PRINCE2 Agile 2016
Previous Section   Next Section

13.1 The PRINCE2 approach to the Risk theme

The purpose of the Risk theme is to identify, assess and control uncertainty and, as a result, improve the ability of the project to succeed.

13.1.1 What is a risk?

A risk is an uncertain event or set of events that, should it occur, will have an effect on the achievement of objectives. It consists of a combination of the probability of a perceived threat or opportunity occurring, and the magnitude of its impact on objectives, where:

  • Threat is used to describe an uncertain event that could have a negative impact on objectives
  • Opportunity is used to describe an uncertain event that could have a favourable impact on objectives.

13.1.2 Risk management procedure

PRINCE2 recommends a risk management procedure comprising the following five steps:

  • Identify (context and risks)
  • Assess (i.e. estimate and evaluate)
  • Plan
  • Implement
  • Communicate.

The first four steps are sequential, with the ‘communicate’ step running in parallel because the findings of any of the other steps may need to be communicated prior to the completion of the overall process. All of the steps are iterative in nature in that when additional information becomes available, it is often necessary to re-visit earlier steps and carry them out again to achieve the most effective result.

Figure 13.1 shows the elements of the risk management procedure.

Figure 13.1 The risk management procedure

Figure 13.1 The risk management procedure

13.1.2.1 Identify

Identify context

The primary goal of the ‘identify context’ step is to obtain information about the project in order to understand the specific objectives that are at risk and to formulate the risk management strategy for the project. The risk management strategy describes how risks will be managed during the project. The project’s risk management strategy should be based on the corporate risk management policy or on the programme’s risk management strategy.

13.1.2.2 Assess

Estimate

The primary goal of the ‘estimate’ step is to assess the threats and opportunities to the project in terms of their probability and impact.

Evaluate

The primary goal of the ‘evaluate’ step is to assess the net effect of all the identified threats and opportunities on a project when aggregated together.

13.1.2.3 Plan

The primary goal of the ‘plan’ step is to prepare specific management responses to the threats and opportunities identified, ideally to remove or reduce the threats and to maximize the opportunities. Attention to the plan step ensures as far as possible that the project is not taken by surprise if a risk materializes.

13.1.2.4 Implement

The primary goal of the ‘implement’ step is to ensure that the planned risk responses are actioned, their effectiveness monitored, and corrective action taken where responses do not match expectations.

13.1.2.5 Communicate

Communication is a step that is carried out continually. The ‘communicate’ step should ensure that information related to the threats and opportunities faced by the project is communicated both within the project and externally to stakeholders.

Previous Section   Next Section

Collapse