Scribd
Upload
66 views16 pages

RISK MANAGEMENT PLAN TEMPLATE v0.1

Uploaded by

sandyy
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
66 views16 pages

RISK MANAGEMENT PLAN TEMPLATE v0.1

Uploaded by

sandyy
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 16

Risk Management Plan

<Project Name>

Document ID RISK MANAGEMENT PLAN-v0.1

Version Number 0.1

Issue Date April 01, 2020

Classification Public
Risk Management Plan <Customer logo>
Version: 0.1

Copyright Notice

© COMPANYNAME, (original issue year – current issue year)

All Rights Reserved

The information contained in this document is the property of COMPANYNAME. No part of


this document may be reproduced, stored in a retrieval system, or transmitted in any form,
or by any means; mechanical, photocopying, recording, or otherwise, without the prior
written consent of COMPANYNAME. Under the law, copying includes translating into
another language or format. Legal action will be taken against any infringement.

The information contained in this document is subject to change without notice and does
not carry any contractual obligation for COMPANYNAME. COMPANYNAME reserves the right
to make changes to any products or services described in this document at any time without
notice. COMPANYNAME shall not be held responsible for the direct or indirect consequences
of the use of the information contained in this document.

625692386.docx Public Page 2 of 16


Risk Management Plan <Customer logo>
Version: 0.1

Revision History
Date Version Description Author (s)
04/01/2020 0.1 Draft Version John Doe

Reviewed By (Customer) Signature Date

The reviewer signoff shall signify the recommendation for acceptance of this document.

625692386.docx Public Page 3 of 16


Risk Management Plan <Customer logo>
Version: 0.1

Sign Off

Prepared By Acknowledged By

<Name> <Name>
Title: <Position> Title: <Position>
COMPANYNAME COMPANYNAME
Date: Date:

Accepted By Accepted By

<Name> <Name>
Title: <Position> Title: <Position>
<Customer Company Name > <Customer Company Name >
Date: Date:

625692386.docx Public Page 4 of 16


Risk Management Plan <Customer logo>
Version: 0.1

Table of Contents

List of Tables........................................................................................................................6

List of Figures.......................................................................................................................7

1 Introduction.................................................................................................................8

2 Risk Management Approach........................................................................................9

3 Roles and Responsibilities............................................................................................9

4 Risk Identification......................................................................................................11

5 Risk Prioritization & Categorization...........................................................................12

6 Risk Response Planning..............................................................................................13

7 Risk Monitoring, Controlling, And Reporting..............................................................14

Appendix............................................................................................................................16

625692386.docx Public Page 5 of 16


Risk Management Plan <Customer logo>
Version: 0.1

List of Tables
Table 1: Roles and responsibilities...........................................................................................................11

625692386.docx Public Page 6 of 16


Risk Management Plan <Customer logo>
Version: 0.1

List of Figures
Figure 1: Probability and impact..............................................................................................................13

625692386.docx Public Page 7 of 16


Risk Management Plan <Customer logo>
Version: 0.1

1 Introduction

Because Risks can have multiple impacts to a project, steps must be taken to identify,
mitigate, manage and control them. This document should detail these aspects including
information about how each team member or role provides support to these activities.

The Introduction should provide a general description of why risk management is essential
to effectively managing a project. It should also provide a brief overview of the important
definitions related to risk management, and the high-level sections that the document will
contain.

A risk is an event or condition that, if it occurs, could have a positive or negative effect on a
project’s objectives. The purpose of the Risk Management Plan for is to establish the
framework in which the project team will identify risks and develop strategies to mitigate or
avoid those risks. This plan also defines how risks associated with the project will be
recorded, and monitored throughout the lifecycle of the project.

This Risk Management Plan includes the following sections:

 Risk Management Approach – Deciding how to approach and conduct the risk
management activities for the project
 Roles & Responsibilities – Defining how each team role contributes to managing the
risk process
 Risk Identification – An initial and continuous effort to identify, quantify and
document risks as they are identified.
 Risk Prioritization & Categorization – Evaluate identified risks to determine
probability of occurrence, impact, and timeframe.
 Risk Response Planning - Establish an action plan for risk and assign responsibility.
 Risk Monitoring, Controlling, & Reporting – Capture, compile, and report risk using
the Risk Register

625692386.docx Public Page 8 of 16


Risk Management Plan <Customer logo>
Version: 0.1

2 Risk Management Approach

This section provides a general description for the approach to be taken to identify and
manage the risks associated with the project. It should be a short paragraph or two
summarizing the approach to risk management on this project.

The basic Risk Management approach for is to identify critical risks and take necessary
action before issues arise that impact project objectives. Many different tools will be used as
part of this strategy.

The approach taken to manage risks for this project will include a methodical process by
which the project team will identify, score, and rank various risks. Risk information
identified by the project team will be entered into the Risk Register. The Senior Project
Director will maintain the Risk Register, and Risk information will be a principal topic in all
status meetings. New risks will be reviewed to determine if mitigation action is required.
The most likely and highest impact risks will be added to the project plan to ensure that the
assigned risk managers take the necessary steps to implement the mitigation response at
the appropriate time during the project. Risk managers will provide status updates on their
assigned risks in bi-weekly project team meetings, but only when the meetings include their
risk’s planned timeframe. Upon completion of the project, during the closing process, the
Senior Project Director will analyze each risk and review the risk management process.
Based on this analysis, the Senior Project Director will identify any improvements that can be
made to the risk management process for future projects. These improvements will be
captured as part of the lessons learned knowledge base.

3 Roles and Responsibilities

The table below provides an overview of the Roles & Responsibilities for the Risk
Management activities.

625692386.docx Public Page 9 of 16


Risk Management Plan <Customer logo>
Version: 0.1

Role Responsibilities

Business Analysts  Assists in identifying and determining the context,


consequence, impact, timing, and priority of the risk
Project Director  Chairs the risk assessment meetings
 Coordinates with Risk Managers to determine if the risk
is unique
 Identifies risk interdependencies across projects and
verifies if risk is internal or external to project
 Assigns risk classification and tracking number
 Continually monitors the projects for potential risks
throughout the project lifecycle
 Analyzes any new risks that are identified and add these
items to the Risk Register
Risk Manager  Coordinates with the Senior Project Director to identify
the risks, the dependencies of the risk within the project,
and the context and consequence of the risk
 Determines the impact, timing, and priority of the risk
 Formulates the risk statements
 Monitors and controls risks that have been identified
 Reviews and updates the top ten risk list [timeframe, as
needed, every two weeks, etc.]
 Escalates issues & problems to management

625692386.docx Public Page 10 of 16


Risk Management Plan <Customer logo>
Version: 0.1

Role Responsibilities

Risk Owners  Determines which risks require mitigation and


contingency plans
 Generates the risk mitigation and contingency strategies
and performs a cost benefit analysis of the proposed
strategies
 Monitors, controls, and updates the status of the risk
throughout the project lifecycle
 Aids in the development of the risk response and risk
trigger
 Carries out the execution of the risk response, if a risk
event occurs
 Participates in the review, re-evaluation, and
modification of the probability and impact for each risk
item on a weekly basis
 Identifies and participates in the analysis of any new
risks that occur
 Escalates issues/problems to PM that significantly
impact the projects triple constraint or trigger another
risk event to occur
 Highlights risks that require action prior to the next
weekly review
 Identifies and escalates risks where strategy is not
effective or productive (causing the need to execute the
contingency plan)
Other Key  Assists in identifying and determining the context,
Stakeholders consequence, impact, timing, and priority of the risk

Table 1: Roles and responsibilities

4 Risk Identification

This section explains the process by which the risks associated with this project will be
identified. It should describe the method(s) for how the project team will identify risks, the
format in which risks are recorded, and the forum in which this process will be conducted.
Typical methods of identifying risks are conducting expert interviews, reviewing historical
information from similar projects, and conducting risk assessment meetings with the project
team and key stakeholders

Risk identification will involve the project team, and appropriate stakeholders, and will
include an evaluation of environmental factors, organizational culture and the project
625692386.docx Public Page 11 of 16
Risk Management Plan <Customer logo>
Version: 0.1

management plan including the project scope, schedule, cost, or quality. Careful attention
will be given to the project deliverables, assumptions, constraints, Work Breakdown
Schedule, cost/effort estimates, resource plan, and other key project documents.

The following methods will be used to assist in the identification of risks associated with
:
 Expert Interviews
 Risk Assessment Meetings
 Historical Reviews of Similar Projects
 Brainstorming
 Interviewing
 SWOT (Strengths, Weaknesses, Opportunities and Threats)
 Diagramming

The Risk Register will be updated as needed and will be stored electronically in the project
library located at <file location>.

5 Risk Prioritization & Categorization

Once risks are identified it is important to determine and revisit the probability and impact
of each risk in order to allow the project manager to prioritize the risk avoidance and
mitigation strategy. Risks which are more likely to occur and have a significant impact on
the project will be the highest priority risks while those which are more unlikely or have a
low impact will be a much lower priority. This is usually done with a probability – impact
matrix. This section explains risks were qualified and prioritized for this project.

In order to determine the severity of the risks identified by the team, a probability and
impact factor will be assigned to each risk. This process will allow the Senior Project Director
to prioritize risks based upon the potential impact to the project.

As risks are assigned a probability and impact, the Senior Project Director will move forward
with risk mitigation/avoidance planning.

The probability and impact of occurrence for each identified risk will be assessed by the
Senior Project Director, with input from the project team using the following approach:

625692386.docx Public Page 12 of 16


Risk Management Plan <Customer logo>
Version: 0.1

Probability
 High – Between 80% and 100% probability of occurrence
 Medium – Between 20% and 79% probability of occurrence
 Low – Below 20% probability of occurrence

Impact
 High – Risk that has the potential to greatly impact H
project cost, project schedule or performance
M
 Medium – Risk that has the potential to slightly impact
project cost, project schedule or performance L

Impact
 Low – Risk that has relatively little impact on cost, L M H
schedule or performance
Probability

Figure 1: Probability and impact

Risks that fall within the RED and YELLOW zones will have a risk response plan which may
include both a risk response strategy and a risk contingency plan.

6 Risk Response Planning

Each major risk (those falling in the Red & Yellow zones) will be assigned to a risk owner for
monitoring and controlling purposes to ensure that the risk will be addressed and managed
appropriately.

For each major risk, one of the following approaches will be selected:
 Avoid – Eliminate the threat or condition, or avoid impact to the project objectives
by eliminating the cause. The project plan may need to be altered to account for
the risk avoidance. Avoidance may be achieved by changing scope, adding time, or
adding resources.
 Mitigate – Identify ways to reduce the probability or the impact of the risk. These
steps may be costly and time-consuming, but could be preferable to allowing the
risk to go forward in an unmitigated state.
 Accept –The project team accepts that the risk exists and makes no change to the
project plan to address the risk. No response strategy is identified.
 Contingency –Define actions to be taken in response to risks.
 Transfer – Shift the consequence and ownership of a risk by making another party
responsible (buy insurance, outsourcing, etc.).
The Senior Project Director will lead the project team in developing responses to each
identified risk. As more risks are identified, they will be qualified and the team will develop

625692386.docx Public Page 13 of 16


Risk Management Plan <Customer logo>
Version: 0.1

the response. These risks will also be added to the Risk Register and the project plan to
ensure they are monitored at the appropriate times and are responded to accordingly.

For each risk that will be mitigated, the project team will identify ways to prevent the risk
from occurring or reduce its impact or probability of occurring. This may include
prototyping, adding tasks to the project schedule, adding resources, etc. Any secondary
risks that result from risk mitigation response will be documented and will follow the same
risk management protocol as primary risks.

7 Risk Monitoring, Controlling, And Reporting

This section should discuss how the risks in the project will be actively monitored. An
effective way to monitor project risks is to add those risks with the highest scores to the
project plan & schedule with an assigned risk manager. This allows the project manager to
recognize when these risks need to be monitored more closely and when to expect the risk
manager to provide status updates at the bi-weekly project team meetings. The key to risk
monitoring is to ensure that it is continuous throughout the life of the project and includes
the identification of trigger conditions for each risk and thorough documentation of the
process.

The Risk Register for is a log of all identified risks, their probability and impact to the
project, the category they belong to, mitigation strategy, and when the risk is estimated to
occur. This register will be created in the early planning phase of the project. Based on the
identified risks and timeframes in the risk register, applicable risks will be added to the
project plan. At the appropriate time in the plan—prior to when the risk is most likely to
occur—the project manager will assign a risk manager to ensure adherence to the agreed
upon mitigation strategy.

The level of risk on will be tracked, monitored, controlled and reported throughout the
project lifecycle. The most likely and greatest impact risks will be added to the project
schedule to ensure that proper monitoring occurs during the time of risk exposure. As risks
are added to the project schedule, a Risk Manager will be assigned. During the bi-weekly
project team meeting, the Risk Manager will discuss the status of their assigned risks. Only

625692386.docx Public Page 14 of 16


Risk Management Plan <Customer logo>
Version: 0.1

risks which fall in the current time period will be discussed. Risk monitoring will be a
continuous process throughout the life of this project.

Critical risks will also be assigned a risk owner(s) who will track, monitor, and control their
assigned risks. The risk owner will also provide a weekly status report to the Project
Manager and Risk Management Team. This report should contain an assessment of the
effectiveness of each risk response action.

As Risk Events occur, the list will be re-prioritized during weekly reviews and risk
management plan will reflect any and all changes to the risk lists including secondary and
residual risks.

The Senior Project Director will notify the Project Sponsor of important changes to risk
status as in the weekly Project Status Report.

625692386.docx Public Page 15 of 16


Risk Management Plan <Customer logo>
Version: 0.1

Appendix

625692386.docx Public Page 16 of 16

You might also like