Plan Risk Management Process

The main output from plan risk management is the risk management plan and hence it is also where the remaining five resource management processes are planned.

Lets look at the Plan Risk Management Process

This key document is a strategy document which lays out how risk management will be conducted and approached throughout the project.

Like all plans, the level of detail recorded here will depend upon the level of risk within the project and the level of risk that the performing organization is prepared to take. The contents of this plan will describe how the following processes are to be used:

  • Identify risks
  • Perform qualitative risk analysis
  • Perform quantitative risk analysis
  • Plan risk responses
  • Monitor and control risks

Plan risk management should take place early in the project because it will have a significant impact on all aspects such as scope, time, cost, quality, and procurement.

Learning Today Leading Tomorrow!

All Courses for less than $10/month if paid annually

There are six inputs to the plan risk management process

Project scope statement

The scope of the project will have a direct bearing on the type and amount of risk that is likely to be encountered; therefore this scope statement will provide a clear definition of such risk areas.

Cost management plan

The budget, stage payments, and general spend management will also call out key risk areas, and is therefore also an important input reference.

Schedule management plan

The plan of activities and their timing including aspects such as internal and external constraints will help identify risk areas.

Communications management plan

This includes information on all key stakeholders and in particular their concerns for specific risks, and hence, how such communications should be handled.

Enterprise environmental factors

These will have a large bearing on the nature of risk within an individual project, and may include aspects such as laws and regulations, processes and procedures to be followed, the industry and its norms towards risk and the organizations appetite towards risk.

Organisational process assets

These are typically divided into general categories of processes, procedures and corporate knowledge, and may include aspects such as lessons learned from previous projects, templates all tools to help identify all manage risks, budget or schedule estimating data.

There is one output from plan risk management

plan risk management - The risk management plan

As described above, this lays out how all the other five risk management processes will be managed. An important aspect is called risk tolerance or risk appetite, and this refers to the level of risk that the organisation considers tolerable. Based on this, the risk management plan describes how all risk will be managed, who will be responsible for risk activities, the timing, work effort and cost that will be attributed to risk activities, and how risk will be communicated throughout the project.​

The risk breakdown structure. This forms part of the risk management plan, and describes how all risks will be categorized and is used to help define how the risk processes will be applied. This is a hierarchical diagram which breaks down the different categories of risks. At this point we do not know the actual risks so this diagram can only focus on the various categories.​

These categories will depend upon the nature of the project and the environmental factors that relates to it. These categories may include aspects such as internal and external risks, technical risks, organisational risks, etc...

The main tool used in plan risk management is:

Planning Meetings and Analysis

Put simply, this is meeting with all of the appropriate stakeholders, usually by running a Risk Workshop. This will include not just the brainstorming of risks, but also deciding on the overall level of risk and determining if it is acceptable and going on to determine the best approach to risk management on the project.