6th Edition PMBOK® Guide–Process 11.1 Plan Risk Management: Outputs

This post covers the outputs of the process 11.1 Plan Risk Management.   Actually, there is only output and that is the Risk Management Plan.   Here are the elements that should go into such a plan:

  • Risk strategy–the organization’s general approach to managing risk on projects
  • Methodology–specific approaches, tools (like the probability and impact matrix) and data sources that will be used to perform risk management on the project.
  • Rules and responsibilities–who is the lead of the risk management team and who are the team members?   Who will support the activities within the organization?  What are the specific responsibilities of each member of the team?
  • Funding–this clarifies the protocols for application of contingency and management reserves.   Remember, contingency reserves are for those risks that are on the risk register (the “known unknowns”) vs. those risks that are not (the “unknown unknowns.”
  • Schedule–defines when and how often risk management processes will be performed throughout the project life cycle, and establishes those risk management activities that will be included into the project schedule.
  • Risk categories–a risk breakdown structure or RBS is a representation of potential sources of risk on a project.   Creating an RBS helps the project team consider the full range of sources from which individual project risks may arise.
  • Stakeholder risk appetite–this should be expressed in terms of measurable risk thresholds around each project objective in order to determine the acceptable level of overall project risk exposure.
  • Definitions of risk probability and impact–used in process 11.3 Perform Qualitative Risk Analysis, the probability and impact matrix divides these concepts into qualitative thresholds like “low”, “medium” and “high”.   The definition of these thresholds is important to establish at the beginning of the project.
  • Probability and impact matrix–not only the definitions of the individual thresholds, but how these thresholds will interact must be determined ahead of time.   Also, the overall strategies of dealing with these categories should be defined.   Will the company accept those risks in the “low” category, mitigate those in the “medium” category, and avoid those in the “high” category, for example?
  • Reporting formats–this shows how the outcomes of the risk management process 11.6 Implement Risk Responses and 11.7 Monitor Risks will be reported to stakeholders.
  • Tracking–shows how risk activities will be tracked using the risk register and how risk management activities will be audited.

The next process starts the specific risk management planning process of identifying risks.   The inputs to that process are in the following post.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: