How to Make a Risk Management Plan

ProjectManager.com

Manage risk with confidence. Try ProjectManager.com and get award-winning reporting tools that can help you spot problems and build solutions. It's free for 30 days.

Get a Free 30-Day Trial of Our PM Software

You identify them, record them, monitor them and plan for them: risks are an inherent part of every project. Some risks are bound to become problem areas—like executing a project over the holidays and having to plan the project timeline around them. But there are many risks within any given project that, when unchecked, can come as unwelcome surprises to you and your team.

That’s where a risk management plan comes in—to help mitigate risks before they become problems. But first, what is risk management?

What is Risk Management?

Risk management is an arm of project management that deals with managing potential impacts to your project, both positive and negative. Managing your risks is arguably one of the most important parts of a project. If one risk that’s passed your threshold has its conditions met, it can put your entire project in jeopardy. There isn’t usually just one risk per project, either; there are many risks that require assessment and discussion with your stakeholders.

That’s why risk management needs to be both a proactive and reactive process of identifying, analyzing and responding to risks that emerge over the lifetime of the project. It’s something that occurs both at the outset of the project and throughout the entirety of the project life cycle, ensuring that nothing crops up out of the left field.

Elements of a Risk Management Plan

For every web design and development project, construction project or product design, there will be risks. That’s truly just the nature of project management. But that’s also why it’s always best to get ahead of them as much as possible by developing a risk management plan. There are typically a handful of elements that make up a risk management plan, and they are outlined below.

1. Identify Risks

Risk identification occurs at the beginning of the project, as well as throughout the project. While many risks are considered “known risks”, others might require additional research to discover.

To identify risks, create a risk identification checklist that is specific to your project type. You can do this by interviewing all stakeholders and industry experts. Additionally, create a risk repository that you can share with everyone you interviewed for a centralized location of all known risks revealed during the identification phase. This can be conveniently done on an online project management software.

Many risks can be divvied up into categories, like technical or organizational, and listed out by specific sub-categories like technology, interfaces, performance, logistics, budget, etc.

2. Map Out Impact Versus Likelihood

In this next phase, you’ll review the qualitative and quantitative impact of the risk—like the likelihood of the risk occurring versus the impact it would have on your project—and map that out into a matrix or spreadsheet.

First, you’ll do this by assigning the risk likelihood a score from low probability to high probability. Then, you’ll map out your risk impact from low to medium to high and assign each a score. This will give you an idea of how likely the risk is to impact the success of the project, as well as how urgent the response will need to be.

To make it efficient for all team members and stakeholders to understand the matrix, assign an overall risk score by multiplying your impact level score with your risk probability score. You can get started with our free risk assessment template.

elements of a risk management plan

3. Plan Your Risk Response

Planning your risk response usually includes three main concepts: eliminating your risk and lowering both the impact of the risk on the project as well as the risk occurrence. Doing this usually comes with a price—at the expense of your time, or your budget. So you’ll want to have your time, money and scope explicitly mapped out prior to creating your risk management plan.

4. Assign an Owner to the Risk

Additionally, you’ll also want to assign a risk owner to each risk. While the default is usually the project manager, you’ll want to be specific. When you create your matrix, list out the owner of each risk, that way no one is confused as to who will need to implement the response once the risk occurs, and owners can take immediate action.

Be sure to record what the exact response is and have it approved by all stakeholders before implementation. That way you can have a record of the issue and the resolution to review once the entire project is finalized.

5. Understand Your Triggers

This can happen with or without a risk already having impacted your project—especially during project milestones as a means of reviewing project progress. If they have, consider reclassifying those existing risks.

Even if those triggers haven’t been met, it’s best to come up with a backup plan as the project progresses—maybe the conditions for a certain risk won’t exist after a certain point has been reached in the project.

6. Make a Backup Plan

Consider your risk impact and probability matrix a living document. Your risks can change in classification at any point during your project, and because of that, it’s important you come up with a contingency plan as part of your process.

Contingency planning includes discovering new risks during project milestones and reevaluating existing risks to see if any conditions for those risks have been met. Any reclassification of a risk means adjusting your contingency plan just a little bit.

7. Measure Your Risk Threshold

Measuring your risk threshold is all about discovering which risk is too high and consulting with your stakeholders to consider whether or not it’s worth it to continue the project—worth it whether in time, money or scope.

Here’s how the risk threshold is typically determined: consider your risks that have a score of “very high”, or more than a few “high” scores, and consult with your leadership team and stakeholders to determine if the project itself may be at risk of failure. Risks that require additional consultation are risks that have passed the risk threshold.

Best Practices for Maintaining Your Risk Management Plan

Risk management plans only fail in a few ways: incrementally because of insufficient budget, via modelling errors or by ignoring your risks outright.

Your risk management plan is one that is constantly evolving throughout the course of the project, from beginning to end. So the best practices are to focus on the monitoring phase of the risk management plan. Continue to evaluate and reevaluate your risks and their scores, and address risks at every project milestone.

Additionally, at each milestone, conduct another round of interviews with the same checklist you used at the beginning of the project, and re-interview stakeholders, project members, customers (if applicable) and industry experts.

Record their answers, adjust your matrix if necessary, and report all relevant updates of your risk management plan to key stakeholders. This process and level of transparency will help you to identify any new risks to be assessed and will let you know if any previous risks have expired.

How ProjectManager.com Can Help With Your Risk Management Plan

Don’t let risks go unreported. With ProjectManager.com, get access to collaborative workspaces that help resolve risks faster and easier than ever before. Use project scheduling and task tools to identify risks and assign them risk owners. Get full visibility into which tasks are assigned to which team members, and watch in real time as they address those risks. Mark them as done, and archive them for later—we offer unlimited cloud storage for easy record keeping.

online Gantt chart for making risk management plan
Quickly assign tasks and adjust workload with our online Gantt chart.

ProjectManager.com shines in the monitoring phase as well. Our patented real-time dashboard gives you a live look at critical project metrics like slippage, workload, budgets and more. Plus, get automated reporting that lets create reports in just a few keystrokes, so you’re always able to act when conditions for a risk are met. Risk tracking has never been easier.

status report for tracking risks

Risks are bound to happen no matter the project. But if you have the right tools to better navigate the risk management planning process, you can better mitigate error. ProjectManager.com is an cloud-based project management software that updates in real time, giving you all the latest information on your risks, issues and changes. Start a free 30-day trial and start managing your risks better.

Related Posts

Deliver Your Projects
On Time and Under Budget

Start planning your projects.

Start 30-Day Free Trial