Risk Management Made Easy



By Susan Parente

Washington, DC and New York, USA



Many people know and understand risk management but are struggling to integrate it into their project management processes. How can you seamlessly incorporate project risk management in an effective way for your projects?

The focus of this paper is on effective and efficient implementation of risk management within project teams. This paper discusses how to implement an effective risk management program. Successful strategies will be discussed to address common problems and challenges encountered while implementing project risk management within an organization.


The objectives of this paper on Risk Management Made Easy are to define and provide an overview of risk management, discuss the risk management process (including identification, assessment, response planning, execution, monitoring, documentation and communication), and lastly focus on how risk management directly applies to projects.

The goal of this paper is to provide readers with a framework on risk management for implementing on projects.


The Triple Constraint. The project management triple constraint (iron triangle) consists of: scope, time and cost (denoting the management of these project aspects). Often quality is shown in the middle of this triangle and Risk may be show as a cloud around the triangle, or in the background, as it is shown in figure 1 below.

Figure 1. The Triple Constraint

Fundamentally, only 2 of the 3 aspects of the triad can be selected (or detailed). The third is then determined by the aspects which are selected. This is particularly critical when changes occur to the project. The project performance baseline includes the baselines for these 3 project objectives: the scope baseline, the schedule baseline and the cost baseline. If any aspect of the approved project performance baseline is modified (through a change request, or otherwise), then at least one of the other 2 baselines will be effected. For example, if the project schedule is reduced by a month, either the budget must be increased, the scope of work schedule must be adjusted or the scope of the work must be decreased to meet the project objectives.

The other project objective of quality (also known as customer satisfaction) must be met but as a best practice is never changed to accommodate a change to time, scope or cost. What a customer requires to be satisfied is what they require. A customer will not generally agree to less than their interpretation of good project quality, even if the budget or schedule is reduced, or the project scope is increased.

Risk Defined. A Risk is an uncertain event or condition, which if it occurs, has a positive or negative effect on at least one objective. A risk is denoted using the properties of probability and impact. Probability is the likelihood of a risk occurring. It is the possibility of a project objective not being met using the current project plan. Impact is the consequence of a risk occurring. It details the penalty incurred, if the project objective, associated with the risk, is not obtained.

Risk exposure is calculated by multiplying a risk’s probability of occurring times the impact (usually denoted in days or dollars).

Probability x Impact = Risk Exposure

As shown in figure 2 below, increased probability and/ or impact increase the exposure of a risk.


To read entire paper, click here


Editor’s note: Second Editions are previously published papers that have continued relevance in today’s project management world, or which were originally published in conference proceedings or in a language other than English.  Original publication acknowledged; authors retain copyright.  This paper was originally presented at the 5th Annual University of Maryland PM Symposium in May 2018.  It is republished here with the permission of the author and conference organizers.

How to cite this paper: Parente, S. (2018); Risk Management Made Easy, paper presented at the 5th Annual University of Maryland Project Management Symposium, College Park, Maryland, USA in May 2018; published in the PM World Journal, Vol. VII, Issue 6 – June. Available online at https://pmworldjournal.net/wp-content/uploads/2018/06/pmwj71-Jun2018-Parente-risk-management-made-easy-umd-conference-paper.pdf

About the Author

Susan Parente

Washington, DC/ New York, USA





Susan Parente, PMP, PMI-RMP, PMI-ACP, PSM I, CSM, CSPO, CISSP, CRISC, RESILIA, ITIL, MS Eng. Mgmt. is a principal consultant at her company, S3 Technologies, LLC. She is a project engineer, consultant, speaker, author, and mentor who leads large complex IT software implementation projects, and the establishment of Enterprise PMOs. She has 19+ years’ experience leading software and business development projects in the private and public sectors, including a decade of experience implementing IT projects for the DoD and other federal government agencies. Ms. Parente is also an Associate Professor at Post University in CT. She has a BS in Mechanical Engineering from the University of Rochester in NY and has a MS in Engineering Management from George Washington University in DC. She also has a number of certifications, most of which she teaches and she is a CMMI and ISO 9001 Practitioner.

Ms. Parente is a Principal Consultant at S3 Technologies, LLC. Her company’s focuses on revitalizing projects through the use of risk management and implementing Agile practices. S3 Technologies does this by teaming with clients, stakeholders and vendors and using risk management and project agility to deliver project successes. Ms. Parente trains and mentors project managers in the areas of project management, agile project management, and risk management. She has developed a methodology which she uses to implement risk management programs for both small and large clients and is currently completing her manuscript for a book on implementing risk management.

Susan can be contacted at [email protected]