WIKI SLATEPrecision to Vision
← LibraryRisk — Process & ResponsesProject Management · Project Risk Management← PrevNext →
POSTER 12
Section 4 · Risk Management — The Process

The Risk Management Process

An iterative cycle: set the strategy, find risks, size them (qualitatively then, where needed, quantitatively), plan & implement responses, and monitor — repeating throughout the life cycle. The risk register and risk report are the living artifacts that carry it.

Visual Map — Plan → Identify → Analyse → Respond → Monitor

1 · Plan
strategy, RBS, P&I scales 2 · Identify
ongoing → risk register 3 · Qualitative
P×I → prioritise 4 · Quantitative
model overall risk 5 · Plan Responses 6 · Implement 7 · Monitor

Identify and Monitor never stop. Quantitative analysis is optional — used on larger/complex efforts to size overall risk and justify reserves; qualitative is the fast triage every time.

Threat Responses

Avoid
eliminate the threat or its cause (change the plan).
Transfer
shift impact & ownership to a third party (insurance, warranty, fixed-price).
Mitigate
reduce probability and/or impact.
Accept
take no action (passive) or set a contingency (active).
Escalate
raise to the level with authority to act.

Opportunity Responses

Exploit
make certain the opportunity is realised (mirror of Avoid).
Share
partner with someone better able to capture it (mirror of Transfer).
Enhance
increase probability and/or impact (mirror of Mitigate).
Accept
take it if it arrives, but don't actively chase it.
Escalate
raise to the level that can pursue it.

Tools by Step

  • Identify: brainstorming, checklists, RBS, assumption analysis, SWOT, interviews.
  • Qualitative: probability & impact (P-I) matrix, risk categorisation, urgency.
  • Quantitative: EMV, decision tree, Monte Carlo, sensitivity / tornado.
  • Reserves: contingency vs management reserve analysis.

Reserves — Funding Uncertainty

  • Contingency reserve — for known risks; inside the cost baseline; the PM controls it.
  • Management reserve — for unknown risks; outside the baseline; management approves its release.

Exam Concepts

  • Qualitative = subjective P×I, fast; quantitative = numeric model of overall risk.
  • Contingency (known, PM) vs management (unknown, mgmt) reserve.
  • Risk owner manages the risk; a response owner executes an action.
  • A trigger is the early-warning sign a risk is occurring.

Executive View

  • Quantitative analysis defends the contingency ask to the board.
  • Response strategy = a cost-vs-exposure trade, not box-ticking.
  • Watch overall risk, not just the loudest single risk.

Industry Example

Manufacturing
  • Line install: supplier-delay risk → qualitative HIGHMonte Carlo shows P80 finish +5 wks → response = transfer (LD clause) + mitigate (dual-source).
60-sec Review Recite the 7-step cycle 5 threat responses 5 opportunity responses Qual vs quant Contingency vs management reserve
PMI Visual Wall · Poster 12 · Risk — The Process & Responses · original instructional design · A3 landscape