How to Identify Meaningful Risk

Home / How to Identify Meaningful Risk
Risk identification is often overlooked as a meaningful step in the risk / project management cycle. Very often, we find that this step is done but not done with purpose. For example, the same risk is used from previous projects which results in a lack of meaningful analysis to understand the level of information or risk that is part of the project. From our side at, risk identification is the most important part of any risk cycle. The old saying comes to mind … poor information in … poor information out.

So here are some steps / tips in identifying risk. The following is a process that can be used for the identification of project risk

  1. Step 1: Assemble the team: – As stated, make sure that the team assembled represents all the key stakeholders in the project. This includes clients, functional groups that will perform the work, end users, suppliers and any other expertise that is deemed advantageous.
  2. Step 2: Review the project data: – The team must be clear about what deliverable’s they are expected to produce, any constraints, assumptions etc. that are relevant. It is important that everybody understands this information prior to the commencement of the risk identification process. Step 2 in particular should be performed in advance as stated above. If there are specific queries, they could be dealt with at the beginning of the meeting as appropriate.
  3. Step 3: Tape banner paper to the wall: – A large piece of banner paper should be taped to the wall. This will be the working space for the risk chart that the team will develop.
  4. Step 4: Add the names of the project deliverables to the chart: – Write the project name on the top of the chart. Create a post-it notes for each of the project deliverables and place them in a row underneath the project name.
  5. Step 5: Brainstorm possible risks for each deliverable: – Ask the question “What could go wrong?” Write every risk idea on the top half on a post-it notes (preferably a different colour to the deliverable for ease of manipulation later on). When all ideas have been exhausted, weed out duplicate or ridiculous risks.

When performing this exercise, it may be advantageous to categorise risk events. It is important however, when categorising risks not to narrow the focus of risk identification to only those categories. There are some risk events that may not fall into commonly used categories even within your organisation. Some common categories of risk and associated factors are:

  • Technical Risk
  • Solution complexity
  • Technical competence of the project resources
  • Previous experience in similar projects
  • Possible product performance shortfalls
  • Maturity level of the proposed technology
  • Product integration issues
  • External Risks
  • Financial viability of the project
  • Previous dealings with the client/subcontractors etc.
  • Previous experience in similar projects
  • Relationship with the project stakeholders
  • Business Risks
  • Financial viability of the project
  • Size of the project and project team
  • Location of the project team
  • Timely availability of key personnel
  • The potential for project scope changes
  • The impact of project decisions on other aspects of the project
  • Accuracy and completeness of the project specifications

Other potential categories, depending on the nature of the project may include:

  • Customer related risks
  • Contractor related risks
  • Supply risks
  • Risky project assumptions
  • The local/global economy

Step 6: Repeat steps 4 and 5 for activities on the work breakdown structure: – Again, weed out duplicate and ridiculous risks.

Best of luck with your risk identification.

Upcoming Courses

No Events