Note if you are taking the PMP® exam from 26 March 2018 onwards: click here to read the updated PMP® study material based on PMBOK® Guide 6th Edition.
A risk management plan can be quite simple on small projects.
On the other hand, as complexity increases, putting together a risk management plan makes your job of project manager much harder.
It’s a part of your Project Management Plan (PMP) you can’t skip, though. Since risk can show up at any time in a project’s life, you need guidance on how all risk management activities will be carried out.
To plan for risk from the beginning of your project easily, check your plan against our checklist.
Risk Management Plan – Activity Checklist
1. Plan Risk Management
- Specify if the risk review frequency will be according to a factor such as probability, at the end of each stage, or at set regular intervals during each stage.
- Detail how the project staff will report new risks or changes in the status of existing risks.
- Develop interfaces with other affected projects, up to program level if the project is part of a program of projects, and into the organizational risk management system if it has organizational implications.
- Assign Risk Log accesses and share the reasons behind standard ‘read only’ and, if any, restrictions because of security or genuine confidentiality.
- Define when you must inform the Project Steering Group immediately of a new risk – or a status change in an existing one – and when you can leave this to the next progress review or report.
- Explain how you plan to keep people informed about selected risks throughout the project.
- Check that the Risk Plan is written clearly enough, so that everyone involved in the management of the project can understand it.
- Check the details of the plan with the Project Steering Group before being finalized.
2. Risk Management Plan
- List all risks you’ve identified for the project with brief descriptions.
- Estimate the likelihood of the risk occurring and the potential impact to the project. Make a prioritized list of risks, agreed upon by team members and stakeholders.
- Formulate the strategies you plan to use to avoid some risks completely, reduce the probability that risks occur, and lessen the impact if they do occur. Identify which risks you will respond to and which ones you will accept.
- List the processes you plan to use to monitor risks and the metrics you use to evaluate risks.
- List the risk triggers, events, and circumstances that provide early warning of risks that are in danger of occurring.
- Include the risk information sheet and risk log you plan to use to manage risks.