IT Project Risk Management Planning Process

To manage risk, we first need to have a definition of risk. Although Webster’s dictionary defines risk as “hazard; peril; or exposure of loss or injury,” the PMBOK Guide defines project risk as:

An uncertain event or condition that, if it occurs, has a positive or negative effect on the project objectives.

The PMBOK Guide definition provides an important starting point for understanding risk. First, project risk arises from uncertainty. This uncertainty comes from our attempt to predict the future based on estimates, assumptions, and limited information. Although project risk has a downside resulting from unexpected problems or threats, project risk management must also focus on positive events or opportunities. Therefore, it is important that we understand what those events are and how they may impact the project beyond its objectives. It is also important that we understand not only nature of project risks but also how those risks interact and impact other aspects of the project throughout the life of a project.

The PMBOK Guide defines project risk management as:

Project risk management includes the processes of conducting risk management planning, identification, analysis, response planning, and monitoring and control on a project; most of these processes are updated throughout the project. The objectives of Project Risk Management are to increase the probability and impact of positive events and decrease the probability and impact of events adverse to the project.

The PMBOK Guide definition of risk management suggests that a systematic process is needed to manage effectively the risk of a project.

Seven steps for managing IT project risk

1) Ri sk Planning.

2) Risk Iden tification.

3) Risk Assessment.

4) Risk Strategies.

5) Risk Monitoring and Control.

6) Risk Response.

7) Risk Evaluation.