As cliche as it might sound like, we must first understand what a Risk is before we can address Risk Management.
A risk is an uncertain event or condition that might affect your project if it occurs
Risk can be an event (for instance a fire breaks out) or a condition (like machinery parts are unavailable). In case the risk materializes, you will have a situation to deal with. Although an important point to consider here is that not all risks are negative. You may find an easier way to perform code testing (event) or find out that the prices of the machinery parts are lower than estimates (condition) which would then not be considered a risk but an opportunity. Some texts refer to it as positive risks or good risks.
So a risk (or opportunity) can affect your project positively or negatively. There are two types of risks that you should be aware of,
1. Business Risk
A risk that has an inherent chance for both positive or negative consequence. For example, profit or loss in business or a venture opportunity
2. Pure Risk
A risk that will always have a negative consequence. Some texts also use the term Insurable risk because such risks can be covered by an insurance policy. For example, direct damage to property due to a fire breaking out can be covered by fire insurance
In the context of project, Risk Management is all about identifying, analyzing and responding to risk factors. This helps manage uncertainty throughout the life of the project. The main objective of risk management is to increase the probability and/or impact of positive events and decrease that of negative events.
There are seven processes in the Risk Management knowledge area,
Plan Risk Management
This is the process of defining how to conduct risk management activities for the project. The risk management plan serves as a roadmap for identifying, analyzing and addressing risks on the project
This is the process of determining which risks may affect the project and documenting their characteristics
Perform Qualitative Risk Analysis
This is the process of prioritizing risks for further analysis or action by assessing their probability of occurrence and impact
Perform Quantitative Risk Analysis
This is the process of numerically analyzing the effect of identified risks on overall project objectives
Plan Risk Responses
This is the process of developing options and actions to enhance opportunities and to reduce threats to project objectives
Implement Risk Responses
This is the process of implementing agreed-upon risk response plans
This is the process of monitoring the implementation of agreed-upon risk response plans, tracking identified risks, identifying and analyzing new risks as well as evaluating risk process effectiveness throughout the life of the project
Check more articles on Risk Management