Risk assessment best practices

Life is full of surprises, and even if you plan everything as accurate as possible and map out each milestone, project risk can sneak up and affect your scope, schedule or budget. You can’t predict the future, but by using these best practices you will identify risks earlier and prepare a response plan for them.

1. Do not confuse risk causes, events, and impacts

The causes are events or set of consequences that exist in the project.

Example of causes:

  • doing a project in a developing country
  • using unproven technology
  • lacking skilled personnel

Events are uncertain activities that, if they occur, will affect the project objectives.

Example of events:

  • exchange rate fluctuation
  • contractor delivery
  • client expectation misunderstood

The impact represents the unplanned variation from project objectives (positive or negative) which is the result of risks occurring.

Example of impact:

  •  milestone date missed
  • budget underrun
  • failure to meet the performance target

DUE TO <cause>, <risk event> COULD OCCUR, RESULTING IN <impact>.

Example: Due to many job opportunities for programmers, the loss of key personnel for the project could occur, resulting in higher costs and an extended schedule.

2. Use a checklist with scanning for other risks

The checklist will help you assess specific risks to your project in an easy-to-view table format.

3. Check the risk impacts and look at the most significant impact on:

  • Costs
  • Schedule
  • Functionality
  • Quality

4. Use also 100% probability during planning

Probability Description
1.0 Certain to occur ( 100% )
0.9 Almost certain ( >90% )
0.7 Highly likely ( >70% )
0.5 Likely ( >50% )
0.3 Low likelihood ( <30% )
0.1 Very unlikely ( <10% )
0.0 No chance

The project team needs to take actions to reduce the probability below 100% or somehow incorporate the items into the Project Plan.

5. Do not confuse mitigation plan with risk response

The mitigation plan is created during the process of risk identification. The activities associated with mitigation plans are usually part of the schedule, and they are executed together with other activities of the schedule.

The Risk Response Plan is also a set activities plan which is designed to eliminate and minimize the impact of threats and maximize the effect of opportunities. However, the risk response plan is created during the process of project planning but executed after risk occurred.

Risk response techniques
Threats Opportunities Both
Avoid Exploit Acceptance
Transfer Share Contingency plan
Mitigate Enhance

6. Consider contingency plans along with response plans


You have a risk event of missing the critical project resource.

Mitigation plan: include in the resource plan the activities and hours needed by the key resource

Contingency plan: if the key resource is not available, elevate issue to the Project Sponsor

7. Consider also the opportunities, not just the threats


Example of opportunities:

  • special pricing for a supplier
  • competitive market conditions
  • the sudden availability of a key resource for a short period
  • availability of some needed equipment
  • availability of government funds for the project’s industry

8. Make project team members responsible for specific risks

While doing the risk assessment, it is essential to identify the owner of the risk and assign the specific tasks to that person.

9. Make risk management an on-going process during project reviews

At each team meeting you should:

  • ask if any new risks may appear
  • check to see if any risk triggers occurred
  • update the status on the execution of risk plans
  • update probability and impact values based on actions taken
  • evaluate the effectiveness of actions taken in managing risks


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s