Personal tools
You are here: Home Organization Risk Management Strategy
 

Risk Management Strategy

Introduction

The purpose of this strategy is to describe the specific risk management techniques and standards to applied and the responsibilities for a achieving an effective risk management procedure. 


Check the summary of known risks & lessons Learned at Computing


Risk Management Procedure

The Risk Management Procedure for projects and services will be as follow:

  1. Identify:
    Identify all the risks which could affect the achievement of the project’s objectives, and then describe them to ensure that there is a common understanding of these risks.
    Identification of risks will be carried during initiation stage and later at each end stage.
  2. Assess:
    This includes ensuring that each risk can be ranked in terms of estimated likelihood, impact and immediacy.
  3. Plan:
    This includes preparing specific management responses to the identified threats.
  4. Implement:
    To ensuring that the planned risk response are actioned, their effectiveness monitored, and corrective action taken where responses do not match expectations.
  5. Communicate:
    Parallel step, carry out continually, that should ensure that information related to threats is communicated both within the project and externally to the stakeholders.
    Risks will be communicated as part of the following management products:
    • Highlight Reports
    • End Stage Reports
    • End Project Report
    • Lessons report

 

Records

A Risk register with the format below will be used to record and monitor all the risks for a project or service.

Register data Description
Risk Id A unique reference for every risk entered into the risk register
Author The person who raised the issue
Date Register  The date the risk was identified
Risk Category 1. Economic
2. Schedule
3. Quality
4. Legal
5. Health & Safety
Risk Description In terms of the cause, event (threat or opportunity) and effect (description in word of the impact)
Impact 1. Very low
2. Low
3. Medium
4. High
5. Very high
Probability 1. Very low
2. Low
3. Medium
4. High
5. Very high
Proximity Guidance on how proximity for risk events is to be assessed. Proximity reflects the fact that risks will occur at particular times and the severity of their impact will vary according to when they occur.
 
Proximity categories to be used:
1. Imminent
2. Within the stage : ...
3. Within the project
4. Beyond the project
Risk Response Category The risk response categories reflex how the project will treat the risk.

Risk response categories to be used on for threats:
1. Avoid: changes so the risk can no longer happen
2. Reduce: proactive actions taken to reduce probability / impact
3. Fallback: plan the actions to be taken should the risk occurs
4. Transfer: a third party takes on responsibility for some of the financial impact of the threat.
5. Accept: accept risk may happen and decide what to do later
6. Share: both parties share the gain (within pre-agreed limits) if the cost is less than the cost plan, and share the pain if the cost plan is exceeded

Risk response categories to be used on for opportunities:
1. Exploit: seize the opportunity to ensure the opportunity will happen and the impact will be realized
2. Enhance: proactive actions taken to enhance the probability of the event occurring or the impact of the invent should it occur
3. Reject: a deliberate decision is taken not to exploit or enhance the opportunity
4. Share
Risk Response Actions to solve the risk. More than one risk response may apply to a risk.
Risk Status Active or closed
Risk Owner The person responsible for managing, monitoring and controlling all aspects of a particular risk
Risk Actionee The person assigned to carry out a risk response action to respond a particular risk

 

Timing of Risk Management Activities

During Initialization stage, the project manager will create, populate and maintain the risk register.  He is in charge of ensuring that project risks are being identified, assessed and controlled throughout the project life cycle. At the end of each stage, all risk should be reviewed and updated in the risk register.



Document Actions