conclusion:
Risk Management is an essential part of a project management process. No organization is able to
eliminate the chance of occurring risk at any given time. While documenting Risk Management
for the GSCMP, few factors have been came to light such as, a certain degree of risk is always
present during any phase of an on-going project. Not only that, the five risks that have been
identified during the risk assessment could cause severe impact the project success. The factors
that are often overlooked such as uncategorized organizational plan and carrying on the project
without any unit testing plan have been identified and tools and techniques have been applied to
assess such issues. By analyzing and categorizing the five risks, the project team has developed a
risk register that has contributed in planning useful risk monitor and control strategies.
Lesson Learnt:
Global Supply Chain Management Project is one of the important projects handled by the GITS
team. Since the project team took over the GSCMP two months post the project initiation, there
had been some critical decision to be made such as cost estimation of the project, creating a new
work breakdown structure, developing new quality management plans and documenting each and
every step as the project progressed along. I as the sponsor of the project, certain crucial decision
making depended on me such as reviewing and approval budget estimation, developing a new

organizational structure, categorizing potential risks and approving procurement plans. Lesson
learned from the GSCMP as a CEO can be summarized into four points:
 Additional project information and contact information have been gathered.
 A clear version of the scope of the project have been achieved.
 Project financial and organizational records have been learnt by the background summary.
 The above lessons will be utilized to improve organizational skills in the future.
During the Project Meetings, I have learnt that, majority of the important tasks require the CEO’s
consultation that puts I the CEO in a critical position. Arranging and conducting project meetings
by the project team is significant for an on-going project management. Handling and managing
everyone in the team and approving authority to the project manager is important in order to
balance the project progress. Managing and communicating with external stakeholders are also
significant since many external factors and requirements can influence the project progress. Putting
importance in planning is a major key for a project success. As the GSCMP is a group project
work, communicating with team members and listening to their opinions and decisions are
important for a CEO to finalize sanctions. In recent days, many IT projects run out of budget and
not meeting their deadlines, as a sponsor of the GSCMP, I have learnt that, in order to settle a
suitable cost estimation it is a safer way to take decisions based on expert judgments.
Identifying GSCMP success criteria and gathering information about the project and product
requirements could lead to success of the project.
In conclusion, I would conclude that, managing the GSCMP had helped the GITS project team to
improve project management skills.
Reference
pmtips. (2016). Defining Project Constraints. [online] Available at: http://pmtips.net/blog-new/defining-
project-constraints [Accessed 3 Oct. 2016].
Ocio.wa.gov. (2016). Assumptions and Constraints | Office of the Chief Information Officer. [online]
Available at: https://ocio.wa.gov/pmframework/examples/assumptions [Accessed 3 Oct. 2016].

Project Smart. (2016). Project Management: Time Estimates and Planning. [online] Available at:
https://www.projectsmart.co.uk/project-management-time-estimates-and-planning.php [Accessed 3 Oct.
2016].
Rosso-Llopart, M. (2016). Project planning and scheduling. 1st ed. [ebook] Available at:
https://www.cs.cmu.edu/~aldrich/courses/413/slides/5-planning-1.pdf [Accessed 3 Oct. 2016].
Project Planning. Project Scope. Work Breakdown Structure. (2016). 1st ed. [ebook] Available at:
http://www.interlabs.bradley.edu/uskov/MS_EXAMS/CS591_MS_EXAM/Topic_03/Topic_03_Scope_WBS
.pdf [Accessed 3 Oct. 2016].
www.linkedin.com. (2016). The Nine Project Management Knowledge Areas. [online] Available at:
https://www.linkedin.com/pulse/nine-project-management-knowledge-areas-pathaneni-itil-v3-prince2
[Accessed 3 Oct. 2016].
Pmdocuments.com. (2016). How to Create a Work Breakdown Structure (WBS) – pmdocuments. [online]
Available at: http://www.pmdocuments.com/project-planning-documents/how-to-create-a-work-
breakdown-structure-wbs/ [Accessed 3 Oct. 2016].
WhatIs.com. (2016). What is communication plan? - Definition from WhatIs.com. [online] Available at:
http://whatis.techtarget.com/definition/communication-plan [Accessed 3 Oct. 2016].
www.tutorialspoint.com. (2016). Communications Management. [online] Available at:
http://www.tutorialspoint.com/management_concepts/communications_management.htm [Accessed 3
Oct. 2016].
Work Breakdown Structure & Schedules. (2016). 1st ed. [ebook] Available at:
http://people.ucalgary.ca/~design/engg251/First%20Year%20Files/wbss.pdf [Accessed 3 Oct. 2016].
A Guide to Project Management Body of Knowledge. (2000). 1st ed. [ebook] Available at:
http://www.cs.bilkent.edu.tr/~cagatay/cs413/PMBOK.pdf [Accessed 3 Oct. 2016].
Project Management Body of Knowledge (PMBOK) (An Overview of the Knowledge Areas). (2016). 1st ed.
[ebook] Nutek, Inc. Available at: http://nutek-us.com/PMBOK_Slides.pdf [Accessed 3 Oct. 2016].
Comparing the Differences and Complementary features of PRINCE2® and the PMI PMBOK® Guide.
(2009). 1st ed. [ebook] Available at: http://www.esi-
intl.co.uk/resource_centre/white_papers/Comparing%20the%20Differences%20and%20Complementary
%20features%20of%20PRINCE2%20and%20the%20PMI%20PMBOK%20Guide.pdf [Accessed 3 Oct.
2016].
Grimaldi, S., Rafele, C. and Cagliano, A. (2016). A Framework to Select Techniques Supporting Project
Risk Management. 1st ed. [ebook] Available at: http://cdn.intechopen.com/pdfs-wm/38979.pdf [Accessed
3 Oct. 2016].
Anon, (2016). 1st ed. [ebook] Available at: http://2020projectmanagement.com/wp-
content/uploads/2013/03/RISK-BREAKDOWN-STRUCTURE.pdf [Accessed 3 Oct. 2016].
Developing a Risk Management Plan. (2010). 1st ed. [ebook] New Partners Initiative Technical Assistance
Project. Available at: https://www.usaid.gov/sites/default/files/documents/1864/Developing-a-Risk-
Management-Plan.pdf [Accessed 3 Oct. 2016].
Rabechini Junior, R. and Monteiro de Carvalho, M. (2013). Understanding the Impact of Project Risk
Management on Project Performance: an Empirical Study. 1st ed. [ebook] Available at:
http://www.scielo.cl/pdf/jotmi/v8s1/art06.pdf [Accessed 3 Oct. 2016].

Norris, C., Perry, P. and Simon, P. (2016). Project Risk Analysis And Management. 1st ed. [ebook]
Available at: http://www.fep.up.pt/disciplinas/PGI914/Ref_topico3/ProjectRAM_APM.pdf [Accessed 3 Oct.
2016].
A GUIDE TO THE PROJECT MANAGEMENT BODY OF KNOWLEDGE. (2008). 4th ed. [ebook] Available
at:
http://www.works.gov.bh/English/ourstrategy/Project%20Management/Documents/Other%20PM%20Res
ources/PMBOKGuideFourthEdition_protected.pdf [Accessed 3 Oct. 2016].
Projectmanagement.com. (2016). ProjectManagement.com - Brainstorming. [online] Available at:
http://www.projectmanagement.com/wikis/233029/Brainstorming [Accessed 3 Oct. 2016].
Brighthub Project Management. (2016). Brainstorming Techniques in Project Management - Tips for
Conducting a Brainstorming Session. [online] Available at: http://www.brighthubpm.com/risk -
management/48947-effective-brainstorming-methods/ [Accessed 3 Oct. 2016].
Www2a.cdc.gov. (2016). PMG | Lessons Learned - Description. [online] Available at:
http://www2a.cdc.gov/cdcup/library/pmg/implementation/ll_description.htm [Accessed 3 Oct. 2016].
Trotzki, L. (2016). Project Management - Lessons Learned. [online] Connexin.net. Available at:
http://www.connexin.net/project-management-lessons-learned.html [Accessed 3 Oct. 2016].