6th Edition PMBOK® Guide: Process 11.7 Monitor Risks: Outputs

Well, I’m back after a brief “vacation” from having moved and sold our old house.   Now that I’m not 100% unpacked yet, I’m installed enough into my new place to be able to start making blog posts again.

Today I’m concluding Chapter 11 on Risk Management with the final post on the outputs for the last risk management process, 11.7 Monitor Risks.   Now the process group is the “monitoring and controlling” process group, and even though the title of the process is “monitoring”, it always includes the “controlling” part, which means making changes if the monitoring part of the process shows that changes are needed.   These change requests are handled in the usual way, by being processed through the Perform Integrated Change Control process 4.6 (under the Integration Management knowledge area).

11.7.3  Monitor Risks:  Outputs  Work Performance Information

The risk register is reviewed and any changes to the previously agreed-upon risk responses for individual project risks are noted.   These changes are reviewed to indicate the effectiveness of the response planning (process 11.5 Plan Risk Responses) and response implementation processes (process 11.6 Implement Risk Responses).   Any changes in either the planning or the implementation should be made through a change request (see next paragraph).  Change Requests

The process of reviewing the risk register may result in changes to risk response planning and/or the implementation of those risk responses.   If these changes in turn require changes to the cost and/or schedule baseline (to account for the additional cost and/or time required to implemented those changed responses), then all of these changes need to be made through a change request.   These changes may be made with respect to individual project risks or to address the current level of overall project risk.

These requests are sent to the Perform Integrated Change Control process 4.6 in order to make the decision to accept or reject them.   If rejected, they go into the change log with the reasons for the rejection.   If they are accepted, then the changes are made to the project management plan (see next paragraph on Project Management Plan Updates).  Project Management Plan Updates

If the change requests mentioned in the last paragraph are accepted, the project management plan is updated accordingly, especially if the changed risk responses require changes to the cost and/or schedule baseline (to account for the additional cost and/or time required to implement the new or changed responses).   The changed risk responses themselves will be recorded in the risk register (see next paragraph on Project Document Updates)  Project Document Updates

  • Assumption log–in the process of monitoring risks, new assumptions may be uncovered, and existing assumptions may be revisited and changed.   The assumption log is updated with this new information.
  • Issue log–issues uncovered in the process of monitoring risks, usually related not to the contents of the risks themselves but in the handling of those risks, are recorded in the issue log.
  • Lessons learned register–if there are lessons learned as a result of the risk reviews done in this process, then these are recorded in the register so that they can be used on later phases of the project.
  • Risk register–the following are changes that might be made as a result of the Monitor Risks process:
    • Adding new risks that were not picked up during the original risk assessment but were noticed during the review
    • Updating outdated risks, so that if a risk triggered by a particular activity or task does not occur, then this risk can be considered outdated or obsolete.   This is important because the contingency reserve for the risk response associated with that risk may now be returned to the project budget, since it is now no longer needed for the outdated risk.
    • Updating risks that were realized to compare the amount of money actually spent with the amount put aside from the contingency reserve to pay for the response.   Besides reviewing the contingency reserve for those responses, the actual risk response needs to be reviewed to compare it with the expectation of how it should have occurred.   This may indicate that the effectiveness of the response planning and/or response implemtnation process needs to be changed.
    • Monitoring the risks on the “watch list” (those with low impact/low probability) to see if any of them need to be taken off the watch list, i.e., if their impact and/or probability has increased to the point where you need to add a risk response to account for them.
  • Risk report–another important part of the Monitor Risk process is letting the shareholders know what is going on with respect to risk.   This is done through the risk report, which is updated with the following based on the results of this process:
    • Current status of major individual project risks, including details of the top individual project risks, the agreed-upon risk responses and risk owners for those risks
    • Current level of overall project risks
    • Conclusions and recommendations for changes to the risk responses themselves
    • Conclusions from risk audits on the effectiveness of the risk management process  Organizational Process Assets Updates

The Monitor Risks process may result in changes to the following organizational process assets:

  • Templates for the risk management plan, risk register, and risk report
  • Risk breakdown structure (shows the source of risk on the project by category)


Wow, that chapter covers one of the most complicated aspects of project management, but one which will take you from being a good project manager to a great one if you can master it!

The next post will start on Project Procurement Management, which is the only “optional” knowledge area for project management, because you may be working on a project whose scope is limited enough that you can get the entire project done with resources from within the organization you belong to.   If, however, you need to acquire products, services, or results from outside the organization, then you need procurement management.   I will start with the inputs needed for the first process 12.1 Plan Procurement Management.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: