Even the best planned and managed projects have risks, so the PRINCE2® method ensures that risk management is planned and integrated into the project management.
PRINCE® defines risk as "an uncertain event or set of event that, should it occur, will have an effect on the achievement of objectives".
(PRINCE2® text - ©Crown Copyright 2009 Reproduced under licence from OGC)
The PRINCE2® method of risk management includes:
- Identifying the project's context and risks
- Assessing each individual and aggregate risk exposure
- Planning risk response actions
- Implementing the risk response actions
- Communicating about risks
Risk Assessment includes:
- ESTIMATION - What is the probability and impact of each risk?
- EVALUATION - What is the overall level of risk exposure and is it within our appetite for risk?
Risk Management Actions include:
- For threats:
- AVOID - Can we do something else?
- REDUCE - Can we limit the impact or likelihood?
- FALLBACK - Can we do something after the risk event to reduce its impact?
- TRANSFER - Can we pass it to a third party?
- ACCEPT - Proceed anyway
- SHARE - Both parties share the pain (e.g. if exceed the cost plan)
- For opportunities:
- SHARE - Both parties share the gain (e.g. if less than the cost plan)
- EXPLOIT - Ensuring an opportunity will happen and its impact is definitely realized.
- ENHANCE - Doing something before the risk occurs to enhance its likelihood or its impact should it occur.
- REJECT - Deliberate decision to not seize the opportunity.
All risks, and information about them, are recorded in a Risk Register, and each risk is allocated an owner.
