2: Risk Management Plan

Let us start by defining risk management plan. It defines the structure and performance of risk process
during the project life cycle.

Risk management plan involves the methodology, roles and responsibilities of different players,
budgeting, timing on how the risk process will be performed throughout the project, scoring and
interpretation, thresholds to determine which risks will be acted upon and those that will not, reporting
formats as well as tracking.

2.1 Categories of risk

Let us now study different categories of risk and then know how these risks can be managed by the use of
planning processes.

There are many ways in which you can classify risks. Categories that are used depends on the
organization or the unit circumstances. You should group the risks in some meaningful, actionable and
standard groupings. Now let’s list categories of these risks.

a) Financial risks.

They include fraud, poor ways of budgeting, reduced funding of different projects, lack to safeguard
the assets, poor management of the cash flow and also there is when the value of the money goes
down.

b) Operational risks.

Such risks occur due to inappropriate procedures, policies, activities as well as systems. Some examples
are inadequate staff skill levels, risks associated with health and safety, not having a succession plan, poor
quality of services provided as well as poor IT systems.

c) Reputational risks

This is where we find some of the organization engaging themselves in activities that threaten its good
name. This can occur when members or staff act in an unethical manner or criminal ways and also
through associating with other bodies. Poor relations with the stakeholders can also cause reputational
risks.

d) Governance and compliance

This is also, another category of risk. Some of the examples are, not defining formal segregation of duties,
Board not over-sighting, compliance with funders terms and conditions as well as compliance with
legislation e.g. taxation law.

e) Strategic risks

This occurs when there is a failure in engaging in an activity that would support the stated objectives.
2.2risk register.
Let us first define what risk register is. A risk register is a management tool that is used in recording
details related to risks that are relevant. Usually, it’s a database containing information about risk. It is
advisable to keep it simple.

What are some parts of risk register?

First, there is Risk description: This is knowing the causes as well as consequences of the risk. Then
there are Actions or controls that have already been kept in place: This is a list of happenings occurring
now that helps reduce the impact of the risk or its likelihood. Also, there is an impact: In the scale of 1-
5, 1 represents minor whereas 5 represents catastrophic.

Then there is the Likelihood: In the scale of 1-5, 1 represents remote whereas 5 represents unavoidable.
Please note that this is only to reside likelihood. There is also weighting: this is risk ranking. Usually, a
figure is calculated and it is referred to as (likelihood* impact).

Risk owner is also another part of risk register: This is the management position, administrative unit
or a group that is in the best position to cater for the risk and manages it in an ongoing basis.

Another is The requirement of further actions: These are controls that have not been resolved and
could cause reduction of the impact of the likelihood of the risk.

Finally, there is Date: This shows the expected date when the actions will be carried out and will
effectively address the risk.

2.3 risk management process.

After understanding categories of risk, we will now study the risk management planning process.

First, we will define a risk management plan.

This is a document prepared by the risk manager to foresee risks, estimate their impacts and determine
responses to issues. By planning, you will be able to identify, prioritize and manage risks. As you know in
every project there are objectives and goals that have to be accomplished. They are usually termed as
Critical Success Factors. (CSF).

Managing risks of a project is a process that entails risk assessment and the development of preventive
strategies for those risks. In any project, there are always challenges that make a project manager look for
ways to effectively respond to them. What are some of these challenges? They include threats and
uncertainties that may hinder successful completion of the project.
Now, how can you face these challenges? Through designing and implementation of a template on risk
management plan, you can be able to handle the challenges.

Consider a project implementation guide. In risk planning, this is a very important component as it assists
you to know how to plan potential risks that may affect the implementation of your task and also, it helps
to lower the likelihood of negative results that may hinder you from achieving your goals and objectives.

What are the things you should know when planning for potential risks?

First, as a project manager, you should know the reasons that are likely to cause risks. Such information
will be useful to you as it will help benchmark in the direction you are supposed to take. Now let me list
some of the risks that may occur within a project.

 First are the changes in updates, circumstances and new developments.

 Second is advanced refinement and elaborations of the whole project planning process.
 Third are constraint changes such as time, scope and budget.
 There could also be changes in the initial project documentation such as project charter that may
have resulted from discussion or negotiations with stakeholders.

Now let’s get to know some of the benefits of efficient risk planning procedures.

 First, you will be able to save both financial and non-financial resources.
 Then, you will increase efficiency and stability of the operations and activities.
 You will be able to reduce the legal liability.
 More so, you will be able to protect people and property involved in the project work from harm
and injury.
 When you plan, you will also protect and strengthen the reputation of your employees and
organization.
 Also, you will increase the likelihood of successful implementation.


KEY STEPS YOU NEED TO KNOW TO DEVELOP RISK MANAGEMENT PLAN

You need to know, identify and determine which are potential risks and go for the options that will enable
you eliminate the risk. Here are some of the steps you need to follow to effectively plan for your project
risks. Make sure you take these steps prior to designing and implementation of the risk management plan.

Step 1: Identify the risk.

Risk identification is very important for a successful completion of a project. Here are some of the ideas
that will enable you to identify each and every risk.
  First, you can make use of a risk breakdown structure: This entails division of risks into portions
to allow better organization. Many risks are unrelated and categorizing them helps in proper
identification
 Second is developing a checklist. This entails knowing and developing a checklist that suits your
business. Every business is different.
 Third, you can look for assumptions: Operations of different projects are under some
assumptions. Client willingness, business climate, customer attitudes are some of the things that
make up the project. The question you should ask yourself is what happens if there are changes?
 Fourth is the experience of the previous project: many organizations may have a repeated project
they once had in the past. What are some of the issues they came across? They should be able to
use this past experience.
 The fifth one is expert judgment: This is where the expert gets to know and identify most of the
risks and proffer a means to tackle them.

It’s good you note that any activity in your project can cause losses. Having this in mind, you need to
monitor these loss exposures. But it is wise you first identify the risks.

First, make a list of your projects the goals and objectives. Then match every goal and objective with the
uncertainties and threats that may lead to the loss. Let’s take for example “the development of a new
software product.” What are the potential risks you are likely to face? Some of the potential risks are
improper functionality, product malfunction, user dissatisfaction as well as poor usability.

Step 2 is evaluating the risks.

What do I mean by this? After listing your goals and risks associated with them, the next step is to
evaluate these risks. This step involves two components.

 First, is assessment frequency which predicts the probability of each risk becoming real.
 Second, is estimating the severity which involves looking at the possible loss and cost risks
associated with the risk occurrence.

STEP 3: EXAMINATION OF SOME OF THE OPTIONS THAT CAN BE APPLICABLE.

After the identification of the risk, there is an assessment of their frequency and estimation of the severity.
You need to select a management technique in this step. Which are some of these techniques: Prevention,
retention, transfer, mitigation and avoidance.

2.4 Why management plan may fail or succeed.

First. Let us now look at reasons why management plan can succeed. A succession of the management
plan depends on all the stakeholders of that organization.

For a management plan to succeed;

  First, involve all the staff and management in the processes. By doing this, they will feel part of
the organization.
 Second, make a habit of checking if the controls are effective and relevant.
 The third is to ensure the risk owner takes the responsibility and control for the management
risks.
 Lastly, make sure you concentrate on the causes of the risk rather than its symptoms.

The other part we should discuss is why the management plan may fail.

 First, when there is no top management support, there is a failure.

 Second, when you don’t involve all the stakeholders
 Next is when you don’t share information with those who need to hear.
 There is also a limitation on the scope.
 Lastly, when risk management is not embedded in the planning and management system.