PMI-RMP Identify Risks Tutorial

6.1 Identify Risks

Hello and welcome to the Project Management Institute’s Risk Management Professional Certification Preparatory Course offered by Simplilearn. In this lesson, we will discuss the concept of “Identify Risks.” Once the risk management plan is developed, the next process is to identify the risks. Let us look into the objectives of this lesson in the next screen.

6.2 Objectives

After completing this lesson, you will be able to: Define the purposes and objectives Discuss the critical success factors List the three categories of tools and techniques Describe the best practices Explain how to document the results The next screen is about the purposes of Identify Risks process

6.3 Purposes of Identify Risks Process

Following are the purposes of Identify Risks process: A risk cannot be managed unless it is identified. The purpose of risk identification is to identify the maximum extent to which the risk is practicable. It is good to be as comprehensive as possible while identifying the risks in the project. All identifiable risks to the project objectives need to be recognized. The process of risk identification is not merely restricted to the planning phase of the project, but it should be made an ongoing and iterative process, throughout the project lifecycle. When a risk is first identified, the potential responses may also be identified at the same time. Likewise, the person who identifies the risk on the project could be the right one to recommend a potential solution to mitigate that risk. This risk should be recorded and considered for immediate action if appropriate. The next screen is about the objectives of Identify Risks process.

6.4 Objectives of Identify Risks Process

The objectives of risk identification process are to identify, document, and categorize risks that could affect project objectives. Let us look into the critical success factors for Identify Risks process in the next screen.

6.5 Critical Success Factors

The following factors can maximize the value and effectiveness of the Identify Risks process and enhance the likelihood of identifying as many risks as practicable. The first critical success factor for successful identification is early identification. Risks should be identified right from the beginning of the project. The earlier the detection of risk, the sooner is the decision regarding risk response made. This results in good strategy and successful implementation of the risk response. The responses which are taken early usually cost lesser than the ones that are implemented later on. The second critical success factor is iterative identification. In practice, all the risks cannot be identified at the initial stage of the project. The process of risk identification should be carried out throughout the project. To make this effective, define the periodicity in terms of frequency or milestone of the project. The frequency typically depends on the size and the complexity of the project. During the initial stages of the project, the frequency of risk meetings should be high. The third factor is emergent Identification. Emergent identification means that, in addition to following the identify risks process as defined in the project plan, the risks should be identified at any time during the course of the project. You need not wait for the risk management or status meeting to work on identifying the risks. The fourth factor is comprehensive identification. It is recommended to be as comprehensive as possible while identifying risks on the project. Comprehensive identification ensures that you find all the possible sources from where risks can be identified. These sources can be internal, external, technical, or project management related risks. The fifth factor is explicit identification of opportunities. It is not just the threats that need to be identified, but also the opportunities on the project. Explicit identification ensures that opportunities are properly explored. The sixth factor is multiple perspectives. It is always better to get multiple perspectives on a particular risk. It is purely based on the stakeholder expectation, interest, environment, and appetite. The risk identification process should be carried out by considering the input received from a broad range of stakeholders. This ensures that all perspectives are represented and considered. If you are restricting risk identification to the immediate project team, then there are high chances of missing some of the identifiable risks. The seventh factor is risks linked to project objectives. Identified risks are either an opportunity or a threat to the project objective. These risks should be linked to project objectives like time, cost, scope, quality, etc. Sometimes, these risks can be linked to a single or multiple objectives. For example, unavailability of software license on time delays the project completion date, while squeezing the activities or using the fast tracking compression technique to deliver the project on time affects the quality. The fast tracking compression technique refers to the process of conducting activities in parallel instead of performing them in a sequence. The eighth factor is complete risk statement. It is always good to capture risk in the form of a complete risk statement. For example, due to change in the weather, the machine might malfunction which results in a delay on the project. The weather change is considered as the cause here. The malfunctioning of the machine is the risk, and the delay in the project is the effect. The risk identified should be clear and unambiguous. Detailed risk descriptions with the description of uncertainty, and its causes and effects should be mentioned as early as possible in the project lifecycle. For example, single words such as resources or logistics may not be adequate and will not provide the complete picture. So, the details of the risk that will help interpret the uncertainty, and its causes and effects should be mentioned. The ninth factor is Ownership and level of details. The need to identify risks and respond appropriately is not the ownership of the project manager alone. The ownership also lies with other responsible people in the project. Risks should be identified at a number of levels of details. A high-level description of risk makes it difficult to understand and develop response. Hence, the level should be good enough to assign to people who can take the accountability and responsibility of identifying and managing the risk. Triggers should be identified wherever possible and appropriate. The last factor is objectivity. The risk identification process needs human intervention which can result in bias as a result of conflict of interest and judgmental factors. This also occurs because people apply heuristics. This should be recognized and addressed during risk identification process. The sources of bias should be exposed wherever possible and their effect on the risk process should be managed proactively. The aim is to minimize subjectivity and allow open and honest identification of as many risks to the project as possible. Let us now move on to the next screen where we will focus on the inputs, tools and techniques, and output or ITTOs of the identify risks process.

6.6 Inputs, Tools and Techniques, and Output

The inputs of identify risks process are risk management plan, scope baseline, activity cost estimates, activity duration estimates, stakeholder register, cost management plan, and schedule management plan. The other inputs are quality management plan, human resource management plan, project documents, procurement documents, enterprises environmental factors, and organizational process assets. There are a variety of tools and techniques with which you can identify risks. You can use one or more of these tools for effective identification of risk. These tools and techniques are documentation reviews, information-gathering techniques, checklist analysis, assumptions analysis, diagramming techniques, SWOT analysis, and expert judgment. The output of the Identify Risks process is risk register. Now let us focus on the inputs of the identify risks process in detail, in the following screen.

6.7 Inputs

Following are the inputs of Identify Risks process: The risk management plan describes the team’s approach to identify risks on the project. For example, the roles and responsibilities, as well as the tools that you would be using for Identify Risks process are defined in the risk management plan. The team needs to make an estimate of the cost. If the estimate or assumption made by the team is wrong, it can create a risk for the project. The activity cost estimate provides a quantitative assessment of costs involved in completing each scheduled (Read as ske – juled) activity with a range of estimates indicating risk range. The activity duration estimate indicates the time allotted for each activity or for the whole project. You need to look into the scope baseline because the assumptions and uncertainties of the project as well as the detailed WBS of potential risks are recorded in the project scope statement. The project scope statement is a part of the project’s scope baseline. The stakeholder register is required as it contains details related to the identified stakeholders. The cost management plan contains a cost management approach, specific to the project that helps to generate or mitigate risks. The schedule management plan includes guidelines for handling changes to the schedule, updated risks, and associated response plans. Let us continue our discussion of the inputs required for Identify Risks process in the next screen.

6.8 Inputs (contd.)

Let us discuss the other inputs of Identify Risks process: The quality management plan describes the project management team’s approach to implement the quality policy. The human resource management plan provides guidance on how project human resources should be defined, managed, and eventually released along with roles and responsibilities, project organization charts, and staffing management plan. Project documents also form a part of the inputs for Identify Risks process. These documents are assumptions log, earned value reports, work performance reports, and network diagrams. In addition, it includes baselines and other project information that helps to identify risks. The procurement documents are also considered as an input for the risk identification process. These documents become the base in identifying risks when the project deals with external agencies like suppliers for procurement of resources. The enterprise environmental factors such as commercial databases, academic studies, published checklists, industry studies, risk attitudes, or benchmarking could contribute to the understanding of risks. Organizational process assets are files from previous projects, lessons learned, risk statement templates, historical information, and commercially available published information such as benchmarking or best practices data. These assets also help the project manager and the team to identify risks. Let us move on to the next screen where we will discuss the tools and techniques for Identify Risks process.

6.9 Tools and Techniques

Following are the tools and techniques for Identify Risks process: Click each tab to view the description. Documentation reviews: A structured review of the project documentation may be performed, including plans, assumptions, previous project files, agreements, and other information. Information-gathering techniques: These include data collection methods such as brainstorming, Delphi technique, interviewing, and root cause analysis. The project team can use these methods while identifying risks. Checklist analysis Checklist analysis is an analysis which is conducted on the basis of historical information, as a standardized way of identifying risks. Assumptions analysis Assumptions analysis is used to explore the validity of project assumptions Diagramming techniques The diagramming techniques include cause-and-effect diagrams, influence diagrams, and process flowcharts which helps in identifying the causes of risks. SWOT analysis The SWOT analysis examines the project from the perspectives of strength, weakness, opportunity, and threat. Expert judgment Expert judgment includes the inputs given by subject matter experts or team members who have the relevant knowledge and experience on similar business areas or projects. Let us discuss an example of assumption analysis and documentation reviews in the next screen.

6.10 Assumption Analysis and Documentation Reviews—Example

Jeremiah has begun looking for risks on his project, which is to a deliver a new product for his company. In fact, his company has no experience at all in this area but the company’s leadership thought that the return on investment was worth it. During initial planning, Jeremiah is concerned with the cost and duration estimates that his team delivers to him. Since this is a new type of project, and they are inexperienced, he does not want to leave anything to chance. He decides to use assumptions analysis and documentation reviews to determine how accurate the estimates might be. He also interviews subject matter experts on other projects to increase his confidence level with the estimates. We will continue the discussion of this example in the following screen.

6.10 Assumption Analysis and Documentation Reviews—Example

Jeremiah has begun looking for risks on his project, which is to a deliver a new product for his company. In fact, his company has no experience at all in this area but the company’s leadership thought that the return on investment was worth it. During initial planning, Jeremiah is concerned with the cost and duration estimates that his team delivers to him. Since this is a new type of project, and they are inexperienced, he does not want to leave anything to chance. He decides to use assumptions analysis and documentation reviews to determine how accurate the estimates might be. He also interviews subject matter experts on other projects to increase his confidence level with the estimates. We will continue the discussion of this example in the following screen.

6.11 Assumption Analysis and Documentation Reviews—Example (contd.)

At the conclusion of his analysis, he determines that the existing estimates are as accurate as they could possibly be under the circumstances. Jeremiah then decides to ask for additional contingency funds to account for the uncertainty and to protect the project budget. Jeremiah’s use of multiple tools enabled him to determine the uncertainty of his project estimates and to ask for appropriate funding. During the life cycle of his project, he was then able to capture more accurate data that he will use on future projects. Let us discuss the categories of tools and techniques in the next screen.

6.11 Assumption Analysis and Documentation Reviews—Example (contd.)

At the conclusion of his analysis, he determines that the existing estimates are as accurate as they could possibly be under the circumstances. Jeremiah then decides to ask for additional contingency funds to account for the uncertainty and to protect the project budget. Jeremiah’s use of multiple tools enabled him to determine the uncertainty of his project estimates and to ask for appropriate funding. During the life cycle of his project, he was then able to capture more accurate data that he will use on future projects. Let us discuss the categories of tools and techniques in the next screen.

6.12 Tools and Techniques—Categories

The tools and techniques fall into three categories such as historical review, current assessment, and creativity technique. The historical review is based on past data; the current assessment is based on present data; and the creativity technique is based on future data. Click each tab to learn more. Historical Review: Historical review is based on data related to past occurrence of risks either in the current project or in similar other projects within the organization, or comparable projects in other organizations. Such reviews rely on careful selection of comparable situations which are genuinely similar to the current project and are filtered to select the only relevant previous risks. An example of the tool used for historical review is checklist analysis. Current Assessments: Current assessments rely on current project, analysis against the framework, and models to find uncertainties. They do not rely on external reference points, but are based purely on examination of the project. For example, they are based on the available fund, time, and performance indices like schedule (Read as ske – jule) and cost. The tools used for current assessment are present data like documentation reviews, information-gathering techniques, assumptions analysis, diagramming techniques, and SWOT analysis. Creativity technique Creativity technique is based on future data like expert judgment and brainstorming. It encourages stakeholders to use their imagination to find the risk in the project. It also helps create room for creative or out-of-the-box thinking and can be used either in single or in groups. The outcome of this technique depends on the ability of participants to think creatively. In the following screen we will focus on the facts of tools and techniques.

6.12 Tools and Techniques—Categories

The tools and techniques fall into three categories such as historical review, current assessment, and creativity technique. The historical review is based on past data; the current assessment is based on present data; and the creativity technique is based on future data. Click each tab to learn more. Historical Review: Historical review is based on data related to past occurrence of risks either in the current project or in similar other projects within the organization, or comparable projects in other organizations. Such reviews rely on careful selection of comparable situations which are genuinely similar to the current project and are filtered to select the only relevant previous risks. An example of the tool used for historical review is checklist analysis. Current Assessments: Current assessments rely on current project, analysis against the framework, and models to find uncertainties. They do not rely on external reference points, but are based purely on examination of the project. For example, they are based on the available fund, time, and performance indices like schedule (Read as ske – jule) and cost. The tools used for current assessment are present data like documentation reviews, information-gathering techniques, assumptions analysis, diagramming techniques, and SWOT analysis. Creativity technique Creativity technique is based on future data like expert judgment and brainstorming. It encourages stakeholders to use their imagination to find the risk in the project. It also helps create room for creative or out-of-the-box thinking and can be used either in single or in groups. The outcome of this technique depends on the ability of participants to think creatively. In the following screen we will focus on the facts of tools and techniques.

