The goal of managing project risks is to identify and prepare for any potential threat to the successful achievement of project objectives. As a result, risk management is an essential part of managing projects, but how can you identify project risks?
Discussion with stakeholders and the project team will help identify the risks and be helpful in bringing different perspectives. Some stakeholders might identify concerns that represent specific risks to their interests. There are some common risk areas for projects; the checklist below can be useful for identifying risks.
Once you have identified the risks, you can start a risk log – or risk register – for the project at an early stage. This is a list of all the identified risks, together with an assessment of their probability and impact, and contingency plans for dealing with them should they become a reality. A risk log will look something like the image below, which depicts the risks of the company event case.
You can evaluate each risk in terms of its probability of occurrence and impact on the project. You may use a numerical scale to label risk, or you could describe risk as low, medium or high. An easy way is to position them on the matrix below.
Once you have evaluated the risk you can define a strategy to deal with each of them. Strategies for dealing with risks in project management include:
- Risk avoidance – for example, where costs outweigh benefits, you may decide to refuse a contract
- Risk reduction – for example, regular reviews can reduce the likelihood of an end product being unacceptable
- Risk protection – for example, taking out insurance against particular eventualities
- Risk management – for example, making use of written agreements in areas of potential disagreement
- Risk transfer – passing the responsibility for a difficult task within a project to another organisation with more experience in that field.
© The Open University