Risk management refers to the culture, structures, and processes that are adopted by a firm, which are directed towards the effective management of any risks in the project (Smith & Merritt, 2002). There are five main steps involved in the risk management life cycle. The steps include:
- Identifying the risks
- Analyzing the risks
- Prioritizing the risk
- Resolving of the risks
- Monitoring the risks
The first step in risk management involves the identification of the risk. Here, the team systematically enumerates all the possible risks in order to make the explicit prior to becoming problems. Having knowledge of the different types of risks is necessary in order to enable the team to explore the possibilities of each risk. The formal risk identification should be performed during the early stages of the project lifecycle (Lewis, 2012). The project manager is advised to keep a checklist of all types of risks. The second step deals with the analysis of the risk. During this step, the risks identified are transformed into decision-making information. Each risk is often considered in turn, and a judgment made on the probability as well as the seriousness of the risk. For this reason, the manager assesses the possibility of occurrence of a loss and the impact of the loss in case it occurs.
The third step involves prioritizing the risks through ranking. This refers to the process of sorting the risks such that the high impact, high probability risks are put at the top while the low impact, low-probability risks drops to the bottom. The manager then decides the cut-off line such that attention will only be directed to the risks above that line. This is because of the high cost and time that might be spent in solving all the risks, some of which are insignificant (Lewis, 2012). The fourth step is concerned with mitigating the identified risks. During this process, the team involved resolves or eliminates the identified risks. This step comes at a cost. Consequently, it is suggested that the cost/benefit analysis be done in order to determine whether the mitigation process is cost effective. The last step involves monitoring, controlling, and reporting the risks. The project manager should regularly review and update the status of all the identified risks. He should ensure that the risks are under control.
Risk management planning involves deciding on the approach and the plan employed in risk management activities of various projects. Developing an effective risk management plan is essential in preventing the development of small issues into emergencies (Smith & Merritt, 2002). The primary step when crafting a risk plan will involve defining your project. This implies that there is the need for understanding the risk climate of the company. The intention is to present an understanding of what risks are to be encountered. It is also significant to understand the strategic fit of the project. This will shed a light on the existence of previous success criteria as well as constraints of any neighboring projects. In addition, it will equip the project manager with knowledge of the potential risk events and their potential impact (Ward & Chapman, 2011). For this reason, the first steps to be taken when crafting a risk plan should ensure that the risk manager understands of the broad spectrum of all the possible risks.
The subsequent steps would involve engaging the stakeholders and the right players. This will involve the discussion of the project with the stakeholders, especially the key components of the project. In the case a project manager lacks the right stakeholders and players; this could imply there is a very lopsided view of the risks. A thorough review of stakeholders will ensure that the manager has stakeholders that he would count on the success of the project (Lewis, 2012). Once this is done, the manager will secure stakeholder buy-in and consider the supply and demand issues. Finally, the project manager will establish a clear risk ownership, and craft the risk plan.
During the risk planning process, the key activities that take place include development of risk mitigation strategies as well as contingency plans. The risk manager has to recognize all the resources that are necessary for mitigating the risks (Smith & Merritt, 2002). The resources identified include money, labor, and equipment. It is also appropriate to define all the emergency notifications, as well as escalation procedures, in case it is appropriate. It is significant to evaluate and update the contingency plans in case it is necessary. The development of the plan will help in documenting any risk symptoms. In addition, planning helps in identifying the best time of implementing the planned action to be followed when executing the risk management plan. The main obstacle to risk planning is the availability of resources such as money, labor, and equipment (Lewis, 2012).
The first step when planning for risk management involves understanding how the risk management works. Some of the factors included in the analysis of a risk include the event, the probability of occurrence of the activity, the impact of the event, the mitigation process, and the contingency plan (Smith & Merritt, 2002). The aim is to recognize and understand the risks. Identification of the sources of risks by category is the best method for exploring the potential risks of a given project.
The next step involves risk evaluation. This is done based on the probability that a given event may occur. Although some risks are more likely to happen than others, the cost of relating to various risks differs greatly. Consequently, a risk is evaluated in order to estimate the probability of its occurrence, as well as the severity or the potential loss associated with the risk (Lewis, 2012). The third step would involve the development of a risk mitigation plan. This refers to a plan that targets to reduce the effects of an unexpected event. The methods employed include risk avoidance, risk transfer, risk sharing, and risk reduction. The final step involves developing a contingency plan. This refers to the development of an alternative approach to be employed in the accomplishment of the goals of a specific project (Ward & Chapman, 2011). This happens in the case an identified risk is likely to interfere with the normal procedure involved in the completion of the objectives of the project.
Lewis, N., & Lewis, N. (2012). The fundamental rules of risk management. Boca Raton, FL: CRC Press.
Smith, P & Merritt, G., (2002). Proactive Risk Management: Controlling Uncertainty in Product Development. NY, Productivity Press.
Ward, S., & Chapman, C. (2011). How to Manage Project Opportunity and Risk Why Uncertainty Management Can be a Much Better Approach Than Risk Management. (3rd ed.). Chichester: Wiley.