Risk management strategy for a typical project is a high-level plan that combines tools and methods for identifying, analyzing and mitigating negative consequences (the so-called threats) that can harm the project, while exploring positive consequences (the so-called opportunities) that can potentially improve the project.
In this context, in any project there are both threats and opportunities. A risk manager is a person how should take care of mitigating the likelihood of risk, while reducing the impact of threats and exploiting opportunities. That person needs to design a high-level plan of actions on how risks and opportunities will be managed during the course of work. Such a plan will be the foundation for immediately initiating the risk management process and utilizing necessary resources throughout the implementation lifecycle.
A risk management strategy is about the following:
- Developing the risk and opportunity management plan
- Taking steps to identify project risks and reduce the probability of their occurrence
- Communicating with project staff and contractors to collecting and analyze project risk management information
- Using project risk management software to process that information, create a risk register and share the project risk management database
- Generating and presenting project risk reports on review meetings
- Measuring the outcome of PM activities and recording lessons learned.
Two Components
Many articles and white papers published on the Web describe a risk strategy as a combination of activities for managing opportunities and threats. In this connection, a strategy for managing project risks can be considered a structured plan that consists of two components such as Opportunities Management and Threats Management. Let’s review each of the risk strategy components, as follows below:
1. Opportunities Management
If referring to previous project risk management strategy definitions, an opportunity is a positive outcome that may bring additional value to a project by allowing achieving improvement. Project opportunities management is a set of techniques and tools to help a risk manager to identify and understand possible improvements to the project objectives.
Often managing project opportunities refers to stepping through a 4-stage process (Identify, Analyze, Plan and Manage). The process is carried out following an opportunity management plan. Such a plan involves project risk manager in implementing formal and informal project risk management techniques (brainstorming, questionnaires, experience, and project history). It aims to identify opportunities and create an opportunities list that is prioritized and scheduled.
Once an opportunity is identified, it should be necessarily added to the risk register because any opportunity may cause additional threat.
2. Threats management
Actually this component of a strategy for project risk management refers to actions for identifying, analyzing and mitigating negative consequences that are risks. Threats management involves utilization of project risk management resources to describe risks, analyze their attributes, evaluate the probability of occurrence, and add identified risks to the risk register.
Like with managing opportunities, managing threats refers to a 4-stage process (Identify, Analyze, Plan and Manage). A project risk manager is responsible for organizing a team which will follow a risk treatment plan and report back on current progress of project risk management strategy.