Risk Identification
Posted by Puneet Kalra on Tuesday, May 5th 2009
Digg it
Bookmark it
Stumble it
Email to friend
5
May
Risk Identification is the process of determining which risks might affect the project and
documents their characteristics. Participants of risk identification activities: project
manager, project team members, risk management team (if identified), subject matter
experts from outside the project team, customers, end users, other project managers,
stakeholders, and risk management experts. While these personnel are often key
participants for risk identification, all project personnel should be encouraged to identify
risks.
Risk Identification is an iterative process because new risks may become known as the
project progresses. The Risk Identification process usually leads to the Qualitative Risk
Analysis process. Alternatively, it can lead directly to the Quantitative Risk Analysis
process when conducted by an experienced risk manager. On some occasions, simply the
identification of a risk may suggest its response, and these should be recorded for further
analysis and implementation in the Risk Response Planning process.
Inputs of Risk Identification Process:
• Enterprise Environmental Factors - Published information, including
commercial databases, academic studies, benchmarking, or other industry studies,
may also be useful in identifying risks.
• Organizational Process Assets - Information on prior projects may be available
from previous project files, including actual data and lessons learned.
• Project Scope Statement - Uncertainty in project assumptions should be
evaluated as potential causes of project risk.
• Risk Management Plan
• Project Management Plan

Tools and Techniques used in Risk Identification:
• Documentation Reviews
• Information Gathering Techniques like Brainstorming, Delphi technique,
Interviewing, Root cause identification, Strengths, weaknesses, opportunities, and
threats (SWOT) analysis
• Checklist Analysis - Risk identification checklists can be developed based on
historical information
• Assumptions Analysis
• Diagramming Techniques like Cause-and-effect diagrams, System or process
flow charts, Influence diagrams
Output of Risk Identification Process:
• Risk Register (Risk Tracker) - it should contain the following information: List
of identified risks, List of potential responses, Root causes of risk and Updated
risk categories.
Popularity: 95% [?]
Risk Management Planning
Posted by Puneet Kalra on Wednesday, April 15th 2009
Digg it
Bookmark it
Stumble it
Email to friend
15
Apr
Risk Management Planning is the process of developing an approach and executing risk
management activities for a project.

Inputs to Project Risk Management Planning: The inputs to Risk Management Planning
include:
• Environmental factors
• Organizational process assets
• Project Scope Statement
• Project management plan
Project Risk Management Planning Tools and Techniques: Meetings for planning and
analysis are the primary tools for creating the Risk Management Plan, which is the output
of this process. One of the ways that a project team can begin to define the types and
sources of risk events is to create a Risk Breakdown Structure (RBS).
The Risk Breakdown Structure is one way to identify risks in a structured manner. It
assists the team in conducting a systematic review of risks and development of responses
to risks.
The Risk Management Plan can include a Probability and/or Impact Matrix for
organizing the information that will be used during the Risk Identification process to
prioritize and quantify risks, and it may in some cases show opportunities for the project
as well. Common information in the matrix includes numerical and/or descriptive
definitions of impact, negative and positive, and the probability of occurrence. The
combination of probability and impact determines whether a risk is rated high, moderate,
or low. These descriptors are rank ordered in a relative scale. Numerical scales can also
be used.
Outputs of Risk Management Planning: The Risk Management Plan should describe the
entire risk management process, including auditing of the process. It should also define
the content and format of the Risk Register, reporting, and risk tracking.
• Methodology Describes how risk management will be done on the project
• Roles and responsibilities Defines the risk management team and their
responsibilities for risk management activities
• Budgeting Assigns budget for risk management activities to be included into the
project cost baseline (project budget)
• Timing Specifies when and how often the risk management activities appear in
the project schedule
• Risk categories Defines types and sources of risks to guide the Risk Identification
process
• Definitions Operational definitions for the project team to use to ensure
consistency in the assessment of risks and opportunities
• Probability and Impact Matrix Specific combinations of impact and probability,
which lead to risk ratings such as high, medium, or low
• Revised thresholds Revised or validated descriptions that trigger taking action;
scope, quality, cost, and time thresholds may be different from each other
• Reporting formats How to communicate risk activities and their results

• Tracking How to document risk monitoring and management activities
The Risk Management Plan will be used throughout the life cycle of the project. As the
team moves through the subsequent Risk Management Processes, the plan will be
revised, updated, and improved.