6.13 Tools and Techniques—Facts

The facts of the tools and techniques will help you identify which of these are effective in identifying risks and which of them are not. You will also be able to find out which tool is expensive and which one is not. Basically, all these tools and techniques have their own strengths and weaknesses. A single tool or technique cannot identify all the risks. You may have to use a combination of these tools and techniques, so that the risk identification process is complete. For example, you can use a combination of tools and techniques that focus on past, present, and future data. That is, you may use a combination of checklist analysis, assumption analysis, and brainstorming results when it comes to identifying risks. The next screen deals with the other Tools and Techniques of Identify Risks process.

6.13 Tools and Techniques—Facts

The facts of the tools and techniques will help you identify which of these are effective in identifying risks and which of them are not. You will also be able to find out which tool is expensive and which one is not. Basically, all these tools and techniques have their own strengths and weaknesses. A single tool or technique cannot identify all the risks. You may have to use a combination of these tools and techniques, so that the risk identification process is complete. For example, you can use a combination of tools and techniques that focus on past, present, and future data. That is, you may use a combination of checklist analysis, assumption analysis, and brainstorming results when it comes to identifying risks. The next screen deals with the other Tools and Techniques of Identify Risks process.

6.14 Other Tools and Techniques

Some of the popularly used risk identification techniques are interviewing subject matter experts, brainstorming, Delphi technique, and Nominal Group Technique or NGT. In addition, risk identification techniques include Crawford Slip, analogy, and checklist, forms, and templates. We will be discussing each of these techniques in detail in the following screens. Let us begin with interviewing subject matter experts or SMEs in the next screen.

6.15 Interview with SMEs

Interviewing is a commonly used technique for identifying risks on the project. Interviewing helps to inquire on issues related to doubts and other technical characteristics that the project team usually does not take care of. It involves engaging experts internal and external to the project, consultants, and project team. In the next screen, we will study the process of interviewing subject matter experts.

6.16 Interview with Experts Process

When it comes to interviewing, the scope of interview needs to be defined. Then, the facilitator as well as the interviewees need to be introduced. Next, questions need to be developed and sent to the interviewees for answers. Once all the answers from all the interviewees are received, the responses need to be consolidated and the register with the list of identified risks need to be filled. Let us move on to the next screen, where we will focus on the most popular method which is brainstorming.

6.17 Brainstorming Technique

Brainstorming is a commonly used tool for identifying risks on the project. This process enables to identify as many risks as possible. The team must be available to participate in the process. These sessions could be highly creative and synergetic. Brainstorming session encourages teamwork. But if the brainstorming session is not properly executed, it can lead to “chaos.” Now, let us move on to the next screen, where we will learn the brainstorming process

6.18 Brainstorming Process

In t brainstorming process the scope is defined. Then, the facilitator as well as the participants are introduced. Next, the brainstorming session is conducted. All the responses obtained in the session are consolidated. Then, the risk register is filled up with the identified risks. Let us move on to the next screen, where we will discuss the Delphi Technique.

6.19 Delphi Technique

Delphi is another frequently used tool in risk identification. It is a type of interview with subject matter experts. The interviews are anonymous and only the facilitator knows all the subjects involved in this process. This technique is used when there are conflicts or confrontation, or when brainstorming is not recommended. It is also used to get comments from “competitors”, but the challenge is that Delphi is a slow process and it requires hard work. The process of carrying out Delphi technique is explained in next screen.

6.20 Delphi Technique Process

In the Delphi technique process, first the scope is defined and the facilitator is introduced. Then, the facilitator develops questions and introduces the interviewees. He also distributes the questions and survey to the interviewees. Then, the facilitator receives the answers, consolidates the responses, and redistributes the questions. Finally, he consolidates the final results before filling up the register with the identified risks. In the next screen, we will discuss the Nominal Group Technique or NGT.

6.21 Nominal Group Technique

Nominal Group Technique is similar to brainstorming, except for the fact that NGT is individual brainstorming. This technique allows a certain degree of prioritization. It is a mix of individual and group participation; it is also fast and effective. Also, this technique reduces the “chaos” that may occur in brainstorming sessions. In the next screen, we will focus on the process to carry out NGT.

6.22 Nominal Group Technique—Process

In the Nominal Group Technique process, the scope needs to be defined and then, the facilitator and the participants need to be introduced. The number of participants should be between six and eight. Next, you need to schedule (Read as ske – jule) the meeting and start it by stating the rules, time, and process. Each participant creates his/her own risk list and orders his/her risks based on priority. The facilitator writes down the first risk of each participant, and then the second risk and so on, until the list is complete. Then, the final results are consolidated to fill up the list of the identified risks in the register on the basis of priority of each risk. Let us now move on to the next screen, where we will discuss the Crawford Slip.

6.22 Nominal Group Technique—Process

In the Nominal Group Technique process, the scope needs to be defined and then, the facilitator and the participants need to be introduced. The number of participants should be between six and eight. Next, you need to schedule (Read as ske – jule) the meeting and start it by stating the rules, time, and process. Each participant creates his/her own risk list and orders his/her risks based on priority. The facilitator writes down the first risk of each participant, and then the second risk and so on, until the list is complete. Then, the final results are consolidated to fill up the list of the identified risks in the register on the basis of priority of each risk. Let us now move on to the next screen, where we will discuss the Crawford Slip.

6.23 Crawford Slip Technique

Crawford Slip is another technique used to reduce “chaos” during risk identification. It is used to identify many risks in a short period of time. As the name of the technique indicates, slips such as Post-it notes are used to identify risks. For each slip, individual brainstorming is carried out and the results are consolidated in group. The process followed to carry out the Crawford Slip is explained in next screen.

6.24 Crawford Slip Process

In the Crawford Slip process, first the scope is defined and then, the facilitator as well as the participants are introduced. The number of participants should be between six and eight. Then, the meeting is scheduled (ske – juled) and started by stating the rules, time, and number of risks. Each participant writes down his/her first risk for a minute. This is followed by collecting slips and consolidating the list of identified risks. The list is then distributed to the participants for final comments. The final results are consolidated and the identified risks are enlisted in the register. In the next screen, we will look into another risk identification technique that is analogy.

6.25 Analogy Technique

Analogy is a technique where previous historical information is referred to. A reference is needed to use this technique. The available information is adjusted to suit the current scenario. The process used to carry out analogy is explained in the next screen.

6.26 Analogy—Process

The first step in analogy is to define the scope and see which similar previous projects can be used as references. Then, risks from previous projects should be consolidated. The list of risks to the current projects need to be adapted, the initial list of risks should be developed, and the list should be distributed to the team members. Then, the team needs to analyze the preliminary list of risks, after which the final results are consolidated and the identified risks are enlisted in the register. In the next screen, we will discuss checklists, surveys, and templates.

