Risk Management Plan

RiskManagement Plan


Arisk is inevitable and exists in every social condition. It ispresent in both private and public institutions. There are manyconventional explanations of risks depending on the situation. Theuniversal concept is the uncertainty of all possible results. Riskmanagement, therefore, is an activity which incorporatesidentification of risks, developing policies to manage the hazards,and its mitigation using the necessary resources[ CITATION Hil12 l 1033 ]. Threat controlling is also a constant, iterative and practicalprocess used to minimize. The process involves finding, evaluating,planning, monitoring, detailing, and communicating hazardsefficiently. Some traditional modes of risk management focus onhazard stemming from physical or legal causes[ CITATION Hil12 l 1033 ]. Nevertheless, the risk is categorized by the likelihood that theprogram will experience an occurrence, sovereignty, and consequences.One of the objectives of risk management according to Hillson&amp Simon (2012) is to minimize several related threats. Thesehazards may be as a result of environmental, political,technological, human and organizational factors. This paper,therefore, establishes a risk development plan for the project. Inaddition, it defines the process of risk management is engaged in theentire program. The plan manager has the responsibility to maintainthe master plan throughout the project. In so doing, he or sheguarantees that the procedure remains suitable to handle.

Scopeand Objectives of Risk Management Process

Theaim of the project threat organization process is to manage all theforeseeable threats in a proactive manner. As a result, it increasesthe possibility of the scheme to achieve its purposes. This occurswhile sustaining threat acquaintance at proper level Hillson &ampSimon (2012). According to Hillson &amp Simon (2012), the riskprocedure aims to contain all program personality, create ownershipand risk management actions. Consequently, the process enablesprogram stakeholders to examine keenly the project parts that may bein danger. It does this by identifying the primary threats. Therisk development process also purposes to describe the entireprocedure, organizational responsibilities and tools needed tosupport the project[ CITATION Hil12 l 1033 ]. In addition, the strategy generates the method for controllingthreats. The choice of this plan contains risks connected with theutilization of the projects facilities, financial resources, andother necessary assets.

Inputsto Risk Management

Theseinclude the general information and requirements needed to begin therisk process as illustrated in the table below.

Information background of the project

Contains comprehensive data regarding the project, the performance of other organizations, training and other valuable information that can recognize the risks

Chronological knowledge

Indicates risks obtained from the previous projects

Previous lessons learned

Shows what former agencies would prepare if given a chance to perform other projects. This input helps individuals to identify, manage and mitigate risks on the scheme.

Project deed

Aids in foreseeing if the risky behaviors of the entire project objectives. Essentially, it identifies hazards based on what exists.

Possibility statement

Illustrates the convolution of the project and aids in comparing other teams’ knowledge and experience to what is needed.


It is difficult for the project manager to conduct research and ascertain all the dangers. A group methodology and the aptitude to spread risk management events based on management of hazards makes the process more timely and accurate.


They can realize risks that the group cannot. Their engrossment contributes to efficient organization

System plan

Gives a sense of direction concerning risk management

Time and cost evaluations

High expense requirement and time level help to pinpoint risks related to time and costs.

Operating strategy

Assist in understanding the resources available

Managerial strategies and templates

Provides a base of adjustment for the risk accomplishments.

Procurement scheme

Provides a solid link between risks and contracts with the intention of mitigating risks.

Approachto Risk Management

Thetactic taken to minimize risk for this mission involves a logicalprocedure. The practice enables the planning group to identify, scoreand rank different hazards. Here, the maximum risks are included inthe program. The reason for the step is to enable risk managers totake appropriate measures to facilitate the mitigation response atthe desired time

RiskContingency Planning

Accordingto Hillson &amp Simon (2012), risk contingency planning is the actof preparing a plan or a series of activities whenever a risk occurs.Having the emergency plan in place enables the project team to thinkin advance as in the course of action if any risk event happens. Forour case, contingency was reflected in the project budget to coverthe unexpected costs. The amount planned for was $100,000 although itmay be limited to just the high probability risk. This impact scalesassists in assessing opportunities using the proposed budget.[ CITATION Hil12 l 1033 ].A relative scale representing probability values from very unlikelyto almost certainty can be utilized while assessing the risk. Thefigure table below gives direction on how to evaluate risk impactsrelated to the impact objectives.

