← Go Back

Risk management is one of the core project knowledge areas, an essential and ongoing process which can be described as the methodical process of identification, analysis and response to project risks involving several major phases which are similar to all projects.

Regardless of the methodology or approach, risk management processes generally include risk identification, analysis, risk response planning, risk monitoring and control. This article focuses on one of these major risk management processes, exploring what the risk analysis process in project management is by exploring useful tools and techniques.

The Risk Analysis Process in Project Management

The risk analysis process is what follows the Identification of Risks procedure and is distinguished by two clear categories: Qualitative and Quantitative Risk Analysis.

Qualitative Risk Analysis is the process during which one prioritizes risks for further action by assessing their probability of impacting project development.

    • Risk probability and impact assessment: During this stage every particular risk that might occur is investigated and analyzed in relation to its plausible effects, both positive opportunities and negative threats, on the project’s objectives (e.g. cost, schedule, quality, performance). Each risk is defined in levels my means of an interview, an investigation or a meeting with all related stakeholders to document the identified results.
    • Impact risk rating matrix: The documented results of risk probability can be described in qualitative terms, such as very high, high, neutral, low and very low. The risk rating is developed using a matrix which represents risk scales for each of the risks. The matrix documents the risk probability scale between no possibility (0.0 rate) and certainty (1.0 rate), as well as the risk’s impact scale, reflecting the severity of its influence on the project’s objective. This matrix helps to improve the quality of the data and make the process easier to replicate several times during the project.
    • Risk categorization: In this step, risks are grouped by common causes to determine the most exposed areas of the project and to help develop an effective risk response plan.
    • Risk urgency assessment: In some cases, the risk of urgency can be combined with the risk ranking, a method used to evaluate the degree to which data about risks is useful for risk management, generating a final sensitivity rating.
    • Expert judgement: On many occasions it can be helpful to take advice from experts, such as individuals with recent experience on similar project cases, through interviews or risk facilitation workshops.
Increase your business agility with Clarizen’s project management software

Quantitative Risk Analysis Process aims to numerically analyze the possibility of every risk and its effect on project objectives, as well as the degree of overall project risk. This procedure uses several techniques and methods such as data collection and representational techniques to determine the probability of achieving project objectives, to quantify the exposure to risks and develop a size and cost assessment schedule.

  • Interviewing stakeholders: To this end, one might carry out interviews to gather information and form optimistic (low rating) and pessimistic (high rating) risk scenarios.
  • Sensitivity analysis: Helps to define which risks have the most potential effect on the project. Generally, this analysis investigates the extent to which the uncertainty of each of the project’s elements influences the examination of the objective when other unclear elements are held at their baseline values and can be represented via a tornado diagram.
  • Expected monetary values analysis (EMV): Is a statistical method that measures the average outcome when the future includes scenarios that may or may not occur (such as positive values-opportunities, or negative values-risks). These are usually depicted by a Decision Tree Analysis, which is a diagram describing a decision under consideration and the implications of choosing from the available alternatives. This diagram, includes probabilities of risks and the subsequent cost or gain of each logical path.
  • Modeling and simulation: Is a tool that uses a model that converts the uncertainties into their potential impact on project objectives, generalized to the level of the total project. To help with this, one might use the Monte Carlo technique.
  • Cost risk analysis: For cost estimation analysis traditional project WBS can be used, otherwise, cost estimates can be used as input values, chosen for each iteration incidentally, according to the values probability distribution, in order to define the total cost.
  • Schedule risk analysis: The Precedence Diagramming Method (PDM) can be used for schedule risk analysis. It is a method of constructing a project network diagram that represents the activities and their connection with arrows to show dependencies. One can use this activity-on-node diagram to check whether the project objective will be completed by a certain date and within the cost estimation.
  • Expert judgment: Obtaining advice from experts to identify potential cost and schedule effects, evaluate possibilities, interpret data and identify weaknesses and strengths can be of great value.

Risks constitute a common reality on all projects. One of the biggest challenges a project manager has to face is to not become overwhelmed by the number or magnitude of possible identified risks. Instead, a good project manager should have the ability to focus on the important elements that could threaten the project’s smooth operation and subsequently develop a risk response plan. The risk analysis process in project management is one of the most important procedures in project management and it aims to minimize the liabilities of the project and ensure its path to successful completion.