6.26 Analogy—Process

The first step in analogy is to define the scope and see which similar previous projects can be used as references. Then, risks from previous projects should be consolidated. The list of risks to the current projects need to be adapted, the initial list of risks should be developed, and the list should be distributed to the team members. Then, the team needs to analyze the preliminary list of risks, after which the final results are consolidated and the identified risks are enlisted in the register. In the next screen, we will discuss checklists, surveys, and templates.

6.27 Checklists, Surveys, and Templates

Checklists, surveys, and templates are some of the commonly used techniques for identifying risks on the project. The critical success factor for these techniques is the availability of data from within and outside the organization. These techniques are based on the concept that no new project has a complete new set of risks. These techniques help to refine the list of risks and they use the risk breakdown structure, which is usually defined as a part of the risk management plan. Now, let us look into the assumptions analysis in the next screen.

6.28 Assumptions Analysis

Assumptions analysis is a process of validating the assumptions made. Assumptions need to be validated on the project; otherwise, they turn out to be risks on the project. Let us suppose that the project sponsor has recruited five programmers for the project manager and the project manager goes ahead and creates the scope, schedule (Read as ske – jule), and cost baselines based on these assumptions. Now, if this assumption turns out to be false, then, there is a risk of the project going behind the schedule and exceeding the budget. Therefore, assumptions analysis is an important tool for risk identification. It involves documenting the assumptions and then determining the risks. These risks may be caused due to inaccuracy, instability, or incompleteness of the project assumptions. In the next screen, we will discuss checklist analysis.

6.29 Checklist Analysis

Checklist analysis is the process of systematically evaluating the pre-created checklists and developing a checklist based on relevant historical information. Checklist analysis is a standardized way of identifying risks on the project. It is applicable to any process or system, including equipment and human issues. Let us now move on to the next screen, where we will discuss the SWOT analysis.

6.30 SWOT Analysis

SWOT analysis is a popular tool which is used for risk identification. In this technique, strengths and weaknesses that are of internal origin, that is, related to the organization are identified. Also, opportunities and threats of external origin are identified. For example, your organization may follow a strong process which is its strength. This strength will be helpful to the project where there is no need to reinvent identification of risk process. But, the weakness can be bureaucracy which is harmful in terms of efficiency, as it takes more time to carry out the simplest of activities. Since the organization has a good process, therefore from the external point of view, it is an opportunity where the customer can order more projects from the organization. This in turn increases the revenue, and is thus considered as an opportunity. The threat can be the competitor’s efficiency in producing projects in a short turnaround time, which is harmful. In the next screen, we will discuss the cause-and-effect diagram.

6.31 Cause-and-Effect Diagram

Cause-and-effect diagram is also called Ishikawa or Fishbone diagram. It is a popular diagrammatic technique for risk identification. In the example given on the screen, there are lots of rejected images which are a matter of concern for the organization and can lead to the risk of business loss. To overcome this, you need to find out the causes at a high level and find out the details. For example, if the measuring method is wrong, the reason could be wrong specifications. Usually, the causes are identified based on man, machine, material, method, measurement, and environment. This looks like a fish skeletal, which is why it is called Fishbone diagram. Refer to project quality management area of PMBOK to know more about this technique. In the following screen, we will discuss an example of root cause analysis.

6.32 Root Cause Analysis—Example

The ABC Company has identified a problem during a recent program review. Management realizes that the same types of risk events are occurring on almost every project and they cannot seem to understand the reason. So, they hire an outside risk consultant, who sets out to investigate the matter. The consultant begins by looking at historical documentation on projects that have been performed over the last three years. During the review of project documents, the consultant begins to discover that, most risks are related to human resources and scope. The consultant then employs multiple diagramming techniques to assign each risk area to common root causes. It is then evident that Pareto’s Law is clearly defined with the results. Let us continue our discussion of this example in the following screen.

6.32 Root Cause Analysis—Example

The ABC Company has identified a problem during a recent program review. Management realizes that the same types of risk events are occurring on almost every project and they cannot seem to understand the reason. So, they hire an outside risk consultant, who sets out to investigate the matter. The consultant begins by looking at historical documentation on projects that have been performed over the last three years. During the review of project documents, the consultant begins to discover that, most risks are related to human resources and scope. The consultant then employs multiple diagramming techniques to assign each risk area to common root causes. It is then evident that Pareto’s Law is clearly defined with the results. Let us continue our discussion of this example in the following screen.

6.33 Root Cause Analysis Example—(contd.)

Pareto’s Law generally states that the smallest number of causes will result in the largest number of problems. By working in reverse from effect to cause, the consultant is able to pinpoint which root causes are to blame for the majority of the risks within this company. There is a lack of training for the employees, too many understaffed activities during execution and poor requirements documentation. By using root cause analysis, and understanding Pareto’s Law, the consultant was able to track down the root causes and report it back to the company with his recommendations. The ABC Company then utilizes the results to begin correcting the problem. The next screen is about the output of Identify Risks process.

6.33 Root Cause Analysis Example—(contd.)

Pareto’s Law generally states that the smallest number of causes will result in the largest number of problems. By working in reverse from effect to cause, the consultant is able to pinpoint which root causes are to blame for the majority of the risks within this company. There is a lack of training for the employees, too many understaffed activities during execution and poor requirements documentation. By using root cause analysis, and understanding Pareto’s Law, the consultant was able to track down the root causes and report it back to the company with his recommendations. The ABC Company then utilizes the results to begin correcting the problem. The next screen is about the output of Identify Risks process.

6.34 Output

The output of the Identify Risks process is a risk register. A risk register is a document that contains the list of identified risks and potential responses. When complete, the risk register will ultimately contain the outcomes of the other risk management processes, including the results of the qualitative risk analysis, quantitative risk analysis, and risk response planning. It also includes risk actions, risk statuses, and names of risk owners.

6.35 Prompt Lists

During the process of risk identification, risk management practitioners recommend identifying risks according to pre-defined categories, in the risk management plan. One of the tools that can help in choosing risk categories is called “Prompt list.” A prompt list refers to several risk categories that may be presented as a RBS and used when identifying risks in a project. A prompt list prompts a project manager to choose a pre-defined category. For example, a prompt list such as PESTLE prompts the project manager to choose political, economic, social, technological, legal, and environmental factors as risk categories. The other examples are TECOP and SPECTRUM . TECOP is determined by technical, environmental, commercial, operational, and political factors. SPECTRUM is determined by socio-cultural, political, economic, competitive, technological, regulatory or legal, uncertainty or risk, and market factors. Let us look at the most widely used risk categories in the next screen.

