Risk Response Development
Responses to threats fall into the following categories:
· Avoidance
Eliminating a specific threat, usually by eliminating the cause. The project management team can never eliminate all risk, but specific risk events can often be eliminated.
· Mitigation
Reducing the expected monetary value of a risk by reducing the probability of occurrence, reducing the risk event value.
· Acceptance
Accepting the consequences. Acceptance can be active (e.g. by developing a contingency plan to execute should the risk event occur) or passive (e.g., by accepting lower profit if some activities overrun).
1. Inputs
a. Opportunities to pursue, threats to respond to
List opportunities that should be pursued and threats that require attention.
b. Opportunities to ignore, threats to accept
The duration of most activities will be significantly influenced by the resources assigned to them.
2. Tools and Techniques
a. Procurement
Acquiring outside sources for services and equipment is an appropriate tool.
b. Contingency Planning
Making plans to take action if a risk arises.
c. Alternative Strategies
Avoid risk by changing the planned approach.
d. Insurance
3. Outputs
a. Risk Management Plan
This documents the procedures to be used to manage risk throughout the project. It should cover who is responsible for managing various areas of risk, how the initial identification and quantification outputs will be maintained, how contingency plans will be implemented and how reserves will be allocated.
b. Inputs to other processes
Contingencies and plans must be feed back to other processes.
c. Contingency plans
d. Reserves
Examples are management reserve, schedule reserve, and contingency reserve.
e. Contractual agreements
May be entered into for insurance, services, and other items as appropriate in order to avoid or mitigate threats. Contractual terms and conditions will have a significant effect on the degree of risk deduction.
Risk Response Control
1. Inputs
a. Risk management plan
b. Actual risk events
When an event occurs, project management must recognize it so that the response plan can be implemented.
c. Additional Risk identification
As performance is reported additional risks may surface and should be identified.
2. Tools and Techniques
a. Workarounds
These are unplanned responses to negative risk events.
b. Additional risk response development
If event was not anticipated or effect greater than expected, then it may be necessary to repeat the response development and quantification process.
3. Outputs
a. Corrective Action
This is primarily the act of performing the planned risk response.
b. Updates to the risk management plan