Distinct Settings for Control Balances of a Risk on Significant Program Purposes

(Examples are indicated for undesirable effects only)



Comparative measures are shown

Very low /.05

Low /.10

Moderate /.20

High /.40

Very high /.80


Inconsequential cost


&lt10% rate


10-20% cost


20-40% cost


&gt40% cost



Minor time


&lt5% time


5-10% time


10-20% time


&gt20% time



Scope decrease rarely visible

Insignificant regions of possibility affected

Main zones of opportunity affected

Possibility lessening intolerable to sponsor

Plan end item is regarded useless


Quality deprivation hardly noticeable

very critical applications are affected

Value reduction needs sponsor endorsement

Quality decreases undesirable to sponsor

Project end item considered valueless.

RiskManagement Steps and Tools

Havingdiscussed the objectives of the risk management, process, it isimportant to ascertain the steps used to manage the risks. Theyinclude instituting goals and framework, finding risks, examining theacknowledged threats, assessing the risks, and managing themaccordingly[ CITATION Hil12 l 1033 ].In the same way, monitoring ad reviewing the risks as well asreporting and consulting with the stakeholders is useful. All thesesteps are discussed below.

EstablishGoals and Context

Thisis the initial phase of managing risk. According to (Hillson &ampSimon (2012), the purposes of this stage is to enhance theunderstanding of the environment in which the individual firmsoperate. That is to say people can understand external environmentand internal organizational structure quickly. The scrutiny isassumed by creating the tactical, legislative and risk organizationenvironment. Establishing goals and context is also done throughidentifying the challenges and the opportunities of the governingbody.A section of this phase also deals with developing riskmeasures. To be effective, the conditions need to reflect theperspective defined based on the internal rules, objectives, andideas of the organization as well as the benefits of theshareholders. Nonetheless, the perceptions of the stakeholders’ andregulatory requirements of the organization may affect the standards. For that reason, the appropriate measures should be indomitable atthe outset.

Identifythe Risk

Usingthe data gathered from the background, the next stage determines therisks that can affect the achievement of the organizational goals,initiative, and activity. During identification of risk, it isimperative to consider the following fundamental questions.

Inwhat ways are the hazards likely to occur to achieve the set goals?

  1. What risks can occur while achieving the priorities?

  2. What risks can occur if the set priorities are not met?

  3. Who may be involved in the occurrence of risk?

Accordingto researchers, the suitable risk identification technique depends onthe submission area. They include the hazard groups and the nature ofthe activity.[ CITATION Hil12 l 1033 ] Further identification of risks employs the use potential sources ofrisks, possible frauds, and typical risks in phases of theprocurement course. In addition, setup preparation, process mapping,and documentation also serve as risk assessment tool. In mostoccasions, identification of risk requires individuals with properunderstanding from various organizations[ CITATION Hil12 l 1033 ].Sincerely speaking, this phase is the critical step in the valuationof risk. The sources mentioned earlier should be managed to make theprocedure proactive.


Inthis context, risk breakdown is the deliberation of the cause ofrisk, outcome, and probability to approximate the natural threats. It also encompasses realization of the controls, the approximation ofthe efficacy and the results of risks. For that matter, qualitativeand quantitative methods are all acceptable technique exploration.These methods depend on the tenacity of the analysis, its analysis,and available data.The qualitative methods are often used forscreening risks. The contrary holds in the case of quantitativetechniques because they determine the rate of higher risks. Toestimate risk either qualitatively or quantitatively, one must applytools like risk graphs, hazard matrices, and monographs. In thiscase, risk model is the common technique.