6.36 Risk Categories

The risk categories are divided into technical, quality, or performance risks; project management risks; organizational risks; and external risks. Some of the technical, quality, or performance risks are technical changes, changes to industry standards during the project, dependence on unproven or complex technology, and unrealistic performance goals. The examples for project management risks are inadequate time and resource allocation, ineffective project plan development, and poor cost estimates. Whereas, organizational risks include resource conflicts with other projects, inadequate project funding, and inconsistent management support. External risks are union issues, change of management in the customer’s organization, and regional security issues. Now let us find out what can be the best practices for Identify Risks process, in the next screen.

6.37 Best Practices

The best practices in the Identify Risks process include the use of structured risk descriptions which can ensure clarity. You should also employ a risk meta-language that offers a useful way of finding out the causes and effects of risks. Meta-language describes each risk using three-part statements in the form of cause, risk, and effect. For example, as a result of bad weather condition, there may be rain due to which the staff might not come to work and due to this, there might be delay in the project delivery.

6.38 Historical Documentation

One invaluable source of information for a project is any available data on previous projects that were similar to the current one. There are many risks that will reoccur from one project to the next. To capitalize on lessons learned, you will need access and it must be well structured. Examples of historical documentation includes previous: Risk plans, Risk registers, Contracts, Project post-mortem documentation, Change requests, Cost and time estimates, etc. The next screen is about documenting the results of risk identification process.

6.39 Documenting the Results

Recording is one of the important activities which help in capturing all the relevant information on each identified risk. The information on these risks is maintained in the form of risk register. This register contains description of risks, name of risk owner, cause and effects of risks, triggers, preliminary risk responses, risk category, etc. Let us move on to the quiz questions to check your understanding of the concepts covered in this lesson.

6.41 Summary

Here is a quick recap of what was covered in this lesson: The objectives of Identify Risks process are identify risks, document risks, and categorize risks. The critical success factors for Identify Risks process are early Identification, multiple perspective, iterative Identification, risks linked to project objectives, emergent identification, complete risk statement, comprehensive identification, ownership and level of details, explicit identification of opportunities, and objectivity. The three categories of tools and techniques of Identify Risks process are historical review, current assessment and creativity technique. The best practices in Identify Risks process include the use of structured risk descriptions which can ensure clarity. Recording is one of the important activities, which help in capturing all the relevant information on each identified risk.

6.42 Conclusion

This concludes, ‘Identify Risks.’ The next lesson is ‘Perform Qualitative Risk Analysis.’

6.1 Identify Risks

Hello and welcome to the Project Management Institute’s Risk Management Professional Certification Preparatory Course offered by Simplilearn. In this lesson, we will discuss the concept of “Identify Risks.” Once the risk management plan is developed, the next process is to identify the risks. Let us look into the objectives of this lesson in the next screen.

6.2 Objectives

After completing this lesson, you will be able to: Define the purposes and objectives Discuss the critical success factors List the three categories of tools and techniques Describe the best practices Explain how to document the results The next screen is about the purposes of Identify Risks process

6.3 Purposes of Identify Risks Process

Following are the purposes of Identify Risks process: A risk cannot be managed unless it is identified. The purpose of risk identification is to identify the maximum extent to which the risk is practicable. It is good to be as comprehensive as possible while identifying the risks in the project. All identifiable risks to the project objectives need to be recognized. The process of risk identification is not merely restricted to the planning phase of the project, but it should be made an ongoing and iterative process, throughout the project lifecycle. When a risk is first identified, the potential responses may also be identified at the same time. Likewise, the person who identifies the risk on the project could be the right one to recommend a potential solution to mitigate that risk. This risk should be recorded and considered for immediate action if appropriate. The next screen is about the objectives of Identify Risks process.

6.4 Objectives of Identify Risks Process

The objectives of risk identification process are to identify, document, and categorize risks that could affect project objectives. Let us look into the critical success factors for Identify Risks process in the next screen.

6.5 Critical Success Factors

The following factors can maximize the value and effectiveness of the Identify Risks process and enhance the likelihood of identifying as many risks as practicable. The first critical success factor for successful identification is early identification. Risks should be identified right from the beginning of the project. The earlier the detection of risk, the sooner is the decision regarding risk response made. This results in good strategy and successful implementation of the risk response. The responses which are taken early usually cost lesser than the ones that are implemented later on. The second critical success factor is iterative identification. In practice, all the risks cannot be identified at the initial stage of the project. The process of risk identification should be carried out throughout the project. To make this effective, define the periodicity in terms of frequency or milestone of the project. The frequency typically depends on the size and the complexity of the project. During the initial stages of the project, the frequency of risk meetings should be high. The third factor is emergent Identification. Emergent identification means that, in addition to following the identify risks process as defined in the project plan, the risks should be identified at any time during the course of the project. You need not wait for the risk management or status meeting to work on identifying the risks. The fourth factor is comprehensive identification. It is recommended to be as comprehensive as possible while identifying risks on the project. Comprehensive identification ensures that you find all the possible sources from where risks can be identified. These sources can be internal, external, technical, or project management related risks. The fifth factor is explicit identification of opportunities. It is not just the threats that need to be identified, but also the opportunities on the project. Explicit identification ensures that opportunities are properly explored. The sixth factor is multiple perspectives. It is always better to get multiple perspectives on a particular risk. It is purely based on the stakeholder expectation, interest, environment, and appetite. The risk identification process should be carried out by considering the input received from a broad range of stakeholders. This ensures that all perspectives are represented and considered. If you are restricting risk identification to the immediate project team, then there are high chances of missing some of the identifiable risks. The seventh factor is risks linked to project objectives. Identified risks are either an opportunity or a threat to the project objective. These risks should be linked to project objectives like time, cost, scope, quality, etc. Sometimes, these risks can be linked to a single or multiple objectives. For example, unavailability of software license on time delays the project completion date, while squeezing the activities or using the fast tracking compression technique to deliver the project on time affects the quality. The fast tracking compression technique refers to the process of conducting activities in parallel instead of performing them in a sequence. The eighth factor is complete risk statement. It is always good to capture risk in the form of a complete risk statement. For example, due to change in the weather, the machine might malfunction which results in a delay on the project. The weather change is considered as the cause here. The malfunctioning of the machine is the risk, and the delay in the project is the effect. The risk identified should be clear and unambiguous. Detailed risk descriptions with the description of uncertainty, and its causes and effects should be mentioned as early as possible in the project lifecycle. For example, single words such as resources or logistics may not be adequate and will not provide the complete picture. So, the details of the risk that will help interpret the uncertainty, and its causes and effects should be mentioned. The ninth factor is Ownership and level of details. The need to identify risks and respond appropriately is not the ownership of the project manager alone. The ownership also lies with other responsible people in the project. Risks should be identified at a number of levels of details. A high-level description of risk makes it difficult to understand and develop response. Hence, the level should be good enough to assign to people who can take the accountability and responsibility of identifying and managing the risk. Triggers should be identified wherever possible and appropriate. The last factor is objectivity. The risk identification process needs human intervention which can result in bias as a result of conflict of interest and judgmental factors. This also occurs because people apply heuristics. This should be recognized and addressed during risk identification process. The sources of bias should be exposed wherever possible and their effect on the risk process should be managed proactively. The aim is to minimize subjectivity and allow open and honest identification of as many risks to the project as possible. Let us now move on to the next screen where we will focus on the inputs, tools and techniques, and output or ITTOs of the identify risks process.

6.6 Inputs, Tools and Techniques, and Output

The inputs of identify risks process are risk management plan, scope baseline, activity cost estimates, activity duration estimates, stakeholder register, cost management plan, and schedule management plan. The other inputs are quality management plan, human resource management plan, project documents, procurement documents, enterprises environmental factors, and organizational process assets. There are a variety of tools and techniques with which you can identify risks. You can use one or more of these tools for effective identification of risk. These tools and techniques are documentation reviews, information-gathering techniques, checklist analysis, assumptions analysis, diagramming techniques, SWOT analysis, and expert judgment. The output of the Identify Risks process is risk register. Now let us focus on the inputs of the identify risks process in detail, in the following screen.

6.7 Inputs

Following are the inputs of Identify Risks process: The risk management plan describes the team’s approach to identify risks on the project. For example, the roles and responsibilities, as well as the tools that you would be using for Identify Risks process are defined in the risk management plan. The team needs to make an estimate of the cost. If the estimate or assumption made by the team is wrong, it can create a risk for the project. The activity cost estimate provides a quantitative assessment of costs involved in completing each scheduled (Read as ske – juled) activity with a range of estimates indicating risk range. The activity duration estimate indicates the time allotted for each activity or for the whole project. You need to look into the scope baseline because the assumptions and uncertainties of the project as well as the detailed WBS of potential risks are recorded in the project scope statement. The project scope statement is a part of the project’s scope baseline. The stakeholder register is required as it contains details related to the identified stakeholders. The cost management plan contains a cost management approach, specific to the project that helps to generate or mitigate risks. The schedule management plan includes guidelines for handling changes to the schedule, updated risks, and associated response plans. Let us continue our discussion of the inputs required for Identify Risks process in the next screen.

6.8 Inputs (contd.)

Let us discuss the other inputs of Identify Risks process: The quality management plan describes the project management team’s approach to implement the quality policy. The human resource management plan provides guidance on how project human resources should be defined, managed, and eventually released along with roles and responsibilities, project organization charts, and staffing management plan. Project documents also form a part of the inputs for Identify Risks process. These documents are assumptions log, earned value reports, work performance reports, and network diagrams. In addition, it includes baselines and other project information that helps to identify risks. The procurement documents are also considered as an input for the risk identification process. These documents become the base in identifying risks when the project deals with external agencies like suppliers for procurement of resources. The enterprise environmental factors such as commercial databases, academic studies, published checklists, industry studies, risk attitudes, or benchmarking could contribute to the understanding of risks. Organizational process assets are files from previous projects, lessons learned, risk statement templates, historical information, and commercially available published information such as benchmarking or best practices data. These assets also help the project manager and the team to identify risks. Let us move on to the next screen where we will discuss the tools and techniques for Identify Risks process.

6.9 Tools and Techniques

Following are the tools and techniques for Identify Risks process: Click each tab to view the description. Documentation reviews: A structured review of the project documentation may be performed, including plans, assumptions, previous project files, agreements, and other information. Information-gathering techniques: These include data collection methods such as brainstorming, Delphi technique, interviewing, and root cause analysis. The project team can use these methods while identifying risks. Checklist analysis Checklist analysis is an analysis which is conducted on the basis of historical information, as a standardized way of identifying risks. Assumptions analysis Assumptions analysis is used to explore the validity of project assumptions Diagramming techniques The diagramming techniques include cause-and-effect diagrams, influence diagrams, and process flowcharts which helps in identifying the causes of risks. SWOT analysis The SWOT analysis examines the project from the perspectives of strength, weakness, opportunity, and threat. Expert judgment Expert judgment includes the inputs given by subject matter experts or team members who have the relevant knowledge and experience on similar business areas or projects. Let us discuss an example of assumption analysis and documentation reviews in the next screen.

6.10 Assumption Analysis and Documentation Reviews—Example

Jeremiah has begun looking for risks on his project, which is to a deliver a new product for his company. In fact, his company has no experience at all in this area but the company’s leadership thought that the return on investment was worth it. During initial planning, Jeremiah is concerned with the cost and duration estimates that his team delivers to him. Since this is a new type of project, and they are inexperienced, he does not want to leave anything to chance. He decides to use assumptions analysis and documentation reviews to determine how accurate the estimates might be. He also interviews subject matter experts on other projects to increase his confidence level with the estimates. We will continue the discussion of this example in the following screen.

6.11 Assumption Analysis and Documentation Reviews—Example (contd.)

At the conclusion of his analysis, he determines that the existing estimates are as accurate as they could possibly be under the circumstances. Jeremiah then decides to ask for additional contingency funds to account for the uncertainty and to protect the project budget. Jeremiah’s use of multiple tools enabled him to determine the uncertainty of his project estimates and to ask for appropriate funding. During the life cycle of his project, he was then able to capture more accurate data that he will use on future projects. Let us discuss the categories of tools and techniques in the next screen.

6.12 Tools and Techniques—Categories

The tools and techniques fall into three categories such as historical review, current assessment, and creativity technique. The historical review is based on past data; the current assessment is based on present data; and the creativity technique is based on future data. Click each tab to learn more. Historical Review: Historical review is based on data related to past occurrence of risks either in the current project or in similar other projects within the organization, or comparable projects in other organizations. Such reviews rely on careful selection of comparable situations which are genuinely similar to the current project and are filtered to select the only relevant previous risks. An example of the tool used for historical review is checklist analysis. Current Assessments: Current assessments rely on current project, analysis against the framework, and models to find uncertainties. They do not rely on external reference points, but are based purely on examination of the project. For example, they are based on the available fund, time, and performance indices like schedule (Read as ske – jule) and cost. The tools used for current assessment are present data like documentation reviews, information-gathering techniques, assumptions analysis, diagramming techniques, and SWOT analysis. Creativity technique Creativity technique is based on future data like expert judgment and brainstorming. It encourages stakeholders to use their imagination to find the risk in the project. It also helps create room for creative or out-of-the-box thinking and can be used either in single or in groups. The outcome of this technique depends on the ability of participants to think creatively. In the following screen we will focus on the facts of tools and techniques.

