All project managers worth their salt know the importance of conducting robust risk management.
Without it projects lay themselves open to issues that might not only hurt but may (and can) completely derail them adding to cost and lead time in such a way that renders the project unfeasible.
Whilst the actual process of risk management is well known (gather your risks, review them and develop mitigation strategies) all too often project teams get too blasé about risk and omit the fundamentals.
• Risk management service requires sustaining it is not merely a onetime only process.
• Understanding the role that potential impact has in determining what you do.
The role of impact
Most project managers when assessing risk will create some form of risk register or log that is used to capture risks for future review.
Whilst these logs vary in style and content most will include some common elements.
Of these, impact, is one of the important ones! Impact describes what will happen if the risk is realized. For example you may carry a risk that on your IT project that the software may not meet the needs of the customer.
Let's consider the impact of this for a moment – the customer could – withhold payment, require costly rework at the project teams expense, the project team may be required to do further activities such as more detailed requirements gathering or coding.
Fundamentally the impact will come down to two things –
• additional time required to undertake new tasks and
• additional budget
For many project teams looking to skimp on risk management impact can often be scored in terms of High, Medium, and Low and while this is a crude method it doesn't really do the job justice. All risks are not created equal and do need different management methods.