Learning from risks a tool for post-project risk assessment

Probability: What are the chances that any of these risks are actually going to happen? Impact: In the event that these risks do take place, what kind of effect are they going to have on the project? Factors: What are the different signs that can tell you when these risks might take place or even trigger them?

You may also see sample IT risk assessments. You and the people who are tasked with doing the project alongside you will obviously want to know what these problems are, and the only way to do that is through a proper risk assessment.

You may also see risk assessment templates in PDF. Conducting one will give you and everyone else a good idea as to what has to be done in order to prepare for these risks, or at least what can be done in order to avoid some of them. You may also see sample risk assessment forms. You may also see free assessment templates. So, here are the steps that you are going to have to follow in order to help you do just that: 1.

Know the Potential Risks The first step in the assessment is identifying the risks. You have to make sure that everyone considers everything that takes place during the project. You may also see the importance of risk assessments. They serve as a powerful tool for companies and workers to assess the risks of the tasks, activities and projects they are undertaking so that they can create proactive measures which mitigate the chance of risks turning into something more problematic - like an incident.

There are a number of different types of risk assessments which companies engage in, but the underlying goal of brainstorming, understanding and controlling potential risks is much the same. A risk assessment for project management enables project parties contractors, subcontractors, asset owners to assess the risks associated with managing and delivering a project. Unlike a working at heights risk assessment or confined space risk assessment or lone work risk assessment which seeks to address the risks associated with an immediate task - risk assessments in project management look at more macro-level issues usually involving commercial and financial elements as well as broadly applicable environmental, safety and quality issues.

No matter what type of work you do and what kind of projects you manage, there is going to be some level which you need to manage and minimise. Because the term 'project' is so broad, we are going to focus mostly on industrial projects and industrial companies like construction, oil and gas and mining.

These companies are very traditional project-based companies, and their projects are also fraught with some of the most extreme risks of any projects in the world. This is not an exhaustive list of the risks associated with a typical project, which illustrates the level of difficulty and uncertainty companies face in simply delivering a project.

It also highlights the need to focus on managing these risks, and make sure everyone is aware and cognisant of the risks by performing a proper risk assessment for project management.

While companies have developed and adopted a number of processes and procedures over the years in order to naturally adapt to the risks encountered - projects, companies and risks are always evolving.

Every project is a little different. It may require a different set of parties, involve different economic circumstances, involve specific environmental risks which put your reputation and other stakeholders at risk and more.

Conducting a risk assessment for every project, and at multiple stages or phases of a project is necessary practice when you are talking about million and billion dollar projects.

Your risk assessments provide you with an opportunity to brainstorm the risks which might arise and develop controls which you can put in place throughout the project. Your risk assessment also gives you the opportunity to continuously improve. Taking a minute to assess risks and look back at how those risks eventuated on other projects gives you a great opportunity to make constant improvements to how you manage risk and ultimately deliver better projects over time. The example risk assessment below is a proven and reliable framework for summarising an individual project risk.

For many project managers, this means business planning, building, and strategizing — actions that all rely heavily on carefully balancing what resources you have and planning risk assessments around them. Operating this way ensures that your business protects itself as it grows. During risk management, project managers and professionals seek to identify events that may negatively impact overall project performance.

Risks are both internal and external, so risk assessment and management usually include a number of aspects that include:. The following list of the most common project risks that modern businesses encounter will give you a welcome advantage in risk management and planning. Cost risk is probably the most common project risk of the bunch, which comes as a result of poor or inaccurate planning, cost estimation, and scope creep.

The result of poor planning, schedule risk is the risk that project tasks and activities will take longer to complete than estimated. This project risk is not the fault of any one party, which makes it especially daunting. Operational risk stems from poor implementation and process problems, including but not limited to: procurement, production, and distribution. These action plans should include:. For each risk, a risk response must be documented in the risk register in agreement with the stakeholders.

This should be ensured by the project manager. Risk response plans usually impact time and costs. It is therefore mandatory that the time and cost for the defined response plan are calculated as precisely as possible. This also assists in selecting a response plan from the alternatives, and in verifying whether the response plan is costlier or has more impact on one of the project objectives than the risk itself. After successfully implementing a set of response plans, the score of a risk could be lowered in consultation with the stakeholders.

For each risk a trigger must be documented in the risk register. The trigger identifies the risk symptoms or warning signs. It indicates that a risk has occurred or is about to occur.

The risk trigger also gives an indication of when a certain risk is expected to occur. The ground rule is that responsibility for managing all risks in the project lies with the project manager. Based on this ground rule a Risk Owner who is not necessarily the project manager must be determined and named in the Risk Register.

The Risk Owner is normally the one who can best monitor the risk trigger, but can also be the one who can best drive the defined countermeasures. The Risk Owner is responsible for immediately reporting any changes in the risk trigger status and for driving the defined countermeasures.

For the risks that cannot be closed, the criticality has to go down over a period of time due to implementing the action plan.

If this is not the case then the action plan might not be effective and should be re-examined. The risk register is continuously updated, from risk identification through risk response planning and status update during risk monitoring and control.

This project risk register is the primary risk reporting tool and is available in the central project server, which is accessible to all stakeholders. Risk monitoring and controlling or risk review is an iterative process that uses progress status reports and deliverable status to monitor and control risks. This is enabled by various status reports, such as quality reports, progress reports, follow-up reports, and so forth.

These risk reviews must be held regularly. The frequency could also be determined based on the overall risk level of a project. The risk priorities have to be set to direct focus where it is most critical. The risks with the highest risk exposure rating are the highest priority. Risks with Exposure Low can be dropped from the mitigation plans, but may need to be revisited later in the project. This is the recommended risk threshold.