Risk management has its own international standard (IS0 31000) built upon the ANZ standard that preceded it. It's also a core function in the Project Management Body of Knowledge published by the Project Management Institute. Our experience conducting RegPM assessments for the AIPM has show it is not, however, something that is practiced very often by most project managers. Most project managers though, would be aware of the process:
-Identify potential threats to your project
-Assess their likelihood and consequence
-Develop contingency plans
-Execute said plans
Unfortunately, most project managers only ever get to the ‘assess their likelihood and consequence’ stage and even then, it’s usually only at the start of the project lifecycle or when a new team is formed. We believe there are a few reasons behind this. Firstly, risks identified at the start of a project are recorded into a MS Word document and then stored on a server, never to see the light of day again. Secondly, when there is intent to manage risks, it gets included as an agenda item in the notoriously tedious weekly project meetings, where it will usually sit at the bottom of the list. Being the last item on the agenda is never a good thing, all the progress updates consume every minute of the meeting, which leaves the risks to be looked at ‘next time.’ Naturally and predictably, tomorrow never comes, and even if it does, full mitigation is never developed again because people run out of time.
UniPhi's risk module integrates risk management with the daily work life of a project team member.
Mitigation actions appear in a user’s ‘my work’ summary list.
Risks can be added to by anyone on the team at any point in time. Re-rating risks dynamically updates risk trend graphs that track the success/ or failure of risk mitigation strategies over time, which will help to better the quality and outcomes of a project.