1Risk Reporting Risk Reporting Rique Giddens, Anne Saintilus, Katherine Entress, Maria McPhatter, Robert Martinez, Tonya Townsend, Twanna Perkins-Monroe PM 584 Arnetra Arrington 5/02/16 Risk Reporting Individual Research In this paper, each member of Team A reports on a risk monitoring and a risk reporting practice and what lessons learned he or she can apply in their own projects. As a group, the team analyzes the theoretical application of these monitoring and reporting practices. They summarize the strengths and weaknesses of each practice. They conclude by selecting the top two risk monitoring and risk reporting practices. Project One Risk Manager: Robert Risk Register For the Riordan Manufacturing relocation, a risk register would be the one of the best tools to use to help identify the risks that are going to be associated with the move. It is a great tool that can be used in the early stages of planning that will help identify the risks and let the PM know that there are risks that need to be managed. Developing the risk register will also help the project team and PM identifies who they need to communicate with when they are faced with risks. A risk register is a tool that will have all the risks that the team has come into, it will have the severity of the risks the methods to manage, and will update all parties involved about the risks of the project letting everyone involved know whether the risks have been dealt with. Pros and Cons One of the good things about using this tool is that you can gather all the risks and start to manage them at an earlier stage. A drawback of the register is that if it is not updated and use correctly it can slow down the team and PM. Project Two Risk Manager - Rique Risk Register The risk register and the RAP are both great practices and tools that will help any organization with their project. The Risk Register collects all of the risks and ranks them so that the high priority risks get the attention they need. The register is updated as the project goes on. RAP The RAP is a great tool to help the PM report updates to senior leaders and stakeholders. Both of these play a part in other areas like monitoring and controlling risks, and the RAPs helping communication stay in line. Risk monitoring and reporting are essential because it keeps everything in front of the team and doesn't allow risks to creep up. Without the monitoring risks could creep around and cause delays and cost overruns to the project. Lessons Learned There are always lessons that can be taken from past projects and keep track of changes and issues can help make sure they don't occur again. Project Three Risk Manager – Twanna Risk monitoring - Project Risk Response Audits The auditors of the risks will take an examination and then document how effectiveness of the risk response. This will be with respect to avoiding, the transfer or the mitigation of the occurrence of the risk (Heldman, Baca, & Jansen, 2007). ...

1. 1Risk Reporting
Risk Reporting
Rique Giddens, Anne Saintilus, Katherine Entress, Maria
McPhatter, Robert Martinez, Tonya Townsend, Twanna Perkins-
Monroe
PM 584
Arnetra Arrington
5/02/16
Risk Reporting
Individual Research
In this paper, each member of Team A reports on a risk
monitoring and a risk reporting practice and what lessons
learned he or she can apply in their own projects. As a group,
the team analyzes the theoretical application of these
monitoring and reporting practices. They summarize the
strengths and weaknesses of each practice. They conclude by
selecting the top two risk monitoring and risk reporting
practices.
Project One Risk Manager: Robert

2. Risk Register
For the Riordan Manufacturing relocation, a risk register would
be the one of the best tools to use to help identify the risks that
are going to be associated with the move. It is a great tool that
can be used in the early stages of planning that will help
identify the risks and let the PM know that there are risks that
need to be managed. Developing the risk register will also help
the project team and PM identifies who they need to
communicate with when they are faced with risks. A risk
register is a tool that will have all the risks that the team has
come into, it will have the severity of the risks the methods to
manage, and will update all parties involved about the risks of
the project letting everyone involved know whether the risks
have been dealt with.
Pros and Cons
One of the good things about using this tool is that you can
gather all the risks and start to manage them at an earlier stage.
A drawback of the register is that if it is not updated and use
correctly it can slow down the team and PM. Project Two Risk
Manager - Rique
Risk Register
The risk register and the RAP are both great practices and tools
that will help any organization with their project. The Risk
Register collects all of the risks and ranks them so that the high
priority risks get the attention they need. The register is updated
as the project goes on.
RAP
The RAP is a great tool to help the PM report updates to senior
leaders and stakeholders. Both of these play a part in other
areas like monitoring and controlling risks, and the RAPs
helping communication stay in line. Risk monitoring and
reporting are essential because it keeps everything in front of

3. the team and doesn't allow risks to creep up. Without the
monitoring risks could creep around and cause delays and cost
overruns to the project.
Lessons Learned
There are always lessons that can be taken from past projects
and keep track of changes and issues can help make sure they
don't occur again.
Project Three Risk Manager – Twanna
Risk monitoring - Project Risk Response Audits
The auditors of the risks will take an examination and then
document how effectiveness of the risk response. This will be
with respect to avoiding, the transfer or the mitigation of the
occurrence of the risk (Heldman, Baca, & Jansen, 2007). The
auditors will also check on how effective the risk owner will be.
Our auditors will conduct the audits of the risks when the
continuation of the project so as to control the risk.
Risk reporting-Anonymous Reporting
To ensure the safety of the public, our company has created a
playfield that is level for all the clients that we have in our
organization so that we may achieve a compliance rate that is
high. Our Safety Authority has placed some process that will
enable all the stakeholders to report the concerns that they have
anonymously. These are the concerns that are associated with an
individual's safety. The external service duped "Report a Safety
Risk" is one of the most confidential and very secure systems
that enables one to report the following; work that is not
licensed, work that is not permitted, conditions that they feel
not to be safe and improper conduct by any of our employees.
The positive and negative aspects of risk monitoring and
reporting
There is importance of conducting risk monitoring and reporting

4. because it ensures that the project's objectives are fulfilled.
Negatives aspects are that the two processes can drag the
project behind.
Lessons Learned
The need for auditing and safety in my project.
Project Four Risk Manager - Katherine
A potential risk monitoring and reporting method used is the
risk impact and probability method. Assessing the individual
risk and the possible implications the risk has on the project
will enable the management team to accurately identify and
develop an action plan for that risk. Riordan Manufacturing will
use an internal risk assessment form where the management
team will monitor the potential risks and measures taken to
mitigate the risks if necessary. Risk monitoring is integral to a
project due to unforeseen circumstances affecting the outcome.
Thinking of what could potentially go wrong and thwart the
occurrence from fruition is the primary objective to risk
monitoring and reporting. Communication of the risks and
mitigation strategies is necessary to keep the project flowing
and maintaining a schedule without overlapping duties. One
pitfall to this is the inconsistency with risk reporting.
Project Five Risk Manager: Tonya
The risk management plan developed for the Riordan
Manufacturing relocation project utilized the risk register
database and the project summary risk report. The two tools
used together was a great source to identify high and medium
risks that could potential impact the project's objectives. The
use of the database and risk report provided an ideal process to
prioritize risks to address and assign action plans for each
identified risk during and after relocation. By developing this
type of process, work packages were quickly allocated to team
members to handle should the risk occurs. Therefore, creating a
specific action plan for each team member to implement and be
responsible for if and when the risk occurred.

