Once
the risks have been identified and evaluated, attention needs to focus on
managing them. Risk management logically follows risk analysis, though, as with
analysis, the two phases will overlap and often be done in parallel.
Risk
management consists of four major activities:
|
Planning, which, for the countermeasure
actions itemised during the risk evaluation activities, consists of:
|
|
Resourcing, which will identify and assign
the resources to be used for the work to carry out the risk avoidance or
amelioration actions; these assignments will be shown in Stage
Plans; the
resources required for the prevention, reduction and transference actions
will have to be funded from the project budget, since they are actions which
the project is committed to carry out; decisions have to be made on how
contingent actions will be funded |
|
Monitoring, which
consists of:
|
|
Controlling, which is taking action to ensure
that the events of the plan really happen. |
Risk
management continues throughout the project. However, as a minimum, actions
will need to be carried out at the following points in the project management
cycle.
Risk
planning and resourcing should be done in the processes:
|
Analysing Risks |
|
Executing a Work Package |
|
Risk
monitoring and controlling should be carried out throughout the project.
During
Closing a Project Follow-up Actions will need to be considered for any outstanding
risks that will continue into the product's useful life.