One Size of Risk Process Does Not Fit All Projects


Dr David Hillson FIRM, HonFAPM, PMI Fellow


Different projects are exposed to different levels of risk, so the project risk management process must be scaleable to meet the varying degrees of risk challenge. While we can apply a common risk process to any project, that process can be implemented at different levels, from a few simple informal steps to a fully rigorous and integrated process.

A typical risk process should include the following eight steps:

  1. Risk Process Initiation: Define the scope, objectives and parameters of the risk process.
  2. Risk Identification: Identify all currently knowable risks, including both threats and opportunities.
  3. Risk Assessment: Evaluate key characteristics of individual risks, prioritise them for further action, and find any patterns of risk exposure. Optionally use quantitative techniques to evaluate the combined effect of risks on the project outcome.
  4. Risk Response Planning: Determine appropriate response strategies and actions for each risk.
  5. Risk Response Implementation: Implement agreed actions, determine whether they are working, and identify any secondary risks.
  6. Risk Communication: Inform stakeholders about the current risk exposure and its implications for project success.
  7. Risk Review: Review changes in risk exposure, identify additional actions as required, identify new risks, and assess the effectiveness of the project risk process.
  8. Lessons-Learned Review: Identify risk-related lessons to be learned for future projects.

How can we scale this process to fit the risk challenge of a particular project?


To read entire article (click here)

About the Author

Dr. David Hillson


Dr David Hillson CMgr FRSA FIRM FCMI HonFAPM PMI-Fellow is The Risk Doctor (www.risk-doctor.com).  As an international risk consultant, David is recognised as a leading thinker and expert practitioner in risk management. He consults, writes and speaks widely on the topic and he has made several innovative contributions to the field. David’s motto is “Understand profoundly so you can explain simply”, ensuring that his work represents both sound thinking and practical application.

David Hillson has over 25 years’ experience in risk consulting and he has worked in more than 40 countries, providing support to clients in every major industry sector, including construction, mining, telecommunications, pharmaceutical, financial services, transport, fast-moving consumer goods, energy, IT, defence and government. David’s input includes strategic direction to organisations facing major risk challenges, as well as tactical advice on achieving value and competitive advantage from effectively managing risk.

David’s contributions to the risk discipline over many years have been recognised by a range of awards, including “Risk Personality of the Year” in 2010-11. He received both the PMI Fellow award and the PMI Distinguished Contribution Award from the Project Management Institute (PMI®) for his work in developing risk management. He is also an Honorary Fellow of the UK Association for Project Management (APM), where he has actively led risk developments for nearly 20 years.  David Hillson is an active Fellow of the Institute of Risk Management (IRM), and he was elected a Fellow of the Royal Society of Arts (RSA) to contribute to its Risk Commission. He is also a Chartered Fellow of the Chartered Management Institute (CMI) and a Member of the Institute of Directors (IOD).

Dr Hillson can be contacted at [email protected].