Explanation
All risk management processes follow the same basic steps, although sometimes different jargon is used to describe these steps. Together these 5 risk management process steps combine to deliver a simple and effective risk management process.
Step 1: Identify the Risk. You and your team uncover, recognize and describe risks that might affect your project or its outcomes. There are a number of techniques you can use to find project risks. During this step you start to prepare your Project Risk Register.
Step 2: Analyze the risk. Once risks are identified you determine the likelihood and consequence of each risk. You develop an understanding of the nature of the risk and its potential to affect pro-ject goals and objectives. This information is also input to your Project Risk Register.
Step 3: Evaluate or Rank the Risk. You evaluate or rank the risk by determining the risk magni-tude, which is the combination of likelihood and consequence. You make decisions about whether the risk is acceptable or whether it is serious enough to warrant treatment. These risk rankings are also added to your Project Risk Register.
Step 4: Treat the Risk. This is also referred to as Risk Response Planning. During this step you assess your highest ranked risks and set out a plan to treat or modify these risks to achieve acceptable risk levels. How can you minimize the probability of the negative risks as well as enhancing the opportunities? You create risk mitigation strategies, preventive plans and contingency plans in this step. And you add the risk treatment measures for the highest ranking or most serious risks to your Project Risk Register.
Step 5: Monitor and Review the risk. This is the step where you take your Project Risk Register and use it to monitor, track and review risks.
[Reference:, - What are the 5 Risk Management Steps in a Sound Risk Management Process?, - CIPS study guide page 192-193, LO 3, AC 3.3]