5. Positive: The tools helps provide a clear and concise action plan
to follow when risk arise and keeps stakeholders in the loop.
Negative: No plan for the unexpected risks that may arise
during the relocation project, so issues were reported late.
Lessons Learned: Lessons learned from the Riordan relocations
was to start developing the risk management earlier in the
planning phase. Most risks were determined during the
execution phase rather than the planning phase which created
some delays in the progression of the project.
Project Six Risk Manager: Anne
Reserve analysis is an analytical risk monitoring practice used
to establish contingency reserves of money and time in the
event certain risks occur during the life of the project. The goal
of reserve analysis is to estimate accurately the amount of
additional time and money the project will need if an identified
risk occurs. Management's desired confidence level determines
the amount of the contingency reserves. Reserve analysis links
to several project procedures. Key inputs to reserve analysis
procedures are the Work Breakdown Structure (WBS), project
budget, risk register. Reserve analysis also links to other risk
monitoring practices such as Critical Chain Project Management
(CCPM) and trend analysis. A positive aspect of reserve
analysis is it tracks the spending of contingency funds and
schedule burn rates. Use of contingency reserves can provide
early warning of issues requiring senior management attention.
A negative aspect of reserve analysis is it focuses on budget and
schedule related risks. It may not reveal risks not related to
these two constraints. Also, too much focus on depletion of
contingency reserves may not show specific hazards (PMI,
2009).
Risk Dashboard. A risk dashboard is a summarized risk
reporting method. It is typically a one-page, graphical report
designed to convey current project risk status “at-a-glance” to
senior managers and other busy stakeholders. The project

6. manager can create manually a risk dashboard in a PowerPoint
slide or on a whiteboard, but the advantage of a risk dashboard
is the near real-time reporting available only from project risk
management software.
Because the risk dashboard is a summary report of project risks,
it links to the WBS, project budget, risk register, and risk
strategy. A positive aspect of the risk dashboard reporting
practice is it quickly conveys risk status. Using the appropriate
technology creates another positive side--automatic and instant
updates to the dashboard. A negative aspect of the risk
dashboard does not show much detail. However, risk
management software eliminates this weakness by providing
hyperlinks to additional information on the risk.
Project Seven Risk Manager: Maria
Both the Risk Matrix and the Risk Severity Matrix work
together closely because they use levels from 5 being the most
impact and 1 being the lowest, will help determine how risks
will affect the project and the organization. However, even in
the most simplistic scenarios, the lack of including some of the
most important aspects of the project in one chart, may cause
“think overload” (which could affect stakeholder understanding)
if all information is not grouped together.
Risk Matrix
Risk
Probability
Impact
Detection Difficulty
When
Risk Mitigation
Relocation Delays
3
4

7. 2
Before/During
Review all details (i.e.,.travel time for equipment move, cost,
etc.)
Risk Severity Matrix
Impact
Likelihood
Not (1) Significant
Minor (2)
Moderate (3)
Major (4)
Catastrophic (5)
Will Occur (5)
Job Retention issues (Hangzhou site)
Likely (4)
Relocation Delays
Equipment & (IT issues) Shortage/Breakdowns
Possibility (3)
Decreased Vendor Relations
Business Continuity

8. Unlikely (2)
Rare (1)
Decreased New Market Knowledge
Conclusion
Each team member chooses to write about a risk monitor and
risk reporting procedure to help identify the risks on each
project. The seven project managers picked the risk register,
RAP, project risk response audits, anonymous reporting, risk
impact and probability method, reserve analysis, risk dashboard,
and the risk matrix. Each team member chooses these particular
reporting and monitoring method that helps each project
manager. With each risk reporting and monitoring method used
there is going to be positive and negative aspects of each
method that can affect a project's outcome. While working on
each project every Project Manager is going to have some
lessons learned that they can apply to future projects.
Team Analysis
Risk Reporting
Good risk management starts by identifying and analyzing risks
and continues with planning responses to these risks should they
occur. If stakeholders, projects, risks, and their environments
were static, the risk management process would end here.
However, that is rarely the case. Projects, stakeholders, risks,
and their environments are dynamic. They are constantly
changing.

9. Therefore, effective risk management is a continual cycle, not a
linear progression. The steps in the risk management cycle
needed to close the loop are risk monitoring and risk reporting.
Risk monitoring links risk management to other project
management processes and facilitated continuous improvement
(Cooper, Grey, Raymond, & Walker, 2005). Risk reporting
ensures appropriate stakeholders have the information they need
to take actions as risk status evolves.
Top Risk Monitoring Practices [Felix]
Team A reviewed the risk monitoring tools presented by each
team member and decided on Reserve Analysis and Risk Audit
as the top two tools to use for risk management as both offer the
necessary details for project reporting. Reserve analysis and
risk audit both had positive and negative aspects however they
both offered details and new perspectives to project risk that
serve as an advantage when monitoring risk.
Reserve Analysis provides analytical risk monitoring allowing
understanding of how risk can influence time and money of
project goals providing for an alternative view of project needs.
Understanding how certain risks can change project dynamics
reserve analysis can allow project leaders to plan and prepare
for risks more accurately by setting up contingency reserves for
risks establishing a time-frame and a budget for such risks. The
insight intocost and time values can prevent additional risk from
forming and can prepare leaders on exact costs if contingency
plans require deployment.
Risk Audit is another very useful risk monitoring tool as it can
provide additional aid in risk management by establishing
external committees that assist in evaluating risk factors for a
project. One major advantage of using risk audit in a project
for risk monitoring is it allows of analysis from outside
professionals to provide insight intothe project providinga
unique view of perspective from the project and can provide a

10. new view of a project providing objective feedback. The
feedback shared from these individuals is important as it
provides objectivity and an alternative view of the project.
[Nic]Team A chose to employ a full risk report and a risk
summary. A full risk report is a detailed and comprehensive
report on each major risk. A full risk report is a tool that shows
the top risks down to the conclusions of the project. It helps
stakeholders and the project manager to have the pertinent
information in one condensed easy to read report that they can
reference anytime.
The other reporting strategy that Team A chose was the risk
summary report. The risk summary report is similar to the full
risk report with the exception that the risk summary pertains
exclusively to the risks involved with the project. The risk
summary report itemizes the biggest risks to the smallest and
prioritizes them as well in a much shorter report than the full
risk report. "The risk summary report hits key elements and
issues of the project. Items such as business objectives,
community objectives, resources, timing and schedules,
customers, suppliers, finance, and administration, are included
in the risk summary report" (Cooper, Grey, Raymond, &
Walker, 2005, pp. 114-115). The risk summary reports break
down the risks associated with each heading. The project
manager determines a mitigation strategy for each risk. Both
the summary risk report and the full risk report let the
stakeholders know precisely what is happening with project
risk; however, the full risk report is more thorough than the risk
summary report.
The Risk Register Database
The following are the 12 elements of our Risk Register
Database (Development, 2013)
1. Risk Category-The category of the risk will be identified
2. Risk Description-At this stage, the organization is going to
offer a description of the risks that can potentially take place.
3. Risk ID-This is a number that is unique and that which will
be used in tracing the risk from the risk register.

11. 4. Project impact-At this stage, the organization is going to give
a description of the impact that the risk can cause on the
project.
5. Likelihood- This is the possibility of the risk occurring
6. Consequences- The side effects caused by the risk on the
project in case it happens
7. Risk rank-This the risk.
8. Risk Trigger-Things that can cause the necessity of giving an
implementation of the contingency plans.
9. Prevention Plan - The plan that can ensure that the risk does
not occur
10. Contingency Plan - The action plan that can be used to solve
the risk in case it occurs.
11. Risk Owner - This is an individual mandated with the
management of the risk
12. Residual Risk - The remnants of a risk after the initial risks
have been handled.
The Project Summary Risk Report
The following is a summary of the risk reporting framework
(Risk reporting and reporting. 2016)
1. The systems of risks reporting- The organization has
developed proper channels that should be used by all the
stakeholders in the reporting of risks. These systems have an
alignment with the other structures and the processes of the
organization.
2. The indicators of risk performance- The organization has
given a proper definition of the risk indicators. This will help in
the evaluation of the risk performance, the strategy, the
processes and the controls.
3. The protocols of reporting risks-The organization have also
ensured that the systems of reporting of the risks allow for
proper decision making and have the capability of identifying
actual and the risks that are emerging.

12. Description of Risk Monitoring and Reporting
The risk register database is a system that tracks all the risks
that have been identified from the risk identification process
and provides all team members with information on the risks,
including any action plans. “This is a living database that is
updated as the project progresses and risks change" (Cooper,
Gray, Raymond, Walker, 2005). Updating the risk register as
the project goes along will help keep the entire team informed,
especially the stakeholders and senior leadership. The risk
register is a great tool for the whole risk management process
and helps monitor and control the risks throughout the project.
The risk register can have different components, but the most
common displays should be: date, reference number, risk group,
any existing controls and the likelihood and impact. Overall,
this tool is vital to the entire risk management process and gives
all team members the ability stay updated on all the risks.
“The project risk report will contain summary details of risks
from all sources” (Cooper, Gray, Raymond, Walker, 2005). The
project summary risk report is a summary of all the risks that
details out all of the information about them. It will lay out the
description of the risks, the impacts and likelihood,
consequences of not having a plan in place, and an action plan.
This summary is giving all the information needed to report to
any senior leadership if necessary. If changes have occurred,
they should be notated so that everyone can stay up to date on
everything. Reporting risks are an important part of the risk
management process, and this risk report will help tie
everything together after a month of progress and work. The
reports should be detailed enough to make the stakeholders
satisfied and informed so that after the meeting they won't have
to ask for more info. Everything should be in this report from
how they are managed and controlled as well. Overall, this
report is vital to risk management success.
Positive and Negative Aspects of Risk Monitoring and
Reporting

13. Risk Monitoring and Reporting are both critical to the entire
Risk Management Plan of a Project Plan. Without managing the
risks and accurately identifying them, a project will not be as
successful as stakeholders or all who may be affected by the
outcome would think. Within every positive, there is also a
negative that seems to arise to cause a delay and costly error to
the duration, budget, quality, compliance, and morale of the
project team. Provision of a chart that shows a simplistic
visualization of the pros and cons of Risk Monitoring and
Reporting concepts may help to increase the understanding of
the effects that each process may have on an overall project.
Process
Pros
Impact (Quality & Compliance)
Risk Monitoring
The ability to identify risks through effective communication,
provision of clear objectives, research, and use of tracking
methods such as risk auditing.
5
Risk Reporting
Encourages team communication/collaboration; several formats
to use that will help stakeholders understand all areas of the
project (i.e. risk registers).
5
Process
Cons
Impact (Quality & Compliance)
Risk Monitoring
One of the most concerning negatives of risk monitoring is the
cost increases of monitoring the risks (auditing process can be a
costly measure).

14. 5
Risk Reporting
The lack of accurate reporting of information, an increased
amount of time gathering data that is peculiar to the project
could substantially prolong the reporting and the project
completion as a whole.
5
Lessons Learned
The monitoring practice of risk audits and the reporting practice
of the major periodic risk report have some applications to the
Quality Improvement enterprise resource program project. The
QI project is a large-scale project, and using risk audits, and the
major periodic risk report may help the project manager to
address and reduce risk. A risk audit committee composed of
both internal and external members can identify risks the
project team misses because of their primary focus on the
technological requirements of the project. The project manager
could use major periodic risk reports in conjunction with project
status meetings to provide stakeholders with an appropriate
level of detail on the project's most extreme risks.
Risk Reporting and Monitoring Narrative
Risk reporting when used right can be a great tool for any team
in helping to identify the risks that are associated with the
project. Risk monitoring and reporting is a useful and integral
part of risk management. Risk monitoring and reporting reduce
the crises in projects from happening. When these tools are
reviewed to be up to date, the team can be sure that these tools
will help the project team, and PM identifies the risk that might
face. It is also important to be sure that the risk reporting
systems are in line with other organization performance manage
structures (Institute of Risk Management, 2016).When the risks
are identified the team can then develop methods to address the
risks. The reporting and monitoring can help with identifying
who they need to report the risks to and report how they have
come up with a way to manage the risk. An effective reporting

15. and monitoring process will ensure that the team will be ready
to deal with new risks that may emerge and help with better
decision-making (Institute of Risk Management, 2016).
Risk Assessment Methods Pros and Cons Tabular Format with
Narrative
Risk Method
Pros
Cons
Risk Narrative
A description of the risk as complete as possible given the
available evidence
Incomplete risk hypothesis when uncertainty is great
Risk Probability and Impact
Ability to isolate aggressive management to critical areas
Lack of discrimination for effective decision-making
Data Precision Ranking
Provides accurate data
Reliance on related historical data
Expert Judgment
Has previous experience with similar project
Too many ideas can cause delays in decision-making
Risk Categorization
Grouping by common root causes
Too many groups might be created, not being able to prioritize
Event & Fault Tree
Evaluate multiple outcomes from an event
Event outcome possibilities can create distractions
Risk Matrix
Enables fast identification of risk and impact.
Not efficient for large-scale projects. Limited information is
presented in the matrix.
The risk narrative may be too in-depth and lacks the ability to
assess risks at a quick glance. Risk probability and impact
isolates to critical areas and lacks the ability to make precise

16. decisions. The event and fault tree shows the many possible
combinations of events but can be visually distracting. Data
precision ranking is very detailed although relies on historical
data that may be inaccurate. The expert judgment is based on
prior project experiences, but the downfall is the projects may
not be exactly alike; which would affect the results. Risk
categorization groups by common root cause but the groupings
may be too broad. The Risk Matrix enables a quick glance of
the risks and associated impact but is not efficient for large-
scale projects. Specific details of the risk reporting
methodologies may be more specifically matched to the project
based on desired outcomes.
Conclusion
Effective risk management starts by identifying and analyzing
risks and continues with planning accordingly should a risk
occur on a project. The project team decided to on two reporting
and monitoring plans to discuss, Reserve Analysis and Risk
Audits. Each of these tools has a useful purpose for the project
that differs from each other. They are effective in the aid of
properly managing the risks that are associated with the project.
Also, the team choose to employ a full risk report and a risk
summary. The project team identified some positive and
negative aspects of the risk reporting and monitoring methods.
As with any project, there are some lessons learned that the
project team can take away from any project and apply the
lessons learned to other projects.
References
Active Risk Group. (2012, September 2012). Risk exposure
dashboard. Retrieved July 14, 2015, from Active Risk:
http://www.activerisk.com/wp-content/uploads/ARM-
Dashboard.jpg
Braram, G. E. (2003). Project management oversight: An
effective risk management tool. AACE International
Transactions, RI31-RI35.

17. Cooper, D., Grey, S., Raymond, G., & Walker, P. (2005).
Project Risk Management Guidelines. Wiley & Sons Ltd.
Development, C. (2013). What are the 12 Key Elements of a
Project Risk Register Template?. Continuing Professional
Development. Retrieved 30 April 2016, from
http://continuingprofessionaldevelopment.org/key-elements-
project-risk-register-template/
Hall, C., Selmbrouck, S., (2007). Professional Categorization,
Risk Management and Inter- Agency Communication in Public
Inquiries into Disastrous Outcomes. The British Journal of
Social Work, 39 (2). 283-284.
Heldman, K., Baca, C., & Jansen, P. (2007). PMP: Project
management professional study guide. Hoboken, N.J: Wiley
Pub.
Hunt, J., & Carey, A. (2001). Audit committees: Effective
against risk or just overloaded? Balance Sheet, 9 (4), 37-39.
Institute of Risk Management. (2016). Retrieved from
https://www.theirm.org/about/professional-standards/strategy-
and-performance/risk-performance-and-reporting
PMI. (2009). Practice standard for project risk management.
Newtown Square, PA: Project Management Institute, Inc.
Risk reporting and reporting. (2016). Theirm.org. Retrieved 30
April 2016, from https://www.theirm.org/about/professional-
standards/strategy-and-performance/risk-performance-and-
reporting
Risk Management Planning Outline
Rique Giddens, Anne Saintilus, Katherine Entress, Maria

18. McPhatter, Robert Martinez, Tonya Townsend, Twanna Perkins-
Monroe
PM 584
Arnetra Arrington
4/25/16
Risk Management Planning Outline
A. Risk monitoring and Reporting Tools
A.
Risk Register Database
B.
Project Summary Risk Report
B. Risk monitoring and Reporting practices
A.
The risk register database is a system that tracks all the risks
that have been identified from the risk identification process
and provides all team members with information on the risks,
including any action plans.
B.
The project summary risk report is a summary of all the risks
that details out all of the information about them. It will lay out
the description of the risks, the impacts and likelihood,
consequences of not having a plan in place, and an action plan.
C. Explanation of their links to other procedures
A. The risk register stems from the risk management plan, but it
is a separate and live document where you record information
about risks as and when they get identified. Usual information
in a risk register includes risk ID, name, description, project
area or work stream, severity, likelihood, ownership,
action/mitigation plan, dates (registered, closed, etc.).
B. Project status reporting contains a section on risk
management, where new risks are presented along with any
status changes of existing risks.

19. A. Positive and negative aspects of risk monitoring and
reporting
A.
Positive aspects of Risk Monitoring are: the ability to identify
risks through effective communication, provision of clear
objectives, research, and use of tracking methods such as risk
auditing.
B.
One of the most concerning negatives of risk monitoring is the
cost increases of monitoring the risks (auditing process can be a
costly measure).
C.
Risk Reporting provides several ways to communicate risks
such as: risk registers, PM Plan, contingency planning,
workarounds, and Gantt chart usage, while promoting team
communication/collaboration.
D.
The negative side of Risk Reporting would be the lack of
accurate reporting of information, an increased amount of time
gathering data that is specific to the project could substantially
prolong the reporting and the project completion as a whole.
B. Lessons learned that could be applied
A. Have formal post-project review
B. Each Lessons Learned analyzed by a subject matter expert
(SME) before it is entered in to the database.
C. Lessons Learned process must ensure that the most
significant lessons are institutionalized.
C. Narrative that asserts theoretical application of risk
monitoring and reporting, including the analysis of project risk
reporting requirements
A. Risk monitoring and reporting reduces the crises in projects
from happening.
B.
Risk monitoring and reporting enable effective decision making

20. (Institute of Risk Management, 2016).
C.
The risk reporting systems need to be in line with other
organization performances manage structures (Institute of Risk
Management, 2016).
D. A summation of risk monitoring and reporting methods with
pros and cons of each, preferably with tabular format and a
supporting narrative
A.
Determine the risk priority based on the likelihood and
consequence of occurrence
B.
Risk probability and impact assessment
1. Pro-Simplistic and easily calculated
2. Con- Results are mostly subjective to individual
interpretation
C. Risk Categorization
1. Pro- Categories enable the management of activities and
requires systems and processes to be established early on (Hall
& Slembrouck, 2007, p. 283).
2. Con- Too many categories could derail focus of project
deliverables
D.
A project should seek to control risks by close and timely
monitoring and recording in a risk register. The tabular format
of risk reporting enables the assessment of risks at a quick
glance, offering imperative information in less detailed format.
E. Top two risk monitoring and reporting formats with an
explanation of why these formats were chosen
A. Risk Register Database – adatabase/spreadsheet format was
selected because this is the best way to display information.
Developing a paragraph style monitoring system runs the risk of
people not fully reading all the information documented and
skip vital information.

21. B. Project Summary Risk Report – this format was selected
because it is a great tool that provides the project owner/client
with updates on existing risks, opportunities, status on
deliverables and performance of the project.
References
Cooper, D., Grey, S., Raymond, G., & Walker, P. (2005).
Project Risk Management Guidelines. Wiley & Sons Ltd.
Development, Continuing. "What Are The 12 Key Elements Of
A Project Risk Register Template?". Continuing Professional
Development. N.p., 2013. Web. 25 Apr. 2016.
Hall, C., Selmbrouck, S., (2007). Professional Categorization,
Risk Management and Inter- Agency Communication in Public
Inquiries into Disastrous Outcomes. The British Journal of
Social Work, 39 (2). 283-284.
Institute of Risk Management. (2016). Retrieved from
https://www.theirm.org/about/professional-standards/strategy-
and-performance/risk-performance-and-reporting
"Risk Managers' Forum—The Importance Of A Risk Register In
Risk—Creating And Maintaining A Risk Register Protects The
Assets Of A Business 01/13". Roughnotes.com. N.p., 2016.
Web. 25 Apr. 2016.
1
RISK MANAGEMENT PLANNING
Risk Management Planning
7
Risk Management Plan
UOP
PM 584 – Project Risk Management
Twanna Perkins

22. Dr. Arnetra Arrington
Week 4
April 25, 2016
Risk Management Planning
Determine project risk management procedures and relay forms
of risk management
Project Risk Management Procedures
Step 1: Risk Identification. The team should begin by
identifying, uncovering and describing risks that could affect
the project or the final results.
Step 2: Analyzing of risk. The team should then determine the
possibility of the risk occurring and its consequences. The
nature of the risk should be understood and its likelihood to
affect the goals and objectives of the project.
Step 3: Ranking and Evaluation of the risk. This is done through
the magnitude of the risk being determined which is a
connection of probability to occur and consequences. This step
should further be added in the Project Risk Register.
Step 4:Risk Treatment. This is the step where the risks that have
been ranked highest are set aside and plans to treat or modify
them are put in place. To minimizing the occurrence of risk,
mitigation strategies are set as well as preventive plans.
Step 5: Monitoring and reviewing of the risk: This is a step
where the project Risk Register is used to track, monitor and
review the risks.
Forms of Risk Management
There are various forms of risk management. Enterprise risk
management is a form of framework that checks on potential
risks that could have negative impacts on enterprise.
Operational Risk Management is also a form of risk
management that deals with human errors and technical errors
in enterprises. Financial Risk Management is a form of risk
management that minimizes firm exposure to credit risk and
market risk using different financial instruments. Lastly we
have Market Risk Management where enterprises are made

23. aware of risks in the market (Hubbard, 2009).
Responses to 15-20 identified risks
1. If purchasing of cell phones is delaying due to incomplete
integration with the Inventory Information system, then
customers could end up finding other alternatives from the
competitors
2. If the supplier shipment delays the purchasing of cell phones
the customers could end up going to the competitors shops
3. If the wrong hardware are delivered, then customers could
end up asking for a refund while the company incur losses
4. If the employees are not well trained, then they will not be
able to utilize systems in the right way
5. If there is incompatibility of software, then there will be
communication problems between the online business and the
store inventory system.
6. If there are SRM data transfer problems, then the store and
online entities will not link properly.
7. If there is low electrical capacity, then there will be problems
handling added electronic equipment
8. If there is incorrect identification of unneeded personnel for
lay off, then the company will spend too much money on
paying the workers
9. If there will be poor functionality of switches, routers and
servers, then there will be great inconveniences during the work
process.
10. If store signs especially in new stores are not properly
made, there will be great time wastage while trying to locate
them.
11. If the Fiber optic Cable fails or has bad quality, then
internet and networking will greatly be distorted
12. If new store signs are delivered late, then there will be
delivery delays.
13. If there will be insufficient staffing for store scheduling,
then there will be delays of deliveries to the clients.
14. If the staffs online are not sufficient, then the online clients
will not be effectively attended to

24. 15. If there are issues between clouds based Instance and local
SQL Server, then compatibility between hardware and software
will be poor.
Risk Response Measures
After estimation of risk, then the risk level should be
determined if it is acceptable through comparing it with the
criteria that was determined in the stage of management
planning. Here it should be determined how every major risk
can be responded to. For the minor risks, they are dealt with
through acknowledging they are there and dealing with them
whenever they occur (Crockford, 2006).
A Risk Action Plan
There are a number of risks involved in my project. One
example of the risks is delay of supplier shipment of cell
phones.
Required Action
Status
Leader
Completed
1
Hardware check for compatibility
Existing systems in charge
Chris Jones
In progress
2
More supplier attainment
Payment done
Chris Jones
Completed
3
Testing of teaching methods of instructors to ensure employees
are well trained
Introduction of documentation of user friendly documents
Chris Jones

25. Completed
4
Hiring of experts to check on system architecture before it is
purchased
They are already hired
HR manager
Completed
Components of a Risk Action Plan
A risk action plan can be compared to a camping trip plan. Any
time a person is taking a trip to the wild, he is required to take
with him a sturdy tent so as to get protected from weather as
well as get a place to store his belongings for the period when
he will be in the wild. A risk action plan is in the same way
important since it helps project managers in analyzing, planning
and controlling potential risks. A risk action plan helps the
users to set off on a business journey through helping them to
put a number of emergency plans in to place.
To develop appropriately a risk action plan, a number of
components must be incorporated in the plan. To begin with the
risk is identified then evaluated. During the development of the
plan, the organization puts into consideration the types of risks
that are bound to occur and the costs that the company would
incur incase the risk occurred. Besides that, the people creating
the strategies of the action plan should also consider if the cost
incurred when the risk occurs is higher or lower than that
incurred when preventing the risk. The organization can always
take its chances if the prevention cost is higher than the cost of
dealing with the risk ones it occurs. A risk action plan should
identify the actions and procedures that ought to be taken in the
entire organizational arrangement to endeavor on reducing risk.
If all the measures in the action plan are followed in the right
way then they end up bringing positive impact as aspired on the
lessening of risk (Bent, 2013).

26. References
Bent, B. (2013). Megaprojects and Risk: An Anatomy of
Ambition. Cambridge University Press
Crockford, N. (2006). An Introduction to Risk Management (2
ed.). Cambridge, UK: Woodhead-Faulkner.
Hubbard, D. (2009). The Failure of Risk Management: Why It's
Broken and How to Fix It. John Wiley & Sons
INDIVIDUAL QUANTITATIVE RISK ASSESSMENT
Twanna Perkins
Dr. Arnetra Arrington
UOP
PM 584 – Project Risk Management
Week 3
April 19, 2016
Table of Contents
Executive Summary 3
Project Outline 4
General Project Requirements 4
Technical 4
Managing Risk 5
Risk Management Plan 5
Risk Management Team 5
The Risk Registry 5

27. The Risk Identification Process 6
Risk Evaluation & Assessment 6
Fault Tree Analysis 6
Communications Plan 7
Schedule 7
Project Duration 7
Project Risk Management Sequence 7
Quantitative Risk Assessment 8
Quality 8
Constraints 8
Budgetary8
Resource 8
Schedule 9
Project Scope 9
References 10
Appendix 11
Fig. 1 Qualified and Quantified Risk Matrix 11
Fig. 2 - The Project Risk Management Approach 12
RISK MANAGEMENT PROJECT
RISK MANAGEMENT PROJECT
1
2
Executive Summary
Acme Shoes, a store-front business, will merge with Acme
Boutique, an online retailer to form Acme Shoes & Boutique
Inc. Previously, Acme Shoes only sells shoes (shoes, boots,
sandals, etc.,) along with shoe accessories including shoe pads,
non-slip grips, shoe polish, etc. Inventory is currently stored in
the store. Post-merger, Acme Shoes may utilize additional
inventory storage in what is currently the Acme Boutique

28. warehouse. Acme Boutique currently sells clothing,
pocketbooks and fashion jewelry. Inventory is stored and
distributed to consumers upon purchase from their warehouse
exclusively. Both stores provide the latest in fashion at
reasonably affordable prices. The project will also include
introducing new technology into the retail store so that
customers can engage in self-checkout where they can scan the
items they want and pay for it with their smartphone. For the
sake of this paper, the merger and acquisition deal has already
been signed and approved. The context of the project risk
management for this paper will be applied to the post-merger
integration processes.
The anticipated enhanced value that will be acquired through
the merger will be achieved by attaining a seamless one-stop
shopping experience from head to toe online and in-store. We
intend to broaden the customer base by merging the online
customer base with the in-store customer base. Our inventory
will be combined to offer a wider selection of items, while
enabling consumers the ability to simplify their shopping
experience by offering an expansion of payment methods. Visit
a store, scan an item, and pay for it on your smartphone. Make
an online purchase, pick it up in-store and check yourself out.
Furthermore, we feel that by expanding point of sale (POS)
technologies by combining e-commerce with in-store shopping
and an optional cell phone payment method, we hope to create
an optimal retail experience with expanded choices that will
ultimately lead to customer satisfaction and grow our customer
base.
Project OutlineGeneral Project Requirements
The merger integration process will include milestones to
reflect personnel reductions where redundancy of position is
evident. Implementation of new cloud based systems as well as
local systems to manage inventory, invoices purchases,
employees, returns, and all other operational functions of both
the online store and well as the brick and mortar outlet.
Inventory systems between the outlet and the online stores must

29. always be kept in sync.
Technical
The merger to form Acme Shoes & Boutique Inc. will require
the integration of data that were previously used to operate
Acme Shoes and Acme Boutique as separate entities, so a data
migration process for both online and instore databases to a
common SQL Server cloud based database will be required.
VMware cloud based virtualization will need to be utilized so
that virtual machines running in the cloud can be reset on
moment’s notice with minimal downtime and so server
requirements will be minimalized as the company grows. In
order to facilitate the new business plan at the store level,
transaction processing equipment will be required for all cell
phone transactions to take place in a secured manner.
Additionally, each store will keep one local server for
redundancy such that if an internet connection is lost,
transactions may be performed locally. One instance of SQL
Server will be required on the local machine to facilitate
transaction and store data in the event that internet access is
down. The local machine will need to sync up with the cloud
instance of SQL Server when internet connections are
restored.Managing Risk
Risk Management Plan
The integration of Acme Shoes and Acme Boutique will
encounter risks associated with the process. Each risk will need
to be identified, measured and mitigated with contingencies to
reduce uncertainty and thus manage the risk to maximize the
success of the project.
From the get go, all project documentation will need to be
created, assessed and reviewed in order to establish a baseline
for the integration project upon which success or failure may be
measured. Inputs required are the project charter, the project
scope document, project management plan, the stakeholder
register, enterprise environmental factors and organizational

30. process assets as well as the M&A contract. Additionally, the
risk management plan will be created from the inputs mentioned
above, (Project Management Institute, 2013).
Risk Management Team
The risk management team will consist of the project manager,
1 manager from Previously Acme shoes, and 1 manager from
Previously Boutique. All managers will interact as necessary
with the entire body of stakeholders.
The Risk Registry
The risk registry will be created as a product of the risk
identification process which will include determining which
risks are probable (and the degree of probability) to affect the
outcome of the project. Identified risk characteristics (Category,
trigger, area of impact, impact level, and probability of
occurrence) will be quantified with a calculated risk score and
prioritized. Contingency plans will be developed as a means to
mitigate risk impact if they were to occur over the course of the
project. The Risk registry will be continuously monitored,
updated and utilized throughout the course of the project
(PMPNotes.com, 2016).
The Risk Identification Process
The risk identification process will require determining first,
which risks are possible to occur and affect the success of the
project. This will be performed using the enterprise
environmental factors, organizational process assets, , the
project scope statement, the WBS, and the project management
plan as inputs to this process (Project Management Institute,
2013).
The risk identification process will use methods such as
documentation reviews, info-gathering techniques, checklist
analysis, assumptions analysis, diagramming techniques and
group brainstorming sessions, questionnaires distributed to a
range of stakeholders, research, examination and assessment of

31. previously similar projects to identify, categorize, and
thoroughly document all risks identified (PMPNotes.com,
2016).
Risk Evaluation & Assessment
The risks that have been identified evaluated and accessed for
the post-merger integration process of Acme Shoes & Boutique
Inc. thus far may be viewed in the Appendix Fig. 1.
Fault Tree Analysis
Fault tree analysis is an engineering tool used to identify and
quantify probability of occurrence of a combination of events,
system states and potential causes that could possibly lead to a
given failure event outcome or top event (Cooper, et al., 2005).
Communications Plan
A project communication interface plan will be developed that
will incorporate all communication details within the context of
a matrix. All project team members will use this matrix to apply
communications to stakeholders as required. The
communications matrix will include Communication Type,
Objective of Communication, Medium, Frequency, Audience,
Communication Source, Deliverable and format.Schedule
Project Duration
The project is expected to extend through a period of nine
months from the start to the end. The actual WBS has not yet
been created and thus the actual phase schedule cannot yet be
determined.
Project Risk Management Sequence
The first phase of our project risk management process is to
establish the context (Objectives, stakeholders, criteria and to
define key elements) of the project followed by risk
identification, analyzing the risks, evaluating the risks and
developing and selecting contingency options and finally
applying contingency options to mitigate the risks (See:

32. Appendix, Fig. 2). This process is complemented with a
continuous communication and consulting process as well as
monitoring and reviewing risks ongoing throughout all 5 phases
of the project from Initializing through closing (Cooper, et al.,
2005).
Quantitative Risk Assessment
A number of project risks were identified and assessed for
probability of occurrence Severity of Impact individually on
schedule, scope, cost and quality/performance. Each risk was
ranked and risk response actions (contingencies) derived as a
possibility to mitigate the severity of each risk. Quality
Standards for quality as it applies to all deliverable will be
established and governed by the Project Management Office
(PMO). Quality of all deliverables will be assessed through
continuous test and monitoring techniques. Test and monitoring
methods will be incorporated into each phase of the WBS.
Acceptance criteria should be accessed in the project scope
statement for review (Project Management Institute,
2013).Constraints
Budgetary
Budget must be monitored continuously against project
progress. The use of earned value (Or Budgeted Cost of Work
Performed) calculations will be used as a metric to gauge
project costs against budgetary constraints. Fixed costs will be
calculated based on the tangible resource requirements for the
project (e.g. cost for server, computers, routers, new signs for
store, etc.) variable costs will include labor costs.
Resource
Resource constraints will apply primarily to personnel available
to complete project tasks although may also apply to tooling
and or equipment. Decisions regarding outsourcing will be made

33. once the WBS is in place and task allocation is performed and
additionally as a means to apply contingencies in the face of
risk events. Additionally the Utilization% = Total Effort spent
by resource/Total Budgeted Effort for the resource equation
may be utilized as a means of measuring productivity of
resources involved in project.
Schedule
The project schedule will monitor the Schedule Variance (SV)
to determine the current status of the schedule as needed.
Adjustments will be made according to the schedule status
throughout the course of the project. Using MS Project as a tool
to assist in managing the project will allow us to utilize the
PERT tool. This will allow us to simulate using expected,
optimistic and pessimistic views applied to specific task
durations as a means of getting a feel for project progress vs.
expected progress (Barkley, 2004).
Project Scope
The project scope will be monitored by the PM using the project
scope statement. Proposed changes to the project scope must be
brought before the governance committee for approval before
altering the scope of the project.
References
Barkley, Bruce. (2004). Project risk management. McGraw Hill.
New York.
Cooper, D., Grey, S., Raymond, G., Walker, P.(2005). Project
Risk Management Guidelines: Managing risk in large projects
and complex procurement. John Wiley & Sons, LTD. West
Sussex, Eng.
PMPNotes.com. (2016). Risk Management. Retrieved from:
http://www.pmpnotes.com/pmp-notes/risk-management
Project Management Institute. (2013). A Guide to the Project
Management Body of Knowledge (5th ed.). Newtown Square,

34. Pennsylvania 19073. ISBN 978-1-935589-67-9 (pbk. : alk.
paper)
Appendix
Severity of Overall Impact Key
Severe >8
Moderate 4-7.99
Low < 4
Severity of Impact Key
Severe 4-5
Moderate 2-3.99
Low .5 - 1.99
Fig. 1 Qualified and Quantified Risk Matrix
Risk Assessment for Acme Shoes & Boutique Inc.
Severity of Impact

35. Item #
Risk Description
Probability of Occurrence
Cost (C)
Schedule (S)
Scope (SC)
Quality/ Performance (QP)
Overall Impact Level =PoO*(C+S+SC+QP)
Risk Rank
Risk Response Action (Contingency)
1
Cell Phone purchasing transaction processing equipment
implementation delay due to incomplete integration
(middleware) with Inventory information system
25%
4
5
3
2
3.50
4
1) Require compatibility check of hardware with existing
systems to reduce chance of occurrence
2
Supplier shipment delay of Cell Phone purchasing Transaction
processing equipment
30%
5
4
4
3.5
4.95
2

36. 1) Require several sources for equipment. 2)Contact Vendor.
Offer payment incentive to expedite.
3
Supplier Equipment delivery of incorrect hardware
20%
4
5
1
1
2.20
5
1) Require supplier to call to verify equipment being shipped
prior to shipping
4
Employee training failure resulting in users incapable of
utilizing systems proficiently
50%
4
4
5
4
8.50
1
1) Test instructor's teaching methods and module on 3 people
prior to teaching others 2) develop user friendly documentation
on how to use systems
5
Software incompatibility problem between Online (Warehouse)
and store inventory systems
50%
3
3.5
1
2
4.75
3

37. 1) Hire 2 independent experts to review system architecture
proposal before committing to purchase 2) get proposed system
demonstrated prior to purchase
6
CRM Data transfer issues between store and online entities
15%
3
3
2
3
1.65
6
1) Test small set of data transfer prior to scheduling large data
transfer 2) get outside expert to review before committing
system architecture
7
Electrical capacity insufficient in store location(s) to handle
new electronic equipment
15%
2
2
1
1
0.90
10
1) Schedule city inspector review proposed electrical layout for
capacity. Make necessary changes to electrical system prior to
equipment installation.
8
Incorrect identification of redundant personal for lay off
10%
1
4
2
1
0.80

38. 12
1) Require HR review all documentation of redundant positions
prior to layoff. 2)Check with all applicable managers prior to
layoff.
9
Wireless, switches, routers and server functionality problems
10%
1
3
1
2
0.70
13
1) Require 2 expert reviews prior to system purchase approval
10
New store signs not properly made
10%
2
3
1
4
1.00
9
1) Send quality personnel to sign shop location to review sign
design prior to build
11
Fiber optic Cable installation quality issues/ failures
5%
2
2
1
5
0.50
14
1) Require full testing performed by installers prior to going
live

39. 12
New store signs not delivered on time
15%
4
3
1
3
1.65
7
1) Contract to disencentivize late shipment 2) keep Acme Shoes
sign up until new sign arrives and is approved for quality
adherence
13
Insufficient store schedule staffing
12%
4
2
1
4
1.32
8
1) Purchase staff scheduling software that alerts scheduler to
gaps in staffing requirements
14
Insufficient online support staffing schedule
5%
3
1
1
2
0.35
15
1) Purchase staff scheduling software that alerts scheduler to
gaps in staffing requirements
15
Syncing issues between store local SQL Server and Cloud

40. based Instance
7%
3
3
3
3
0.84
11
1) Require extensive testing before go live 2) Choose cloud
service most compatible with hardware and software used in
system design
Fig. 2 - The Project Risk Management Approach
(Cooper, et al., 2005).
1Qualitative Risk Assessment