6.13 Tools and Techniques—Facts

The facts of the tools and techniques will help you identify which of these are effective in identifying risks and which of them are not. You will also be able to find out which tool is expensive and which one is not. Basically, all these tools and techniques have their own strengths and weaknesses. A single tool or technique cannot identify all the risks. You may have to use a combination of these tools and techniques, so that the risk identification process is complete. For example, you can use a combination of tools and techniques that focus on past, present, and future data. That is, you may use a combination of checklist analysis, assumption analysis, and brainstorming results when it comes to identifying risks. The next screen deals with the other Tools and Techniques of Identify Risks process.

6.14 Other Tools and Techniques

Some of the popularly used risk identification techniques are interviewing subject matter experts, brainstorming, Delphi technique, and Nominal Group Technique or NGT. In addition, risk identification techniques include Crawford Slip, analogy, and checklist, forms, and templates. We will be discussing each of these techniques in detail in the following screens. Let us begin with interviewing subject matter experts or SMEs in the next screen.

6.15 Interview with SMEs

Interviewing is a commonly used technique for identifying risks on the project. Interviewing helps to inquire on issues related to doubts and other technical characteristics that the project team usually does not take care of. It involves engaging experts internal and external to the project, consultants, and project team. In the next screen, we will study the process of interviewing subject matter experts.

6.16 Interview with Experts Process

When it comes to interviewing, the scope of interview needs to be defined. Then, the facilitator as well as the interviewees need to be introduced. Next, questions need to be developed and sent to the interviewees for answers. Once all the answers from all the interviewees are received, the responses need to be consolidated and the register with the list of identified risks need to be filled. Let us move on to the next screen, where we will focus on the most popular method which is brainstorming.

6.17 Brainstorming Technique

Brainstorming is a commonly used tool for identifying risks on the project. This process enables to identify as many risks as possible. The team must be available to participate in the process. These sessions could be highly creative and synergetic. Brainstorming session encourages teamwork. But if the brainstorming session is not properly executed, it can lead to “chaos.” Now, let us move on to the next screen, where we will learn the brainstorming process

6.18 Brainstorming Process

In t brainstorming process the scope is defined. Then, the facilitator as well as the participants are introduced. Next, the brainstorming session is conducted. All the responses obtained in the session are consolidated. Then, the risk register is filled up with the identified risks. Let us move on to the next screen, where we will discuss the Delphi Technique.

6.19 Delphi Technique

Delphi is another frequently used tool in risk identification. It is a type of interview with subject matter experts. The interviews are anonymous and only the facilitator knows all the subjects involved in this process. This technique is used when there are conflicts or confrontation, or when brainstorming is not recommended. It is also used to get comments from “competitors”, but the challenge is that Delphi is a slow process and it requires hard work. The process of carrying out Delphi technique is explained in next screen.

6.20 Delphi Technique Process

In the Delphi technique process, first the scope is defined and the facilitator is introduced. Then, the facilitator develops questions and introduces the interviewees. He also distributes the questions and survey to the interviewees. Then, the facilitator receives the answers, consolidates the responses, and redistributes the questions. Finally, he consolidates the final results before filling up the register with the identified risks. In the next screen, we will discuss the Nominal Group Technique or NGT.

6.21 Nominal Group Technique

Nominal Group Technique is similar to brainstorming, except for the fact that NGT is individual brainstorming. This technique allows a certain degree of prioritization. It is a mix of individual and group participation; it is also fast and effective. Also, this technique reduces the “chaos” that may occur in brainstorming sessions. In the next screen, we will focus on the process to carry out NGT.

6.22 Nominal Group Technique—Process

In the Nominal Group Technique process, the scope needs to be defined and then, the facilitator and the participants need to be introduced. The number of participants should be between six and eight. Next, you need to schedule (Read as ske – jule) the meeting and start it by stating the rules, time, and process. Each participant creates his/her own risk list and orders his/her risks based on priority. The facilitator writes down the first risk of each participant, and then the second risk and so on, until the list is complete. Then, the final results are consolidated to fill up the list of the identified risks in the register on the basis of priority of each risk. Let us now move on to the next screen, where we will discuss the Crawford Slip.

6.23 Crawford Slip Technique

Crawford Slip is another technique used to reduce “chaos” during risk identification. It is used to identify many risks in a short period of time. As the name of the technique indicates, slips such as Post-it notes are used to identify risks. For each slip, individual brainstorming is carried out and the results are consolidated in group. The process followed to carry out the Crawford Slip is explained in next screen.

6.24 Crawford Slip Process

In the Crawford Slip process, first the scope is defined and then, the facilitator as well as the participants are introduced. The number of participants should be between six and eight. Then, the meeting is scheduled (ske – juled) and started by stating the rules, time, and number of risks. Each participant writes down his/her first risk for a minute. This is followed by collecting slips and consolidating the list of identified risks. The list is then distributed to the participants for final comments. The final results are consolidated and the identified risks are enlisted in the register. In the next screen, we will look into another risk identification technique that is analogy.

6.25 Analogy Technique

Analogy is a technique where previous historical information is referred to. A reference is needed to use this technique. The available information is adjusted to suit the current scenario. The process used to carry out analogy is explained in the next screen.

6.26 Analogy—Process

The first step in analogy is to define the scope and see which similar previous projects can be used as references. Then, risks from previous projects should be consolidated. The list of risks to the current projects need to be adapted, the initial list of risks should be developed, and the list should be distributed to the team members. Then, the team needs to analyze the preliminary list of risks, after which the final results are consolidated and the identified risks are enlisted in the register. In the next screen, we will discuss checklists, surveys, and templates.

6.27 Checklists, Surveys, and Templates

Checklists, surveys, and templates are some of the commonly used techniques for identifying risks on the project. The critical success factor for these techniques is the availability of data from within and outside the organization. These techniques are based on the concept that no new project has a complete new set of risks. These techniques help to refine the list of risks and they use the risk breakdown structure, which is usually defined as a part of the risk management plan. Now, let us look into the assumptions analysis in the next screen.

6.28 Assumptions Analysis

Assumptions analysis is a process of validating the assumptions made. Assumptions need to be validated on the project; otherwise, they turn out to be risks on the project. Let us suppose that the project sponsor has recruited five programmers for the project manager and the project manager goes ahead and creates the scope, schedule (Read as ske – jule), and cost baselines based on these assumptions. Now, if this assumption turns out to be false, then, there is a risk of the project going behind the schedule and exceeding the budget. Therefore, assumptions analysis is an important tool for risk identification. It involves documenting the assumptions and then determining the risks. These risks may be caused due to inaccuracy, instability, or incompleteness of the project assumptions. In the next screen, we will discuss checklist analysis.

6.29 Checklist Analysis

Checklist analysis is the process of systematically evaluating the pre-created checklists and developing a checklist based on relevant historical information. Checklist analysis is a standardized way of identifying risks on the project. It is applicable to any process or system, including equipment and human issues. Let us now move on to the next screen, where we will discuss the SWOT analysis.

