OVERVIEW OF RISK MANAGEMENT PROCESSES

Before discussing how to manage risk, we must agree on a definition for the term. In the context of project management, we define risk as:

The potential events or circumstances that threaten the planned execution of the project.

This definition puts a totally negative context around the word risk. Others, such as the Project Management Institute, include the positive opportunities (impacts) that risks may have on a project. However, in developing a proactive risk management philosophy, it is most important to concentrate on the negative aspects of risk.

FIGURE 1-1 PMBOK® Guide Project Management Processes

Each project management process has a corresponding risk management process, as shown in Figure 1-2. To establish a common reference framework, we define the risk management process simply as follows:

• Initiation: Project opportunity assessment—Examining the high-level requirements of the project opportunity to define risks versus opportunities in order to make a decision to proceed or not to proceed with the endeavor

• Planning: Risk management planning—Identifying risks and developing mitigation strategies and contingency plans to minimize their impact

• Executing: Project risk audit—Auditing the effectiveness of project management processes

• Controlling: Continuing risk management—Monitoring identified project risks to trigger the implementation of risk mitigation strategies and contingency plans; identifying new risks

• Closure: Risk knowledge transfer—Capturing lessons learned in the mitigation of project risks for use in future projects.