Managing Risk

The management of risk is one of the most important parts of the Project Board's and Project Manager's jobs. The Project Manager is responsible for ensuring that risks are identified, recorded and regularly reviewed. The Project Board has three responsibilities:

The Project Manager modifies plans to include agreed actions to avoid or reduce the impact of risks. An 'owner' should be identified for each risk, who should be the person best situated to keep an eye on it. The Project Manager will normally suggest the 'owner' and the Project Board should make the decision. Project Board members may be appointed `owners' of risks, particularly risks from sources external to the project.

In order to contain the risks during the project, they must be managed in a disciplined manner. This discipline consists of:

The risk analysis and risk management phases must be treated separately, to ensure that decisions are made objectively and based on all the relevant information.

Risk analysis and risk management are inter-related and undertaken iteratively. The formal recording of information is an important element in risk analysis and risk management. The documentation provides the foundation that supports the overall management of risk.

Risk analysis requires input from the management of the organisation. The organisation's management, in turn, is kept informed by the analysis in a highly iterative manner. Communication is particularly important between the project and programme levels within the organisation.

Where the project is part of a programme, the management of risk procedures used by the project must be the same as those of the programme unless there are valid reasons not to do so. Where a risk is uncovered in the programme, any affected projects should be involved in the analysis of that risk. Similarly project risk evaluation should include staff from the programme.