Project Risk Management Basics

Project Risk ManagementProject Risk Management

The purpose of Project Risk Management is to identify project risks and develop strategies to prevent them from occurring or minimize their impact to the project if they do occur.

Project risks exist because of uncertainty. There is always the possibility that something known or unknown could impact the achievement of your project's goals. Risk management is about being prepared to handle these risks.

As the project manager, there are four basics of risk management that you can use to manage your project's risks...

  • Identify Risks
  • Risk Assessment
  • Risk Response Development
  • Monitor and Control Risks

Identify Risks

The first step of risk management is to identify any risks that may impact your project. You are essentially answering the question, "What could go wrong?"

It's important to encourage critical thinking when trying to identify risks. In general, it's great to have a "Can Do" attitude, but during this activity you need to believe in Murphy's Law.

"Anything that can go wrong, will go wrong."

- Murphy's Law

Module 11 of the PM PrepCast is all about Project Risk Management.

Consider this study program if you're preparing to take your CAPM or PMP Certification exam.

Disclosure:  I may receive a commission if you purchase the PM PrepCast with this link.

There are several techniques that you can use to help identify risks...

  • Brainstorming
  • Interviewing
  • Risk Profiles
  • Historical Data
  • Assumptions Analysis
  • Work Breakdown Structure Analysis

Keep in mind that this is not a one-time activity. As the project progresses, new risks may evolve or become known while others may no longer be relevant.

Risk Assessment

Once you have a list of potential project risks, you need to determine which risks need to be managed. Generally, those risks that would have the greatest impact to the project as well as those that are more likely to occur are the ones that should be focused on.

A basic risk assessment will analyze each risk event for the likelihood that the risk will occur and for the impact it will have if it occurs. This type of qualitative risk analysis information can be plotted on a Risk Assessment Matrix which incorporates the risk rating rules as defined in your Project Risk Management Plan.

Risk Assessment MatrixRisk Assessment Matrix

Quantitative risk management methods can also be used. These methods include the Monte Carlo technique, sensitivity analysis, and expected monetary value analysis.

Risk Response Development

For each risk, there are four response strategies that you can choose from...

  • Avoid
  • Transfer
  • Mitigate
  • Accept


In some cases, risk avoidance is possible by making a change to the project management plan. Some examples include extending or shortening the schedule, changing the project strategy, or reducing scope.


Risk transfer involves passing the risk to a third party. This doesn't change or eliminate the risk, it simply gives another party the responsibility to manage the risk. Examples of risk transfer include insurance, performance bonds, warranties, fixed price contracts, and guarantees.


Risk mitigation means to reduce the probability and/or impact of a risk event. Examples of risk mitigation include safety training, simplifying processes, choosing a stable supplier, and redundant activities.


Pass your PMP Exam!

The PM Exam Simulator is an online exam simulator.

Realistic exam sample questions so you can pass your CAPM or PMP Certification exam.

Disclosure:  I may receive a commission if you purchase the PM Exam Simulator with this link.

Risk acceptance is when the project team decides not to change the project management plan to deal with the risk or is unable to identify any other risk response strategies for a risk event. This strategy can be passive where the project team decides to just deal with the risk if it occurs. Or it can be active where the project team has a contingency reserve allocated and plan in place in case the risk occurs.

Monitor and Control Risk

Monitoring and controlling your project risks involves implementing your risk response strategies, tracking identified risks, monitoring triggering events, and identifying new risks. This should be done throughout your project.

You can find more articles about project risk management below.

Related Articles About Project Risk Management

What Is Risk Management?

What is risk management? A practical definition of risk management including a 4-step process for managing project risk. Learn why risk management is critical for effective project management.

Qualitative Risk Analysis and Assessment

Qualitative risk analysis is a a simple and cost-effective way to manage project risks. Learn how you can develop and use a qualitative risk assessment matrix for your project.

Do You Want More Project Management Tips?

Subscribe to Project Success Tips, my FREE Project Management Newsletter where I share tips and techniques that you can use to get your Project Management Career off to a great start.

As a BONUS for signing up, you'll receive access to my Subscribers Only Download Page!  This is where you can download my "Become A Project Manager Checklist" and other project management templates.

Don't wait...

New! Comments

Have your say about what you just read! Leave me a comment in the box below.
Share this page: