6th Edition PMBOK® Guide: Process 11.5 Plan Risk Responses: Inputs

“God grant me the serenity to accept the things I cannot change; courage to change the things I can; and wisdom to know the difference.”–the Serenity Prayer

In planning risk responses, you are enacting the spirit of the serenity prayer in doing what you can to change what you can, which is usually the probability or impact of a risk occurring.   Since you may not eliminate entirely the probability of its occurring, you need to accept it in the sense of preparing it for it so the impact isn’t so great once it occurs.   If there are risks that are small it may be okay to accept them in the sense of being willing to have a temporary workaround rather than preparing for a risk response ahead of time.   The wisdom to know the difference comes from the results of the previous two processes where you analyze the risks to see which ones matter the most to the outcomes of the project.

The inputs to this process are the following:

11.5.1  Plan Risk Responses:  Outputs  Project Management Plan

The project management plan contains the component management plans from the various knowledge areas and the baselines for the main three constraints of scope, schedule and cost.

  • Resource management–once the risk responses in this process are agreed upon, how will resources, both physical and human resources, to allocated to implement them?
  • Risk management plan–the roles and responsibilities for risk management, as well as the thresholds for risk management, are set out in the risk management plan.  The thresholds are important for the “escalate” response to a given risk, as we will see when we discuss the tools and techniques of this process.
  • Cost baseline–the cost of risk responses will come from the “contingency fund”, and this needs to be allocated from the budget  Project Documents

  • Lessons learned register–lessons learned about effective risk responses used in earlier phases of the project are reviewed to determine if similar responses might be useful during the remainder of the project.
  • Project schedule–once the risk responses in this process are agreed upon, how will they be scheduled alongside other project activities?   Will risk response activities get added to the WBS but in a different color to show that they are only done if the risk is triggered?
  • Project team assignments–who are the people that are assigned as risk owners who will carry out the risk responses?
  • Resource calendars–what resources (both physical and human) can potentially be available to be allocated to risk responses that have been agreed upon?
  • Risk register–for the individual project risks that have identified:
    • which risks require risk responses (those that don’t are put on the so-called “watch list”)
    • priority level for each risk to help guide the selection of risk responses
    • nominated risk owner for each risk
    • preliminary risk responses if identified during previous risk management processes
    • root causes of risks
    • risk triggers and warnings signs
    • risks requiring responses in the near term (urgent risks)
    • risks requiring additional analysis
  • Risk report–should list the following:
    • current level of risk exposure of the project
    • individual project risks in priority order
    • additional analysis of individual project risks that may inform risk response selection
  • Stakeholder register–may identify potential owners for risk responses.  Enterprise Environmental Factors

Risk appetite and risk thresholds of key stakeholders.  Organizational Process Assets

  • Templates for risk management plan, risk register and risk report.
  • Historical databases
  • Lessons learned register from previous similar projects.

The next post will cover the tools and techniques of this process.   Since there are many, I will break them up into the generic tools and techniques used in many planning processes (expert judgment, data gathering, interpersonal and team skills, and decision-making), and those that are specific to this particular process (strategies for threats, strategies for opportunities, contingent response strategies, strategies for overall project risk, and data analysis of risk response strategies).


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: