This document outlines the six steps of project risk management: 1) plan risk management, 2) identify risks, 3) perform qualitative risk analysis, 4) perform quantitative risk analysis, 5) plan risk responses, and 6) monitor and control risks. It describes the inputs, tools and techniques, and outputs of each step. The overall purpose is to systematically manage potential threats and opportunities to achieving the objectives of a project.

2.  Project risk management:
 1- Plan risk management. (planning)
 2- Identify risks. (planning)
 3- Perform qualitative risk analysis. (planning)
 4- Perform quantitative risk analysis. (planning)
 5- Plan risk responses (planning)
 6- Monitor & control risks. (Monitor & control)

3.  Plan Risk management: process of defining how to
conduct risk management activities for a project.
Inputs
• Project scope
statement
• Cost
management plan
• Schedule
management plan
• Communications
management plan
• EEF
• OPA
Tools & techniques
• Planning
meetings &
analysis
Outputs
• Risk management
plan

4. Plan risk management output
Risk management plan: describes how risk
management will be structured and performed on
the project and it includes:
 Methodology
 Roles & responsibilities
 Budgeting
 Timing
 Risk category
 Risk tracking.

5.  Risk impact scale definition

6. 2- Identify risks:
 Process of determining which risks may affect the
project and documenting the characteristics:

7. Inputs
• Risk management
plan
• Activity cost
estimates
• Activity duration
estimates
• Scope baseline
• Stakeholder register
• Cost management
plan
• Schedule
management plan
• Quality
management plan
• Project documents
• EEF
• OPA
Tools & techniques
• Documentation
review
• Information
gathering
technique
• Checklist analysis
• Assumptions
analysis
• Diagramming
techniques
• SWOT analysis
• Expert judgment
Outputs
• Risk register

8.  Identify risks tools & techniques:
 Information gathering techniques
Brainstorming
Delphi techniques
Interviewing
Root cause analysis
 Diagramming techniques
Cause and effect diagram
System & process flow charts.
 SWOT analysis

9. 3- Perform qualitative risk analysis
 process of prioritizing risks for further analysis or
action by assessing and combining their probability of
occurrence and impact.

10. Inputs
• Risk register
• Risk
management
plan
• Project scope
statement
• Scope baseline
• Organizational
process assets
Tools &
techniques
• Risk
probability &
impact
assessment
• Risk data
quality
assessment
• Risk
categorization
• Risk urgency
assessment
• Expert
judgment
Outputs
• Risk register
updates

11.  Perform qualitative risk analysis tools &
techniques
 Risk probability & impact matrix

12. 4- Perform quantitative risk
analysis
 process of numerically analyzing the effect of
identified risks on overall objectives

13. Inputs
• Risk register
• Risk
management
plan
• Cost
management
plan
• Schedule
management
plan
• organizational
process assets
Tools &
techniques
• Data gathering
&
representation
techniques
• Qualitative risk
analysis &
modeling
techniques
• Expert
judgment
Outputs
• Risk register
updates

14. 5- Plan risk responses:
 process of developing options and actions to enhance
opportunities and to reduce threats to project
objectives

15. Inputs
• Risk register
• Risk
management
plan
Tools &
techniques
• Strategies for
negative risks
or threats
• Strategies for
positive risks of
opportunities
• Contingent
response
strategies
• Expert
judgment
Outputs
• Risk register
updates
• Risk – related
contract
decisions
• Project
management
plan updates
• Project
documents
updates

16.  Plan risk Reponses tools & techniques:
 Strategies for negative risks or threats
 Avoid: changing the plan to eliminate the threats
entirely
 Transfer: shifting some or all of the negative impact of
the threats, with the ownership of the response to
another party.
 Mitigate: reduction in the probability or impact of a risk.
 Accept: when there is no other option except to accept
the risk.

17.  Strategies for positive risks or opportunities:
 Exploit: eliminating the uncertainty to ensure the
opportunity will happen
 Share: sharing the risk with a third party to capture
the opportunity
 Enhance: increasing the probability and / or positive
impacts of the opportunity.
 Accept: accepting the opportunity impacts without
pushing toward it.

18. 6- Monitor & control risks:
 process of implementing risk response plans, tracking
identified risks, identified new risks, and evaluating
risk process effectiveness throughout the project.

19. Inputs
• Risk register
• Project
management
plan
• Work
performance
information
• Performance
reports
Tools &
techniques
• Risk
reassessment
• Risk audits
• Variance &
trend analysis
• Technical
performance
measurement
• Reserve
analysis
Outputs
• Risk register
updates
• Organizational
process assets
• Change
requests
• Project
management
plan updates
• Project
documents
updates