41. Qualitative Risk Assessment
Rique Giddens, Anne Saintilus, Katherine Entress, Maria
McPhatter, Robert Martinez, Tonya Townsend, Twanna Perkins-
Monroe
PM 584
Arnetra Arrington
4/15/16
Qualitative Risk Assessment

42. A qualitative risk assessment is all about identifying risks and
developing plans so that these risks do not disrupt the project.
The tools that are used for this process are all about gathering
data and analyzing it to determine the probability of risks
occurring. Learning Team A will cover the descriptions of tools
and methods, risks from projects, how those risks could be
qualitatively analyzed, efficiencies or deficiencies and risk
scope and severity using qualitative methods.
Robert
Riordan Manufacturing is facing a number of risks with its
move from Hangzhou to Shanghai. One risk identified is
attrition. This is a risk that could possibly hurt the company in a
manner that they did not see coming with the move. The Risk
Breakdown Structure or (RBS) is chosen because it is a useful
tool to helps breakdown the risks in a method that the PM is
familiar with, thus making the risks easier to manage. The
advantage to using the Risk Breakdown Structure is the
similarities it has with another PM tool, the Work Breakdown
Structure (WBS). When the risk is broken down into smaller
categories with the RBS, it can create a number of risks that are
not useful to the project manager (Hillson, 2002). Rique
One of the tools that can help a project leader manage those
risks is the risk breakdown structure (RBS). It is in the same
structure as a work breakdown structure and it starts off with
the categories risks can fall under, then more specific risks are
listed under those categories. In the 195th organizational
Beddown project, one major risk identified was the
authorization of manpower. If the authorization is not approved,
then our manpower numbers will be extremely low. This risk
was discovered later in the project by redoing the RBS because
of changing requirements. During our teleconference, the risk
came about and we started to formulate a plan to address the
risk and get approval from headquarters. Risk scope can be
controlled with a RBS. Even though all risks are not identified,
the RBS has a wide net to catch many and it also aides in

43. change control management throughout the project for those
risks.
Twanna
Project - Acme A (online retailer) merges with Acme B (retail
storefront)
Identified Risk
If the emerging technology fails to impress customers or is not
user-friendly, then it may lead to very low sales and profit loss.
Risk Probability and Impact Assessment Tool
This tool is effective in determining the likelihood of risk
occurrence as well as its impact on the project activities by
determining the probability that the risk will occur and how it
will impact the project. Qualitatively analyzing the risk
involves testing a prototype of the technology on a group of 10
customers to observe their reaction. If seven out of ten
customers reject the technology, then the risk has a probability
of 0.7 which is high. The higher the probability, the greater the
chance consumers would likely reject the technology resulting
in huge losses for the company.
· Advantages: Simplistic calculations that are easy to discern
and to apply
· Disadvantages: Results are mostly subjective in both process
and metrics (Handbook of Information Security Management:
Risk Management and Business Continuity Planning).
Risk Scope and Severity Evaluation
If a defined layout for combining the two technologies is not
managed, it is possible for additional, non-documented
functionalities may be introduced that will cause additional
costs and time researching consumer user-ability. The Project
Manager should reference to the SOW (statement of work)
frequently, and each deliverable should be aligned to the WBS
(work breakdown structure). Stringent scope management will
reduce, if not eliminate scope creep which in turn will reduce
high levels of risk superficially related to merging new and
existing technologies.
Katherine

44. Risk Categorization
Risks within the project need to be categorized in some logical
method. Risks are categorized by type; internal or external for
example, and severity or level (Risk Categorization, 2016).
The risks identified for Riordan Manufacturing in the
Going Green initiative are lack of employee involvement in
carpooling. If the employees do not have dependable
transportation then the ability to carpool is significantly
reduced. Another potential risk to the going green project is the
outdated electrical systems in the manufacturing plants. If the
company is able to update the electrical wiring in the
manufacturing plants, then energy efficient appliances could be
purchased. Grouping risks into categories can assist the
company in prioritizing risks and further planning.
Risk Breakdown Structure
The RBS breaks larger risk groups into smaller
counterparts. The risk WBS is a more structured way to view a
risk, and relates to the main portions of the WBS for that
project (Cooper, Gray, & Walker, 2005). If the company fails to
consider the rewiring of the manufacturing plants then the
project could encounter budget and scheduling issues.
Tonya
One of the risks that need to be analyzed is utilizing the
Hangzhou Bay for additional shipping lines to service more
locations. The risk probability and impact assessment allows
the investigation of the likelihood that each specific risk will
occur and the potential effects on the schedule, costs and
performance utilizing the additional shipping area. The
assessment will be conducted by interviewing contractors from
the shipping companies, and documenting the results. The
interviews will provide a more detailed account of daily
activities and tasks. This process is very hands on and is great
for identifying risks with the daily activities. However, it does
not include other external risks that might occur. For example,
failure to secure necessary permits or to research the
infrastructure at the new location may add additional risks that

45. may not be revealed in this process. This process provides a
strong foundation to develop a treatment or action plan for each
risk listed. Research will also go in to
government/environmental guidelines regarding use of the bay.
Anne
Broward General Hospital recognizes the importance of
providing appropriate services to those that are in physical and
financial need given the increased cost in the pharmaceutical
economy. Management at the hospital has developed an interest
focusing on drug development projects. To stay viable, the
hospital must remain flexible and efficient. As a result, the
project manager in new and current product development, needs
to be in effect and resourceful. The awareness that active risk
management poses enables proactive project management which
is the primary goal. Risk categories are specific ways to group
risks under a common area. This provides a structured &
systematic approach in identifying risks to a consistent level of
detail. It is important to understand the nature of the primary
risks in this industry when developing a risk management plan
in drug development projects. In this case, the drug
development project risks are roughly grouped into two types:
controllable and non-controllable. The only probable reaction
action is to abandon the project if adverse events occur if the
risk related to the inherent features of the compound cannot be
affected (Angell, 2000).
Maria
To secure its presence in the world as the leading
environmentally safe plastic manufacturers, Riordan
Manufacturing senior executives sought out to ensure that its
presence is internationally known. Leaders within the
organization believe that relocating their Hangzhou facility to
Shanghai would be cost effective in the areas of transport and
introduction to an entirely new production increased
environment. To bring their objective/goal into fruition,
Riordan Manufacturing seeks the help of a Project Manager to
lead a team of experienced individuals to create a plan that will

46. produce the desired results. The project manager and team
believe that the first step in the project plan should be a review
of previous similar projects, and then risk mitigation planning.
Basic Priority-Setting Matrix
This matrix basically provides a simple communication of
identifying the likelihood of how a risk would affect a project
from low to high. (Cooper, Grey, Raymond, & Walker, 2004).
Conclusion
The purpose of the qualitative risk analysis is to help develop a
plan for identified risks that would have the highest rating or
impact on the project. Therefore, a detailed action plan and
resource allocation can be implemented in an effort to offset the
risks from happening or negatively impacting the project.
Carefully managing risks throughout the lifetime of the project
prevents scope creep and evaluates the scope as the project
progresses. This will give the project manager the opportunity
to adjust the scope if need be as the project evolves through the
implementation and execution phase. Effectively managing the
scope and implementing prevention and contingency plans after
thorough risk assessments will help ensure the success of the
project.

