Risk is a fact of life that we as individuals deal with on daily basis. For example, on our way to work we face risks such as potential car accidents or the never forgiving rush hour traffic just to name a few. Without much thinking we try to mitigate and manage some of these risks, we may choose to leave the house early to avoid traffic and we have car insurance to protect ourselves in case of an accident. As it relates to project management, the risks and measures we implement to deal with it are not that much different. According to Lewis (2007), “risk is anything that can go wrong in a project that will affect the project targets” (p. 312); so the question becomes, how does a Project Manager (PM) deal with risk? We will discuss a four step approach to risk management.
To begin the process of risk management the PM must begin by generating a list of all possible risks that could affect the project (Gray & Larson, 2008). This can be accomplished by brainstorming with the project team to answer the following question: What could go wrong that could impact schedule, performance, cost, or scope of the project? Lewis (2007) suggests that this brainstorming session should be done without discussion or evaluation. Items brought up that are later deemed to not pose a risk to the project can be removed during the risk evaluation process at a later stage. Threats should also be included in the risk identification process. Threats differ from risks in that they are usually done by a competitor or adversary to counteract whatever you have done (Lewis, 2007). For example, a pizza shop may want to enter a new market by offering a low price and is unsuccessful because it’s competitor matches the price of the pizza. Unless the new pizza shop has some other competitive advantage it will not be successful in entering the new market.
Once the risk identification stage is complete, the risk events must be assessed. According to Gray & Larson (2008),...