Project risk management is the art and science of identifying, analyzing, and responding to risk throughout the life of a project and in the best interests of meeting project objectives.
Negative risk involves understanding potential problems that might occur in the project and how they might impede project success. Positive risks are risks that result in good things happening; sometimes called opportunities.
There are six steps to the project risk management process, and these steps are repeated over the course of the entire project.
Risk management planning: Deciding how to approach and plan the risk management activities for the project.
Risk identification: Determining which risks are likely to affect a project and documenting the characteristics of each.
Qualitative risk analysis: Prioritizing risks based on their probability and impact of occurrence.
Quantitative risk analysis: Numerically estimating the effects of risks on project objectives.
Risk response planning: Taking steps to enhance opportunities and reduce threats to meeting project objectives.
Risk monitoring and control: Monitoring identified and residual risks, identifying new risks, carrying out risk response plans, and evaluating the effectiveness of risk strategies throughout the life of the project.