47. References
Angell, M. (2000). The Pharmaceutical Industry – To Whom Is
It Accountable? The New England Journal of Medicine, Vol.
342, No. 25. pp. 1902-1904.
Cooper, D., Grey, S., Raymond, G., & Walker, P. (2005).
Project Risk Management Guidelines. Wiley & Sons Ltd.
Risk Categorization and Managing Portfolio Risk.
(2016). Retrieved from https://firstforsustainability.org/risk-
management/managing-environmental-and-social-risk-
2_2/components-of-an-esms/risk-categorization-and-managing-
portfolio/
Hillson, D. (2002). Use a Risk Breakdown Structure (RBS) to
Understand Your Risks.
Retrieved from http://www.risk-doctor.com/pdf-
files/rbs1002.pdf

48. Risk Management Plan
PM 584 – Risk Management
April 5, 2016
Table of Contents
Executive Summary 3
Project Summary 4
Requirements 4
Technical 4
Managing Risk 5
Identified Risks 6
Schedule 6
Constraints 7
References 8
RISK MANAGEMENT PROJECT
RISK MANAGEMENT PROJECT
2
Executive Summary
Acme Shoes, a store-front business, will merge with Acme
Boutique, an online retailer to form Acme Shoes & Boutique
Inc. Currently, Acme shoes only sells shoes (shoes, boots,
sandals, etc.,) along with shoe accessories including shoe pads,
non-slip grips, shoe polish, etc. Acme Boutique currently sells
clothing, pocketbooks and fashion jewelry. Both stores provide
the latest in fashion at reasonably affordable prices. The project
will also include introducing new technology in the retail store
so that customers can engage in self-checkout where they can

49. scan the items they want and pay for it with their smartphone.
For the sake of this paper, the merger and acquisition deal has
already been signed and approved. The context of the project
risk management for this paper will be applied to the post-
merger integration processes.
The anticipated enhanced value that will be acquired through
the merger will be achieved by attaining a seamless one-stop
shopping experience from head to toe online and in-store. We
intend to broaden the customer base by merging the online
customer base with the in-store customer base. Our inventory
will be combined to offer a wider selection of items, while
enabling consumers the ability to simplify their shopping
experience by offering an expansion of payment methods. Visit
a store, scan an item, and pay for it on your smartphone. Make
an online purchase, pick it up in-store and check yourself out.
Furthermore, we feel that by expanding point of sale (POS)
technologies by combining e-commerce with in-store shopping
and an optional cell phone payment method, we hope to create
an optimal retail experience with expanded choices that will
ultimately lead to customer satisfaction and grow our customer
base.
Project SummaryRequirements
The integration of Acme Shoes and Acme Boutique will
encounter risks associated with the process. Each risk will need
to be identified, measured and mitigated with contingencies to
reduce uncertainty and thus manage the risk to maximize the
success of the project.
From the get go, all project documentation will need to be
created, assessed and reviewed in order to establish a baseline
for the integration project upon which success or failure may be
measured. Inputs required are the project charter, the project
scope document, project management plan, the stakeholder
register, enterprise environmental factors and organizational

50. process assets as well as the M&A contract. Additionally, the
risk management plan will be created from the inputs mentioned
above, (Project Management Institute, 2013). Technical
The merger to form Acme Shoes & Boutique Inc. will require
the integration of data that were previously used to operate
Acme Shoes and Acme Boutique as separate entities, so a data
migration process for both online and instore databases to a
common SQL Server cloud based database will be required.
VMware cloud based virtualization will need to be utilized so
that images of all store workstations can be reset on moment’s
notice with minimal downtime and so server requirements will
be minimalized as the company grows. In order to facilitate the
new business plan at the store level, transaction processing
equipment will be required for all cell phone transactions to
take place in a secured manner. Additionally, each store will
keep one local server for redundancy such that if an internet
connection is lost, transactions may be performed locally. One
instance of SQL Server will be required on the local machine to
facilitate transaction and store data in the event that internet
access is down. The local machine will need to sync up with the
cloud instance of SQL Server when internet connections are
restored.Managing Risk
The risk registry will be created as a product of the risk
identification process which will include determining which
risks are probable (and the degree of probability) to affect the
outcome of the project. Identified risk characteristics (Category,
trigger, impact, probability of occurrence) will be assigned a
weighted risk score and prioritized. Contingency plans will be
developed as a means to mitigate risk impact if they were to
occur over the course of the project. The Risk registry will be
continuously monitored, updated and utilized throughout the
course of the project (PMPNotes.com., 2016).
The risk identification process will require determining first,
which risks are probable to affect the project. This will be
performed using the enterprise environmental factors,
organizational process assets, (of both businesses after

51. reviewing and correcting for redundancies eliminated through
the merger process which should have been defined within the
project management plan), the project scope statement, and the
project management plan as inputs to this process (Project
Management Institute, 2013).
The risk identification process will use methods such as
documentation reviews, info-gathering techniques, checklist
analysis, assumptions analysis, diagramming techniques and
group brainstorming sessions to identify, categorize, and
thoroughly document all risks identified.
The risks that have been identified for the post-merger
integration process of Acme Shoes & Boutique Inc. thus far are
listed below:Identified Risks
Item #
Risk
1
Cell Phone purchasing Transaction processing equipment
implementation delay due to incomplete integration
(middleware) with Inventory information system
2
Supplier shipment delay of Cell Phone purchasing Transaction
processing equipment
3
Supplier Equipment delivery of incorrect hardware
4
Employee training failure resulting in users incapable of
utilizing systems proficiently
5
Software incompatibility problem between Online (Warehouse)
and store inventory systems
6
CRM Data transfer issues between store and online entities
7

52. Electrical capacity insufficient in store location(s) to handle
new electronic equipment
8
Incorrect identification of redundant personal for lay off
9
Wireless, switches, routers and server functionality problems
10
Fiber Optic Cable installation quality issues/ failures
11
CRM integration Problems between Online and in store
systems
12
Cell Phone purchasing Transaction processing equipment delay
due to incomplete integration with Inventory information
system
13
new Sore signs not delivered on time
14
new store signs not properly made
15
Insufficient store staffing schedule
16
Insufficient online support staffing schedule
17
Syncing issues between store local SQL Server and Cloud
based Instance
18
Poor communication between project team members
19
Lack of leadership and direction of project team
20
Noncompliance of documentation standards by project team
membersSchedule
The project is expected to cover a period of nine months from
the start to the end. The first phase of the project is the risk
identification, assessment and prioritization process which may

53. take a maximum of two weeks. The second phase of the project
is the Risk management which implement all the strategies and
mitigation measures developed against each risk. Therefore, the
second phase is likely to last for a maximum of five months
from the commencement of the project. The stage, phase three,
shall involve reporting and communicating the outcomes of the
project. The reporting and communicating process shall last for
a period of four months. Hence, it is the first phase of the
project which is rigorous because it involves a lot of research
and meetings. Constraints
Perhaps, the only constraints in the project are the laws required
to manage contracts or any other agreements in the project. The
project shall also have specific documents which outlines the
roles and responsibilities of each member of the project team.
Secondly, the project shall outline all the rules and regulations
required to maintain law and order in the project.
References
Project Management Institute. (2013). A Guide to the Project
Management Body of Knowledge (5th ed.). Newtown Square,
Pennsylvania 19073. ISBN 978-1-935589-67-9 (pbk. : alk.
paper)
PMPNotes.com. (2016). Risk Management. Retrieved from:
http://www.pmpnotes.com/pmp-notes/risk-management
University of Phoenix Material
Risk Management Plan Outline
The following elements must be included in your Risk
Management Plan. Your plan is not limited to the outlined
content. Specific detail and content is determined on the
scenario.
1) Executive Summary
2) Project Summary
a) Requirements
b) Schedule

54. c) Constraints
3) Risk Management Strategy and Process
a) Strategy
i) Application of resources
ii) Areas in which risk is accepted
b) Process
i) Risk identification
ii) Assessment
iii) Prioritization
iv) Management
v) Reporting and communicating
4) Executing Organization
5) Risk Identification
6) Risk Analysis
a) Explanation of risk analysis
i) Qualitative
ii) Semi-quantitative
iii) Assessment of risks
7) Risk Mitigation Planning
8) Risk Response Planning
9) Risk Tracking
a) Explanation of risk register
b) Presentation of risk register