Friday 19 April 2019

Risk Management Plan < Example > Project Management Free template

A Risk Plan outlines the foreseeable project risks and provides a set of actions to be taken to both prevent the risk from occurring and reduce the impact of the risk should it eventuate.  More specifically, the plan includes:


  1. A full list of all of the foreseeable risks during the project
  2. Rating of the Probability of each risk's occurring.
  3. The rating of the impact on the project should each risk actually occur
  4. Priority rating of the overall importance of each risk
  5. A set of preventative actions to reduce the Probability of the risk's occurring
  6. The set of contingent actions to reduce the impact should the risk eventuate
  7. A process for managing risks through the project.

When to you a risk plan?


A Risk Plan should be documented early in the project, during the Initiation phase. The plan is undertaken prior to the ‘Execution & Control’ phase to ensure that any risks identified are addressed during the Execution & Control phase itself. Immediately after the plan has been documented, the Risk Management Process will be engaged to monitor and control the Probability and impact of risks on the project.

The Risk Management Process is terminated only when the Execution phase of the project is completed (i.e. just prior to Project Closure).

Project Risk Plan template


How to use this template?

This document provides a guide on the topics usually included in a Risk Plan. Sections may be added, removed or redefined at your leisure to meet your particular business circumstance.  Example tables, diagrams and charts have been added (where suitable) to provide further guidance on how to complete each relevant section.

Risk Identification

The first step in creating a Risk Plan is to identify the likely risks which may affect the project. A series of risk categories is identified and for each category a suite of potential risks is listed. This may take place during a ‘Risk Planning’ workshop, involving each of the key project stakeholders who are involved in / affected by the project. This may include the project sponsor, manager, team, suppliers, and in some cases, even the customer. Each of the risks identified is described in detail and documented within the Risk Plan.

Risk Details

Requirements  


  1. The requirements have not been clearly specified
  2. Requirements specified do not match the customer's needs
  3. The requirements specified are not measurable

Benefits              


  • The business benefits have not been identified
  • A business benefits are not quantifiable.
  • The final solution delivered does not achieve the required benefits

Schedule            


  • The schedule doesn’t provide enough time to complete the project
  • Schedule doesn’t list all of the activities and tasks required
  • A schedule doesn’t provide accurate dependencies

Budget


  • The project exceeds the budget allocated
  • There is unaccounted expenditure on the project
  • It is no single resource accountable for recording budgeted spending

Deliverables      


  • The deliverables required by the project are not clearly defined
  •  Clear quality criteria for each deliverable have not been defined
  • The deliverable produced doesn’t meet the quality criteria defined

Scope   


  • The scope of the project is not clearly outlined
  • Project is not undertaken within the agreed scope
  • A Project changes negatively impact on the project

Issues  


  • Project issues are not resolved within an appropriate timescale
  • Similar issues continually reappear throughout the project
  • Unresolved issues become new risks to the project

Suppliers            


  • The expectations for supplier delivery are not defined
  • Suppliers do not meet the expectations defined
  • Supplier issues negatively impact on the project

Acceptance       


  • The criteria for accepting project deliverables aren’t clearly defined
  • Customers do not accept the final deliverables of the project
  • The acceptance process leaves the customer dissatisfied

Communication


  • Lack of controlled communication causes project issues
  • Key project stakeholders are ‘left in the dark’ about progress

Resource            


  • Staff allocated to the project are not suitably skilled
  • Insufficient equipment is available to undertake the project
  • There is a shortage of materials available when required


Risk Quantification



The next step is to quantify the Probability of each risk's eventuating and its impact on the project and surrounding business. Each risk is prioritized according to the Probability and impact rating and the low, medium and high priority risks are clearly marked for attention. 

Probability


Describe the scoring system for measuring the ‘Probability’ of the risk eventuating. Example:

Title
Score
Description
Very Low
0,1
Highly unlikely to occur; however, still needs to be monitored as certain circumstances could result in this risk becoming more likely to occur during the project

Low
0,3
Unlikely to occur, based on current information, as the circumstances likely to trigger the risk are also unlikely to occur©

Medium
0,5
Likely to occur as it is clear that the risk will probably eventuate

High
0,7
Very likely to occur, based on the circumstances of the project

Very High
0,9
Highly likely to occur as the circumstances which will cause this risk to eventuate are also very likely to be created


Impact

Describe the scoring system for measuring the ‘impact’ of the risk. Example:

Title
Score
Description
Very Low
0,05
Insignificant impact on the project. It is not possible to measure the impact on the project as it is minimal e.g. < 5%

Low
0,1
Minor impact on the project, e.g. < 5-10% deviation in scope, scheduled end-date or project budget

Medium
0,2
Measurable impact on the project, e.g. 10-15% deviation in scope, scheduled end-date or project budget

High
0,4
Significant impact on the project, e.g. 15-20% deviation in scope, scheduled end-date or project budget

Very High
0,8
Major impact on the project, e.g. >20%% deviation in scope, scheduled end-date or project budget

Priority


Establish the priority of each risk by identifying the Probability of the risk's eventuating and its impact on the project. Once the Probability and impact scores have been allocated, the priority score should be calculated as follows:

·         Priority equals the multiplication of Probability and Impact score

·         This is calculated as Priority = Probability x Impact

This score can be visualized in a PI matrix

Probability

0,9
0,05
0,09
0,18
0,36
0,72
0,7
0,04
0,07
0,14
0,28
0,56
0,5
0,03
0,05
0,10
0,20
0,40
0,3
0,02
0,03
0,06
0,12
0,24
0,1
0,01
0,01
0,02
0,04
0,08


0,05
0,1
0,2
0,4
     0,8
Impact













Following thresholds identify the calculated priority:

< 0,08
Low
0,08 – 0,21
Medium
> 0,21
High

Complete the following table (includes examples):

ID
Probability
Impact
PI Score
Rating
1.1
0,1
0,7
0,08
Low
1.2
0,3
0,6
0,18
Medium
1.3
1
0,4
0,4
High
2.1
0,4
0,2
0,08
Medium
2.2
0,8
1
0,8
High
2.3
0,2
0,8
0,16
Medium

Risk Plan


A Risk Plan must now be created which includes a set of actions to be taken to avoid, transfer or mitigate each risk, based on the priority of the risk assigned.

Schedule

For each risk identified and in priority order, list:


  • Preventative actions to be taken to reduce the Probability of the risk's occurring
  • The contingent actions to be taken to reduce the impact should the risk eventuate

Rating
ID
Preventative Actions
Action Resource
Action Date
Contingent Actions
Action Resource
Action Date
High
2.2
Clearly quantify the expected business benefits in the Business Case document

Project Sponsor
xx/yy/zz
Measure the actual business benefits achieved by the project

Project Manager
xx/yy/zz
Medium
1.2
Clearly specify the customer requirements in the Quality Plan


Project Manager
xx/yy/zz
Reconsider the requirements after the deliverable has been produced, measure any deviation and enhance the deliverable to meet the requirements

Project Manager
xx/yy/zz
Medium
1.3
Clearly specify the quality criteria used to determine that the stated requirements for each deliverable have been met within the Quality Plan

Quality Manager
xx/yy/zz
Reconsider the quality criteria after the deliverable has been produced, measure any deviation and enhance the deliverable to meet the quality criteria set

Quality Manager
xx/yy/zz

The above table should be completed for every risk identified. Higher priority risks should be assigned more comprehensive actions where possible.

No comments:

Post a Comment