11.1 Risk Identification

Introduction

Risk identification consists of determining which risks are likely to affect the project and documenting the characteristics of each.

Internal risks can be controlled or influenced but external risks are beyond the control or influence of the project team. Risks may include opportunities as well as threats.

11.1.1 Inputs

Product description
Other planning outputs
Historical information

11.1.2 Tools & Techniques

Checklists
Flowcharting
Interviewing

11.1.3 Outputs

Sources of risk
Potential risk events
Risk symptoms
Inputs to other processes

11.1.1 Risk Identification - Inputs

11.1.1.1 Product description

The nature of the product will have a major effect on the risks identified. Products that have proven technology will involve less risk than those that require innovation or intervention.

11.1.1.2 Other planning outputs

The outputs from processes in other knowledge areas need to be reviewed:

WBS - non-traditional approaches to detail deliverables may offer new opportunities
Cost estimates and duration estimates - aggressive estimates will involve more risk
Staffing plan - identified team members may have unique skills that would be hard to replace
Procurement management plan - market conditions may offer opportunities to reduce costs

11.1.1.3 Historical information

Historical information on previous projects may help in identifying potential risks. Sources of such information are:

Project files
Commercial databases
Project team members - individual members of the team may remember previous occurrences or assumptions

Return to Top of Page

11.1.2 Risk Identification - Tools and techniques

11.1.2.1 Checklists

Checklists are typically organized by source of risk. Sources include the project context, other process outputs, the product of the project or technology issues, internal sources, etc.

11.1.2.2 Flowcharting

Flowcharting can help the project team understand the causes and effects of risk.

11.1.2.3 Interviewing

Risk-oriented interviews with various stakeholders may help identify risks not identified during normal planning activities.

Return to Top of Page

11.1.3 Risk Identification - Outputs

11.1.3.1 Sources of risk

Sources of risk are categories of possible risk events that may affect the project for better or worse. The list should be comprehensive and may include:

changes in requirements
design errors, omissions
poorly defined roles and responsibilities
poor estimates
insufficiently skilled staff

Descriptions of the sources of risk should generally include estimates of (a) the probability that a risk event from that source will occur (b) the range of possible outcomes (c) expected timing and (d) anticipated frequency of risk events from that source.

11.1.3.2 Potential risk events

Potential risk events are discrete occurrences such as a natural disaster or the departure of a specific team member that may affect the project.

Descriptions of potentia risk events should generally include estimates of (a) the probability that a risk event will occur (b) the alternative possible outcomes (c) expected timing of the event and (d) anticipated frequency.

11.1.3.3 Risk symptoms

Risk symptoms, sometimes called triggers, are indirect manifestations of actual risk events and may be early warnings.

11.1.3.4 Inputs to other processes

Other areas requiring more work may be identified as a result of this process.

Return to Top of Page