Knowledge Area: Project Risk Management

Read in 4 minutes

Project Risk Management includes the processes of

  • conducting risk management
  • planning,
  • identification,
  • analysis,
  • response planning, and
  • controlling risk on a project.

The objectives of project risk management are to increase the likelihood and impact of positive events, and decrease the likelihood and impact of negative events in the project.

Below are the Project Risk Management processes:


  1. Plan Risk Management—The process of defining how to conduct risk management activities for a project.
  2. Identify Risks—The process of determining which risks may affect the project and documenting their characteristics.
  3. Perform Qualitative Risk Analysis—The process of prioritizing risks for further analysis or action by assessing and combining their probability of occurrence and impact.
  4. Perform Quantitative Risk Analysis—The process of numerically analyzing the effect of identified risks on overall project objectives.
  5. Plan Risk Responses—The process of developing options and actions to enhance opportunities and to reduce threats to project objectives.
  6. Control Risks—The process of implementing risk response plans, tracking identified risks, monitoringresidual risks, identifying new risks, and evaluating risk process effectiveness throughout the project.


Project risk is an uncertain event or condition that, if it occurs, has a positive or negative effect on one or more project objectives such as scope, schedule, cost, and quality.

A risk may have one or more causes and, if it occurs, it may have one or more impacts. A cause may be a given or potential requirement, assumption, constraint, or condition that creates the possibility of negative or positive outcomes. If any of the uncertain events occurs, there may be an impact on the project, scope, cost, schedule, quality, or performance. Risk conditions may include aspects of the project’s or organization’s environment that contribute to project risk, such as immature project management practices, lack of integrated management systems, concurrent multiple projects, or dependency on external participants who are outside the project’s direct control.

Project risk has its origins in the uncertainty present in all projects. Known risks are those that have been identified and analyzed, making it possible to plan responses for those risks. Known risks that cannot be managed proactively, should be assigned a contingency reserve. Unknown risks cannot be managed proactively and therefore may be assigned a management reserve.

A negative project risk that has occurred is considered an issue.

Individual project risks are different from overall project risk. Overall project risk represents the effect of uncertainty on the project as a whole. It is more than the sum of the individual risks within a project, since it includes all sources of project uncertainty. It represents the exposure of stakeholders to the implications of variations in project outcome, both positive and negative.

Organizations perceive risk as the effect of uncertainty on projects and organizational objectives. Organizations and stakeholders are willing to accept varying degrees of risk depending on their risk attitude. The risk attitudes of both the organization and the stakeholders may be influenced by a number of factors, which are broadly classified into three themes:

  • Risk appetite, which is the degree of uncertainty an entity is willing to take on in anticipation of a reward.
  • Risk tolerance, which is the degree, amount, or volume of risk that an organization or individual will withstand.
  • Risk threshold, which refers to measures along the level of uncertainty or the level of impact at which a stakeholder may have a specific interest. Below that risk threshold, the organization will accept the risk. Above a certain level of risk threshold, the organization will not tolerate the risk.

Positive and negative risks are commonly referred to as opportunities and threats. The project may be accepted if the risks are within tolerances and are in balance with the rewards that may be gained by taking the risks.Positive risks that offer opportunities within the limits of risk tolerances may be pursued in order to generate enhanced value.

Individuals and groups adopt attitudes toward risk that influence the way they respond. These risk attitudes are driven by perception, tolerances, and other biases, which should be made explicit wherever possible. A consistent approach to risk should be developed for each project, and communication about risk and its handling should be open and honest. Risk responses reflect an organization’s perceived balance between risk taking and risk avoidance.


Concluding Remarks: Project risk have to be thought of since the moment a project is initiated. To be successful, an organization should be committed to address risk management proactively and consistently throughout the project. A conscious choice should be made at all levels of the organization to actively identify and pursue effective risk management during the life of the project.


Source: PMBOK 5th Edition.

262,309 total views, 23 views today

  1. 5 months ago
  2. 4 months ago
  3. 4 months ago
  4. 4 months ago
  5. 4 months ago
  6. 3 months ago
  7. 3 months ago
  8. 3 months ago
  9. 3 months ago
  10. 2 months ago
  11. 1 month ago
  12. 1 month ago
  13. 1 week ago
  14. 1 week ago

Leave Your Comments