The Importance of Risk Management Plans in Project Management 

Project managers should not only have them, but update them continually

August 17, 2017 | Helen S. Cooke

risk planAssessing risk is an important part of a well-managed project, and project managers and team members should have a risk management plan in place from the project’s outset. Projects, in and of themselves, are risky endeavors because the project often addresses a critical need, resolves an existing problem, or fixes something that has been difficult to fix in the past. Organizations seldom charge headlong into risky situations unless there is a needed change, along with a likelihood that the organization will benefit from the project’s results. In many situations, the simplest way of reaching the desired goal has already been tried and was unsuccessful. If the end goal was easy, it would already have been done.

Projects cost more than daily operations, just as custom shirts cost more than off-the-rack shirts in department stores. It’s important to not waste resources on strategies that have already failed. One of the classic questions a project manager asks in a newly-formed project is what has already been tried. The project manager and team spend the first discussion on a new project looking at the current situation, identifying why it is not meeting the organization’s needs, and examining the business case to pinpoint the critical success factors and desired outcomes.

Once the priorities are clear—the cost limits, quality expectations, and hard deadlines—the paths of work and deliverables can be mapped out and their interdependencies defined. Risks can be identified for the project as a whole, as well as likely risks for each phase of work and for each key deliverable. While the entire risk list might be long, not every risk is relevant at the start of the project. Many risks will not emerge until the work is well underway.

The entire team can help to develop the project’s risk list. Even the sponsor and customer can help identify risks. Once a list is created, and the risk levels are quantified by multiplying the likelihood of the risk with its importance and impact, the risks (with their proposed action responses) can be scattered across the project duration in those places they are most likely to emerge.

By matching risks to certain time points in the project, the team won’t need to worry about every risk all the time. They really only need to worry about the risks that attach themselves to each phase of work before that phase is completed. Once the phase is completed — and you can see that the risk did not emerge — you can drop that risk from the list. New risks may be identified along the way, and they can be added to the risk list at the point they are most likely to create problems. As the project moves forward, the challenges change. The team can face what emerges. The risk manager can monitor the potential risks, each with its own pre-determined action plan, and alert the worker most likely to spot the problem.

If you have a dyed-in-the-wool problem solver on your team, give them the risky assignments. They like the risk, they enjoy the challenge, and they will take personal pride in shifting a highly risky situation into a routine work assignment. Once they have done so, reward them for their performance and move them off that area, perhaps to a new risky assignment. People who love dealing with risk often dislike repetitive tasks.  If you let them sit in a boring routine long after they have already solved the crisis, they may move elsewhere, to a more exciting work assignment at a different company—and you are very likely to need their skills again in the future. Losing a good team member is another project risk you would be wise to manage in advance.

The key to successful project risk management is constantly updating the risk list while ensuring that team members are aware of the risks specific to their own tasks. Many anticipated risks can be avoided. If a project team is properly informed about what risks might emerge as they work, they can relax into a work routine and focus on the product, the quality, the resources, and the deadlines. With less to worry about while they work, the team can perform better and look forward to the next task. Like any security system, the risk management plan stays in the background yet is fundamental to the project’s proper functioning.

  • facebook
  • twitter
  • linkedin
  • mix
  • reddit
  • email
  • print
  • About The Author
  • Website
  • Helen S. Cooke is a 20-year project management veteran with experience in Fortune 500 companies, universities, the service industry, manufacturing, government, military and defense. She is a PMP® and a PMI® Fellow, and an experienced management consultant. She has worked on five continents and was elected a Fellow of the Project Management Institute in 2005. Helen was a PMI officer and served six years on PMI’s Global Board of Directors.

    Helen led a profit and loss practice at Deloitte for 10 years, was a mid-level manager in the federal government, and was a university administrator. She headed the Project Management Center of Excellence at McDonald’s Corporation and implemented SEICMM Level 2/3 and a PMO at United Airlines. She has taught project management systems at the graduate level at Keller Graduate School and a PMO course at DePaul University in Chicago. She is the author of several books about project management and organizational project management maturity.