How many times have you forgotten a whole category of risks on your project? I have long advocated the use of a standard list of risk categories high-level areas of risk such as technology changes or cultural issues to make sure areas of risk are not forgotten. Risk categories are lists of common areas or sources of risk experienced by the company, or on similar projects.
The categories help analyze and identify risks on each project.
Companies and project management offices should have standard lists of risk categories that all projects can use to help identify risks. Those leading risk identification should make sure that each category is considered when looking for risks. My risk research shows over potential categories of risk. They can be organized in an organizational chart or WBS-like format called a risk breakdown structure.
This is where risks are identified.
Risk Management - Types of Risk
Any risks missed here may be harder to deal with later in the project. This effort should involve all stakeholders and might even involve literature reviews, research and talking to non-stakeholders. Sometimes the core team will begin the process and then the other members will become involved, making risk identification an iterative process.
When you get a question about who should be involved in risk identification, the best answer is everyone! Everyone has a different perspective of the project. Take off your blinders and look beyond what you are used to.
Smart project managers begin looking for risks as soon as a project is first discussed. However, the major risk identification effort occurs during planning.
ISO 31000:2018-RISK MANAGEMENT GUIDELINES
Because risk identification can occur during the initiating and planning process groups, the exam has often said that risk identification happens at the onset of the project. Risks may also be identified during any part of the project. The exam will specifically look for you to include risk identification during such activities as project changes, when working with resources, and dealing with project issues.
The exam is likely to weight the questions toward project executing and project monitoring and controlling-related questions on risk. Therefore, details of risk identification are not explained in this section. It does include:.
What is and what is not included in the preliminary project scope statement, the project charter and later documents can help identify risks.
PMP Risk Categories
Lessons learned, articles and other documents can also help uncover risks. This used to be a trick for risk management and now has become standard practice.
Think about how valuable this would be in your real world. You should know there are many ways to identify risks and that risk identification can be an art form.
Luckily, you need not be a risk identification expert to pass the exam. The checklist of risk categories was previously described in risk management planning. Risks are identified using one of the techniques previously described. The checklist is then used to make sure the risk identification process has addressed all the categories of risk. Analyzing what assumptions have been made on the project and if they are valid, for the purpose of identifying more risks.
There are many tools described in the Quality lesson that help one analyze the root causes of issues. These include cause and effect diagrams and flowcharts. When used as part of risk identification, they help identify additional risks. The risk register is the place where most of the risk information is kept.
Articles By Topic:
Think of it as one document for the whole risk management process that will be constantly updated with information as risk identification and later risk management processes are completed.
The risk register becomes part of the project management plan and is also included in historical records which will be used for future projects. You will notice that the risk register is the only output of many of the risk management processes. Read exam questions carefully as the risk register contains different information depending on when in the risk management process the question is referencing.
Share Tweet Share. PMP Risk Categories.
If that occurs, we will have to use someone else and our schedule will slip between and hours. How do you identify risks? It does include: Documentation Reviews What is and what is not included in the preliminary project scope statement, the project charter and later documents can help identify risks.
Information Gathering Techniques You should know there are many ways to identify risks and that risk identification can be an art form. Keep it simple and just know the following! Brainstorming Brainstorming is usually done in a meeting where one idea helps generate another Delphi Technique A technique used to build consensus of experts who participate anonymously. A request for information is sent to the experts, their responses are compiled, and the results are sent back to them for further review until consensus is reached Interviewing Also called expert interviewing on the exam, this consists of the team or project manager interviewing project participants, stakeholders or experts to identify risks on the project or a specific element of work Root cause analysis What if you could reorganize the risks you have uncovered by their causes?
Might you see more risks?
Of course, maybe many more! Strengths, weaknesses, opportunities and threats analysis SWOT This analysis looks at the project to identify its strengths, etc. Assumptions Analysis Analyzing what assumptions have been made on the project and if they are valid, for the purpose of identifying more risks. Diagramming Techniques There are many tools described in the Quality lesson that help one analyze the root causes of issues. At this point the risk register would include: List of risks List of potential responses Though risk response planning occurs later, one of the things experienced risk managers know is that it is not always logical to separate work on each part of risk management.
Categories of risk pdf free
There will be times when a response is identified at the same time as a risk. These responses should be added to the risk register as they are identified, and analyzed later as part of risk response planning Root causes of risks Previously explained, these are now documented Updated risk categories You will notice lots of places where historical records and company records are updated throughout the project management process.
Make sure you are aware that lessons learned and communicating information to other projects does not just happen at the end of the project. Here, the project is providing feedback to the rest of the company regarding new categories of risk to add to the checklist previously described. Join Free.