Accordingto Hillson &amp Simon (2012), the application of risk modelrequires an individual to outline each hazard and its profile by useof the possibility of the criteria. An individual must determine theconsequences of the event taking place to establish the impactstandards. In the same way, he or she should locate the likelihood ofthe risk when Appling the possibility criteria. The level of threatis, therefore, measured by combining the standard of consequence andopportunity on the risk matrix. From a different perspective, complexhazards may involve complicated methodologies. For instance,different approaches must be realized for assessing the threatslinked to a large procurement.


Afteranalyzing the risks, the process that follows is to compare theanalyzed risks with the beforehand documented and standard acceptablerisk technique. It is worth noting that supportable risk is renownedwith the risk matrix when applying the method of risk matrices[ CITATION Hil12 l 1033 ].In case the endangered risk is larger than the supportable threat,then the particular hazards require more control processes in theusefulness of the present checks. The authorized manager thenfacilitates the result of risk acceptance. For a risk to be regardedas conventional, then, it is necessarily truncated that management iscost effective. Sometimes, treatment might be unavailable. Acceptablerisk also occurs in the case where an adequate prospect that balancesthe apparent level of t hazard exists[ CITATION Hil12 l 1033 ].If the executive regards the standard of risk as acceptable, it maybe acknowledged with no further management. These threats need to beoccasionally examined to maintain their acceptability. It is becausethe suitability level can include the safety goals set by theexecutive.


Oncethe risk is evaluated, individuals can take measures to itstreatment. It is the unacceptable risk that needs treatment. Theobjective of this step is to build up cost operative decisions forminimizing the risks. Nonetheless, risk control options that areappropriate in all situations are driven by – risk avoidance, riskmitigation, sharing of risk as well as retaining the hazard.

Monitoringthe Risk

Itis effective to comprehend that the idea of danger is vibrant. Forthat reason, it needs regular review. This step focuses on thedescription of how the results of the treatment will be measured. Thereview period is guided by the functioning environment as well aslegislation[ CITATION Hil12 l 1033 ].As a general rule, it is advisable to conduct a comprehensive reviewevery five years. This follows the trend that nearly all changes aresubject to the right transformation process. The analysis shouldauthenticate that the risk management procedure and its certificationis valid. However, the assumptions made in the previous assessment,the significance of the Directorate, and the related control systems,as well as individuals, need to be monitored on a daily basis[ CITATION Hil12 l 1033 ].By doing so, risks are reduced by the underlying methods. For aneffective hazard mechanism, the inquiry of interaction is vital. Itcertifies that the impacts of one hazard to the other is known andassessed.

Reportingand Communicating

Effectivecommunication is essential in the process of risk control. With thiselement, it is easier to pass information concerning objective,threat minimization process, and its features, as well as discoveriesfrom the project. According to Hillson &amp Simon (2012), riskcontrolling is a basic factor of organizations administration. Forits real implementation, it is significant that its first phases andreporting is available in the entire framework. Further, documentation is imperative since it indicates the process has beenprocedural with the identification of the scope and methods. In otherwords, documentation offers a lucid basis for organizationreflection, agreement and accomplishment with the suitable managementsystem[ CITATION Hil12 l 1033 ].


Projectrisk management process is concerned with the procedure of directingrisk management scheduling, analysis, responses, monitoring andmechanism of a project. Almost all these methods are updatedthroughout the project. The purposes of the risk management includeaggregating the probability and effects of regular events, as well asdiminishing the likelihood and impact of actions contrary to theproject. Risk management process is organized into stages. The firststep involves planning. The second phase focuses on riskidentification. The third process, however, deals with risk analysis.That is to say, both qualitative and quantitative models. Otherprocesses are risk response evaluation, risk treatment, monitoring,and control, as well as communication and reporting.


Hillson, D., &amp Simon, P. (2012). Practical project risk management: The ATOM Methodology. In Management Concepts Inc.