11.2 Identify Risks
The process of determining which risks may affect the
project and documenting their characteristics
This is an iterative process as new risks may evolve or
become known during the project
Participants in risk identification activities can include –
–
–
–
–
–
–
Project Manager and Project Team
Project Sponsor and Stakeholders
Risk management experts
Customers
Subject Matter Experts
Other Project Managers
Occurs during Planning
Monitor
Initiation
Planning Execution
Close
Control
Adapted from PMBOK 5th Edition
11.2 Identify Risks
Inputs to Identify Risk
 Risk Management Plan
 Cost Management Plan
 Schedule Management Plan
 Quality Management Plan
 Human Resource Plan
 Scope Baseline
 Activity Cost Estimates
 Activity Duration estimates
 Project Documents: e.g.:
– Project Charter
– Project Schedule
– Schedule network diagrams
– Issue log
– Quality checklists
Monitor
Initiation
Planning Execution
Close
Control
Adapted from PMBOK 5th Edition
11.2 Identify Risks
Inputs to Identify Risk (continued)
 Stakeholder Register
 Procurement Documents
 Enterprise Environmental Factors:
 published information
 academic studies
 industry studies
 Benchmarking
 risk attitudes
 checklists
 Organisational Process Assets 



Project Files
Organisational and project process controls
Risk Management Templates
Lessons Learnt
Monitor
Initiation
Planning Execution
Close
Control
Adapted from PMBOK 5th Edition
11.2 Identify Risks
Tools and techniques for identifying risk include Documentation
Reviews
Questionnaires Interviews and
Brainstorming Workshops
Surveys
System or Process Assumptions
Analysis
Flowcharts
Expert
Judgement
SWOT
Analysis
Industry Risk
Frameworks
Checklist
Analysis
Influence
Diagrams
Lessons
Learnt
Root Cause
Analysis
Cause & Effect
Diagrams
Risk
Categories
Delphi
Technique
Adapted from PMBOK 5th Edition
11.2 Identify Risks
Risk Checklists & Questionnaires
•
Many organisations and certain industries have standard risk checklists and
questionnaires that assist with the identification of the overall risk on a
project, as well as the specific risks that may be applicable
Assumptions Analysis
•
Any assumptions that have been documented during the planning
processes need to be analysed and included in the Risk Log. If any
assumption does not prove to be true there will be impacts to project
objectives, the risk of assumptions proving untrue must be evaluated.
Risk Categories
•
Many organisations and certain industries have standard risk categories
which help to ensure that all risk areas are reviewed when undertaking risk
planning
11.2 Identify Risks
Delphi Technique
•
Used to reach a consensus of experts – anonymous questionnaires that are
then collated and recirculated for further comments.
Cause and Effect Diagrams
•
Used to identify the causes of risks.
Source: www.hci.com.au
11.2 Identify Risks
Influence Diagram
•
Graphical representations of causal influences, time ordering of events,
other relationships between variables and outcomes.
From PMBOK 5th Edition
11.2 Identify Risks
SWOT Analysis
•
Standard approach used to identify risks and opportunities during business
planning and marketing activities. Can also be applied to project risk
identification. Involves the identification of an organisations Strengths,
Weaknesses, Opportunities and Threats. Weakness and Threats may need
to documented in project risk logs.
Expert Judgement
•
Many organisations will have specialised risk management teams that can
provide expert assistance to projects in the planning and identification of
risks. In very risky projects it may also be helpful to consult external subject
matter experts.
Industry Risk Frameworks
•
Some industries, particularly Construction and Defence, have standard risk
frameworks which are extremely helpful to project risk management.
11.2 Identify Risks
Outputs of this process include –
 Initial entries on the Risk Register
 List of identified risks
 Potential risk owners
 List of potential responses
Sample column headings in a typical Risk Register
Risk
ID
Risk
Category
Risk Description
Risk
Owner
Likelihood
Impact
Risk
Rating
Management /Mitigation
Strategies
Residual
Likelihood
Residual
Impact
Residual
Rating
Status
Priority
Adapted from PMBOK 5th Edition
Inclusions in Risk Register during Planning
Risk
ID
Risk
Category
Risk Description
Risk
Owner
Likelihood
Impact
Risk
Rating
Management /Mitigation
Strategies
Residual
Likelihood
Risk Id
Risk Description
• Can be a simple as a number
• Plain English explanation of the risk
• One to two sentences in length
• Ensures common understanding
• May relate to the risk category
• Used as a unique identifier
• may be an internal standard
Residual
Impact
Residual
Rating
Status
Priority
Risk Category
Risk Owner
• Can be taken from industry frameworks
• Can be set at internal standards
• May need to be developed/tailored
• Ensures identification of all risks
• Assists with monitoring and control
• A specific person or role
• Ensures clear ownership of the risk
• Responsible for monitoring & control
Adapted from PMBOK 5th Edition
Example – first part of Risk Register
Risk ID
Risk Category
Risk Description
Risk Owner
MK001
Marketing
Marketing may not be able to book the required
advertising with the Fairfax group due to conflict
of interest
Brian Green
HR001
Human Resources
May not be able to obtain a qualified Plumber in
the time available
Fred Jones