The Project Risk Management knowledge area includes the processes that identify, evaluate, respond to, and monitor project risks.
By their very nature of creating a unique product, service, or result and operating within constraints and under assumptions, projects cannot exist without risks.
There are risk factors in every project objective, deliverable, and activity that exist starting with the earliest inception phase all the way until closure.
Though we often think of risks as being threats with negative consequences, there are also positive risks, called opportunities, that can increase the project's chances of success or which can be exploited to save time or money.
Project risk management can be thought of as a balancing act because innovation, which is so necessary for successful projects, doesn't occur without elements of risk.
So the objective of project risk management is not to avoid risks entirely, but to increase the probability and impact of positive events, and decrease the probability and impact of events adverse to the project.
Without risk-taking, new methods of efficiency, originality, and competitiveness can't be achieved, so the project risk processes make sure the costs of risks are weighed against the benefits they provide.
The project manager has the key role in project risk management even if there are professional risk personnel also assigned to the project, and a proactive approach is necessary because a risk is the only root cause of project failure.
Behind any unsuccessful project, an objective is an opportunity that wasn't capitalized upon or a risk caused by a false assumption, restrictive constraint, or an event that wasn't sufficiently planned for.
The Project Risk Management knowledge area includes the processes that identify, evaluate, respond to, and monitor project risks:
- Plan Risk Management (11.1)
Defining how risk planning processes will be approached and identifying what overall risk management activities will take place.
- Risks Identification Process (11.2)
Thoroughly uncovering and documenting project risks.
- Perform Qualitative Risk Analysis (11.3)
Assessing the probability and impact of identified risks in order to establish risk priorities.
- Perform Quantitative Risks Analysis (11.4)
Further cost, probability, and impact analysis of individual risks so that probability and impact can be aggregated to the project level.
- Plan Risk Responses (11.5)
Developing an action plan for identified risks, including responses to priority risks should they occur.
- Monitor and Control Risks (11.6)
Tracking identified risks, reporting on risk symptoms and impacts, and watching for new risks.
- Risk Tolerance (11.7)
- Risk Roles and Responsibilities (11.8)