6.30 SWOT Analysis

SWOT analysis is a popular tool which is used for risk identification. In this technique, strengths and weaknesses that are of internal origin, that is, related to the organization are identified. Also, opportunities and threats of external origin are identified. For example, your organization may follow a strong process which is its strength. This strength will be helpful to the project where there is no need to reinvent identification of risk process. But, the weakness can be bureaucracy which is harmful in terms of efficiency, as it takes more time to carry out the simplest of activities. Since the organization has a good process, therefore from the external point of view, it is an opportunity where the customer can order more projects from the organization. This in turn increases the revenue, and is thus considered as an opportunity. The threat can be the competitor’s efficiency in producing projects in a short turnaround time, which is harmful. In the next screen, we will discuss the cause-and-effect diagram.

6.31 Cause-and-Effect Diagram

Cause-and-effect diagram is also called Ishikawa or Fishbone diagram. It is a popular diagrammatic technique for risk identification. In the example given on the screen, there are lots of rejected images which are a matter of concern for the organization and can lead to the risk of business loss. To overcome this, you need to find out the causes at a high level and find out the details. For example, if the measuring method is wrong, the reason could be wrong specifications. Usually, the causes are identified based on man, machine, material, method, measurement, and environment. This looks like a fish skeletal, which is why it is called Fishbone diagram. Refer to project quality management area of PMBOK to know more about this technique. In the following screen, we will discuss an example of root cause analysis.

6.32 Root Cause Analysis—Example

The ABC Company has identified a problem during a recent program review. Management realizes that the same types of risk events are occurring on almost every project and they cannot seem to understand the reason. So, they hire an outside risk consultant, who sets out to investigate the matter. The consultant begins by looking at historical documentation on projects that have been performed over the last three years. During the review of project documents, the consultant begins to discover that, most risks are related to human resources and scope. The consultant then employs multiple diagramming techniques to assign each risk area to common root causes. It is then evident that Pareto’s Law is clearly defined with the results. Let us continue our discussion of this example in the following screen.

6.33 Root Cause Analysis Example—(contd.)

Pareto’s Law generally states that the smallest number of causes will result in the largest number of problems. By working in reverse from effect to cause, the consultant is able to pinpoint which root causes are to blame for the majority of the risks within this company. There is a lack of training for the employees, too many understaffed activities during execution and poor requirements documentation. By using root cause analysis, and understanding Pareto’s Law, the consultant was able to track down the root causes and report it back to the company with his recommendations. The ABC Company then utilizes the results to begin correcting the problem. The next screen is about the output of Identify Risks process.

6.34 Output

The output of the Identify Risks process is a risk register. A risk register is a document that contains the list of identified risks and potential responses. When complete, the risk register will ultimately contain the outcomes of the other risk management processes, including the results of the qualitative risk analysis, quantitative risk analysis, and risk response planning. It also includes risk actions, risk statuses, and names of risk owners.

6.35 Prompt Lists

During the process of risk identification, risk management practitioners recommend identifying risks according to pre-defined categories, in the risk management plan. One of the tools that can help in choosing risk categories is called “Prompt list.” A prompt list refers to several risk categories that may be presented as a RBS and used when identifying risks in a project. A prompt list prompts a project manager to choose a pre-defined category. For example, a prompt list such as PESTLE prompts the project manager to choose political, economic, social, technological, legal, and environmental factors as risk categories. The other examples are TECOP and SPECTRUM . TECOP is determined by technical, environmental, commercial, operational, and political factors. SPECTRUM is determined by socio-cultural, political, economic, competitive, technological, regulatory or legal, uncertainty or risk, and market factors. Let us look at the most widely used risk categories in the next screen.

6.36 Risk Categories

The risk categories are divided into technical, quality, or performance risks; project management risks; organizational risks; and external risks. Some of the technical, quality, or performance risks are technical changes, changes to industry standards during the project, dependence on unproven or complex technology, and unrealistic performance goals. The examples for project management risks are inadequate time and resource allocation, ineffective project plan development, and poor cost estimates. Whereas, organizational risks include resource conflicts with other projects, inadequate project funding, and inconsistent management support. External risks are union issues, change of management in the customer’s organization, and regional security issues. Now let us find out what can be the best practices for Identify Risks process, in the next screen.

6.37 Best Practices

The best practices in the Identify Risks process include the use of structured risk descriptions which can ensure clarity. You should also employ a risk meta-language that offers a useful way of finding out the causes and effects of risks. Meta-language describes each risk using three-part statements in the form of cause, risk, and effect. For example, as a result of bad weather condition, there may be rain due to which the staff might not come to work and due to this, there might be delay in the project delivery.

6.38 Historical Documentation

One invaluable source of information for a project is any available data on previous projects that were similar to the current one. There are many risks that will reoccur from one project to the next. To capitalize on lessons learned, you will need access and it must be well structured. Examples of historical documentation includes previous: Risk plans, Risk registers, Contracts, Project post-mortem documentation, Change requests, Cost and time estimates, etc. The next screen is about documenting the results of risk identification process.

6.39 Documenting the Results

Recording is one of the important activities which help in capturing all the relevant information on each identified risk. The information on these risks is maintained in the form of risk register. This register contains description of risks, name of risk owner, cause and effects of risks, triggers, preliminary risk responses, risk category, etc. Let us move on to the quiz questions to check your understanding of the concepts covered in this lesson.

6.41 Summary

Here is a quick recap of what was covered in this lesson: The objectives of Identify Risks process are identify risks, document risks, and categorize risks. The critical success factors for Identify Risks process are early Identification, multiple perspective, iterative Identification, risks linked to project objectives, emergent identification, complete risk statement, comprehensive identification, ownership and level of details, explicit identification of opportunities, and objectivity. The three categories of tools and techniques of Identify Risks process are historical review, current assessment and creativity technique. The best practices in Identify Risks process include the use of structured risk descriptions which can ensure clarity. Recording is one of the important activities, which help in capturing all the relevant information on each identified risk.

6.42 Conclusion

This concludes, ‘Identify Risks.’ The next lesson is ‘Perform Qualitative Risk Analysis.’

  • Disclaimer
  • PMP, PMI, PMBOK, CAPM, PgMP, PfMP, ACP, PBA, RMP, SP, and OPM3 are registered marks of the Project Management Institute, Inc.

We use cookies on this site for functional and analytical purposes. By using the site, you agree to be cookied and to our Terms of Use. Find out more

Request more information

For individuals
For business
Name*
Email*
Phone Number*
Your Message (Optional)

By proceeding, you agree to our Terms of Use and Privacy Policy

We are looking into your query.
Our consultants will get in touch with you soon.

A Simplilearn representative will get back to you in one business day.

First Name*
Last Name*
Email*
Phone Number*
Company*
Job Title*

By proceeding, you agree to our Terms of Use and Privacy Policy