What is Project Risk Management
According to PMBOK 5th Edition, a risk can be defined as an uncertain event or a condition that will have a positive or a negative impact on project outcomes / objectives. Project Risk Management is about planning, identifying, responding and controlling the risks on a project. The main objective of this knowledge area is to increase the probability and impact of positive risks while reducing the impact and probability of negative risks. This process should continue throughout the project life cycle.
Risks can popup anywhere in a project and it will have an impact towards scope, schedule, budget and quality of the project. If it’s negative risk, then the tendency towards the project failure is high, hence the project team has to develop proper risk response strategies to overcome them.
There are 2 types of reserves that can be established to minimize or overcome the impact and probability of a project. They are contingency reserves and management reserves. Contingency reserves are used to respond to known risks that cannot be proactively managed. Management reserves are included to respond to unknown risks that cannot be proactively managed.
There are 6 main processes defined under the Project Risk Management knowledge area. They are defined as follows.
Plan Risk Management
This process includes the activities that define how to conduct risk management related functions in a project. This is a very important subsidiary plan of the project management plan which requires the support from every stakeholder of the project to successfully implement and achieve project objectives throughout the entire project life cycle.
Identify Risks
Under this process, the project team has to list down the risks that can have an impact on the project and document them. It supports the project team to realize and proactively work on risk response strategies during the project life cycle. During this period, the project team develops and updates the Project Risk Register.
Perform Qualitative Risk Analysis
During this process, project team can prioritize the risk list based on the risk value calculated by their respective probability and impact values. In addition, it supports the project team to focus on risks with higher values proactively.
Perform Quantitative Risk Analysis
Quantitative Risk Analysis is about analyzing the identified risks in a numerical manner and deciding on the effect they can put on the defined project objectives. Since it produces a numerical value (quantitative information), it helps the project management team to reduce the uncertainty of projects.
Plan Risk Response
Risk response strategies are developed under this process. The project management team works on options and actions to enhance the opportunities of the project while reducing the threats of the project objectives. Based on the risk response, the scope, schedule and budget can be impacted.
Control Risk
This is the last process defined under project risk management knowledge area. During this process, the project team will track and review the risk response strategies for already identified risks, monitor residual risks, identify new risks and control the risk management process throughout the project life cycle. Control Risk process helps to improve the effectiveness and efficiency of the risk management process and optimize the project risk responses.
Below table shows under which Project Management Process Group the above processes are performed.
Initiating |
Planning |
Executing |
Monitoring and
Controlling |
Closing |
No Process
Performed |
1. Plan Risk Management
2. Identify Risks
3. Perform Qualitative Risk Analysis
4. Perform Quantitative Risk Analysis
5. Plan Risk Responses |
No Process
Performed |
Control Risk |
No Process
Performed |
**Please note that each and every individual process mentioned above will be explained further separately.