Risk Management Process


Project Workflow Management


by Dan Epstein

New York, USA


 This article is based on the book Project Workflow Management: A Business Process Approach by Dan Epstein and Rich Maltzman, published by J Ross Publishing in 2014. The book describes PM Workflow® framework, the step-by-step workflow guiding approach using project management methods, practical techniques, examples, tools, templates, checklists and tips, teaching readers the detailed and necessary knowledge required to manage project “hands-on” from scratch, instructing what to do, when to do and how to do it up to delivering the completed and tested product or service to your client. This article is the third article in the series Project Workflow Management.

The project workflow framework is the result of Dan’s research into the subject, having the following objectives:

  1. Create the virtually error-free project management environment to ensure significant reduction of project costs
    2. Reduce demands for highly qualified project managers using
    the step-by-step workflow guiding approach.

While PM Workflow® is the continuous multi-threaded process, where all PM processes are integrated together, this article will attempt to describe the Risk Management group of processes as a stand-alone group of processes that can be used independently outside of PM Workflow® framework. It will be difficult in this article not to venture into processes outside of Risk Management, such as planning, quality, communications and other management processes, so they will be just mentioned. However, to get full benefit and the error free project management environment, the complete implementation of PM Workflow® is required. In order to understand how PM Workflow® ensures this environment, I strongly recommend reading my article Project Workflow Framework – An Error Free Project Management Environment at (https://www.projectmanagement.com/articles/330037/Project-Workflow-Framework–An-Error-Free-Project-Management-Environment)

The article above provides the overview and explanation of how the project workflow framework works and achieves the established objectives.

For more information, please visit my website www.pm-workflow.com


The formal purpose of the Risk Management process is to ensure that all potential project risks (both threats and opportunities) are identified, their impact analyzed and risk management plans developed and implemented in order to eliminate or minimize the effect of threats and maximize the effects of opportunities on the project throughout its life cycle.

Since, by far, threats heavily outweigh opportunities in frequency and effect on projects and since the vast majority of your work as a project manager in the real world will be dealing with threats, the following description of Risk Management planning will deal only with negative risks, which you can read for the purposes of this article as “threats”.

Risk Management Planning provides a risk containment or response plan, which may change project estimates. Project risk is an uncertain event, which if it occurs, may have a negative impact on project deliverables in terms of the project cost, schedule and quality.

Risk Management consists of three elements:

  1. Risk Assessment, which is a process of identifying and analyzing risks.
  2. Risk Response Planning, whose main purpose is avoiding or minimizing harmful effects of threats on project cost, schedule and quality. This will involve planning responses to high-scoring risks (those with high impact and probability) or reducing their probability and/or impact. It also includes responses to low and medium-scoring threats.
  3. Risk Monitoring is the process of monitoring risk occurrence, adjusting the project plan for the response to each of the risks we have identified, and tracking the result of the risk response.

When a risk occurs, it is initially treated as an issue. As described in the Issue Management Process section of the book, some of the issues require generating the project scope change request and treating the risk containment plans as scope changes in accordance with the Scope Change Control process section.

Risk monitoring is further described in the Construction Frame.

Risk Assessment and Risk Planning Process Flow

The process of Risk Assessment and Planning is repeatedly executed many times during the project lifecycle. It is executed once before beginning of each project group of processes, called frames and also when significant project events happen during the project execution, such as major issues, large scope change requests or unsatisfactory project performance. By implementing the process, all significant threats should be eliminated or reduced to the level of low risks, because the project cannot start or continue when a high threat level challenges not only the project, but perhaps the entire organization. The process described here is executed in accordance with the risk assessment schedule, which is a part of the overall project schedule, and also if an additional risk is identified at any time during project execution.

The process flow is shown on Fig 6-1. The process consists of the following elements:

  1. Identify potential risks (P1-1)
  2. Determine probability of occurrence (P1-2)
  3. Determine Maximum Loss Value of each risk (P1-3)
  4. Calculate EMV (Expected Monetary Value) of each project risk (P1-4)
  5. Develop risk response plan (P1-5)
  6. Balance all acceptable project risks’ EMV (P1-6)
  7. Calculate total risk costs (P1-7)
  8. Determine severity of each risk (P1-8)
  9. Calculate each project risk rating (P1-9)
  10. Balance all acceptable project risks’ rating (P1-10)



To read entire article, click here


Editor’s note: This series of articles is based on the book Project Workflow Management: A Business Process Approach by Dan Epstein and Rich Maltzman, published by J Ross Publishing in 2014. The book describes the PM Workflow® framework, a step-by-step approach using project management methods, practical techniques, examples, tools, templates, checklists and tips.  The book teaches readers how to manage a project “hands-on” from scratch, including what to do, when and how to do it up to delivering a completed and tested product or service to a client.

How to cite this article: Epstein, D. (2018). Risk Management Process, PM World Journal, Volume VII, Issue VII – July. Available online at https://pmworldjournal.net/wp-content/uploads/2018/07/pmwj72-Jul2018-Epstein-risk-management-process-series-article.pdf

About the Author

Dan Epstein

New York, USA


Dan Epstein
combines over 25 years of experience in the project management field and the best practices area, working for several major Canadian and U.S. corporations, as well as 4 years teaching university students project management and several software engineering subjects. He received a master’s degree in electrical engineering from the LITMO University in Leningrad (today St. Petersburg, Russia), was certified as a Professional Engineer in 1983 by the Canadian Association of Professional Engineers – Ontario, and earned a master’s certificate in project management from George Washington University in 2000 and the Project Management Professional (PMP®) certification from the Project Management Institute (PMI®) in 2001.

Throughout his career, Dan managed multiple complex interdependent projects and programs, traveling extensively worldwide. He possesses multi-industry business analysis, process reengineering, best practices, professional training development and technical background in a wide array of technologies. In 2004 Dan was a keynote speaker and educator at the PMI-sponsored International Project Management Symposium in Central Asia. He published several articles and gave published interviews on several occasions. In the summer of 2008 he published “Methodology for Project Managers Education” in a university journal. His book, Project Workflow Management – The Business Process Approach, written in cooperation with Rich Maltzman, was published in 2014 by J. Ross Publishing.

Dan first started development of the Project Management Workflow in 2003, and it was used in a project management training course. Later this early version of the methodology was used for teaching project management classes at universities in the 2003–2005 school years. Later on, working in the best practices area, the author entertained the idea of presenting project management as a single multithreaded business workflow. In 2007–2008 the idea was further refined when teaching the project management class at a university.

Dan is an author of many publications in professional magazines, speaker at the international presentations, a guest at podcasts, etc. The Project Management Institute’s (PMI) assessment of his book says: “Contains a holistic learning environment so that after finishing the book and assignments, new project managers or students will possess enough knowledge to confidently manage small to medium projects”. The full list of his publications and appearances can be found at the website www.pm-workflow.com in the Publications tab.

Dan can be contacted at [email protected].

To see other works by Dan Epstein, visit his author showcase in the PM World Library at https://pmworldlibrary.net/authors/dan-epstein/