This document outlines the risk management plan for a construction project. It describes the risk management process, which includes identifying risks, analyzing them qualitatively and quantitatively, planning risk responses, and mitigating risks. It establishes roles and procedures for risk identification, tracking risks in a risk register, and providing status updates on risks. The overall risk level of this project is deemed medium on a scale of 0-100.
3. <Project Name> Version: 1.0
1 INTRODUCTION
1.1 PURPOSE OF THE RISK MANAGEMENT PLAN
Any kind of project is susceptible to risks of various natures that can have different degrees
of effect in the normal project. It may or may not have positive or negative effects on a
project’s objectives. Risk Management assists in the prevention and minimization of
unfavorable events. The objective of a risk management is to secure the project from risks
by identifying, assessing, responding to, monitoring, and reporting risks.
The purpose of the risk management plan is to establish the framework in which the
project team will identify risks and develop strategies to mitigate or avoid those risks.
However, before risks can be identified and managed, there are preliminary project
elements which must be completed. These elements are outlined in the risk management
approach.
This project is considered a medium risk project as it has an overall risk score of 24 on a
scale from 0 to 100. The project risk score is the average of the risk scores of the most
significant risks to this project. A risk score below 16 is low risk project, a score between
16 and 45 is a medium risk project and a score above 45 is a high-risk project.
Before risk management begins it is imperative that a foundation is established for
providing structured project information, thus, the following project elements were
completed and defined prior to developing this Risk Management Plan:
• Define work scope, schedule, resources, and cost elements
o Develop project WBS/WBS dictionary
o Develop master schedule and detailed schedules
o Estimate project cost and finalize budget
o Identify required and available resources
o Establish performance measurement metrics
• Define minimum and maximum baseline thresholds
o Schedule
o Resources
o Cost
• Baseline reporting requirements
o Format
o Frequency of distribution
o Distribution list
• Define Risk Management Roles and Responsibilities
o Project Manager chairs the risk assessment meetings
Page 1
Risk Management Plan
4. <Project Name> Version: 1.0
o Project team participates in risk assessment meetings and members serve as
meeting recorder and timekeeper
o Key stakeholders participate in risk assessment meetings
o Project Sponsor may participate in risk assessment meetings
The Risk Management Plan for the Construction of Scrap Tire Recycling Plant gives an
outline of the risk associated with the project by identifying, analyzing and managing the
risks involved.
2 RISK MANAGEMENT PROCEDURE
2.1 PROCESS
The approach we have taken to manage risks for Construction of Scrap Tire recycling Plant
included a methodical process by which the project team identified, scored, and ranked the
various risks. The most likely and highest impact risks were added to the project schedule
to ensure that the assigned risk managers take the necessary steps to implement the
mitigation response at the appropriate time during the schedule. Risk managers will
provide status updates on their assigned risks in the bi-weekly project team meetings, but
only when the meetings include their risk’s planned timeframe. Upon the completion of
the project, during the closing process, the project manager will analyze each risk as well
as the risk management process. Based on this analysis, the project manager will identify
any improvements that can be made to the risk management process for future projects.
These improvements will be captured as part of the lessons learned knowledge base.
The risk management process gives an outline to Project Manager and all the project
personnel of the future risk and gives an ample amount of time to come up with the
solutions beforehand. A well articulated Risk Management Plan helps in utmost resource
utilization, meet scheduling on time and prevent unwanted risks associated.
The risk management process comprises of some steps, but is not limited to, and if
followed properly helps in mitigating the risk or minimizing the effects. Some of the steps
are identifying the risk, identifying the source of the risk, measuring, evaluating, mitigating
and monitoring the risk.
The diagram below depicts the various steps involved in the risk management process.
Page 2
Risk Management Plan
5. <Project Name> Version: 1.0
2.2 RISK IDENTIFICATION
The task of the Risk Management Manager would be to identify all the risks associated
with the Construction of Scrap Tire Recycling Plant and submit it during the risk
identification process. After acquiring all the details about the risks the project team,
appropriate stakeholders would work on handling the risks. This process would also
include an evaluation of environmental factor, organizational culture and the project
management plan including the project scope.
Some of the important factors, which will be included in the identification process, are
project deliverables, assumptions, constraints, WBS, cost/effort estimates, resource plan,
and other key project documents.
A Risk Management Log will then be created and updated as and when needed. The log
will be stored electronically which can be used for future reference.
2.3 RISK ANALYSIS
In order to determine the severity of the risks identified by the team, a probability and
impact factor was assigned to each risk. This process allowed the project manager to
prioritize risks based upon the effect they may have on the project. The project manager
utilized a probability-impact matrix to facilitate the team in moving each risk to the
appropriate place on the chart.
Once the risks were assigned a probability and impact and placed in the appropriate
position on the chart, the recorder captured the finished product and the project manager
moved the process on to the next step: risk mitigation/avoidance planning
2.3.1 Qualitative Risk Analysis
The Project Manager will assess each identified risk based on the probability and impact of
occurrence for each risk, with input from the project team using the following approach:
Page 3
Risk Management Plan
6. <Project Name> Version: 1.0
Probability
• High – Greater than <70%> probability of occurrence
• Medium – Between <30%> and <70%> probability of occurrence
• Low – Below <30%> probability of occurrence
Impact
• High – Risk that has the potential to greatly impact project cost, project schedule or
performance
• Medium – Risk that has the potential to slightly impact project cost, project schedule or
performance
• Low – Risk that has relatively little impact on cost, schedule or performance
Risks that fall within the RED and YELLOW zones will have risk response planning which
may include both a risk mitigation and a risk contingency plan.
2.3.2 Quantitative Risk Analysis
The most likely and greatest impact risks have been added to the project plan to ensure that
they are monitored during the time the project is exposed to each risk. At the appropriate
time in the project schedule a Risk Manager is assigned to each risk. During the bi-weekly
project team meeting the Risk Manager for each risk will discuss the status of that risk;
however, only risks, which fall in the current time period, will be discussed. Risk
monitoring will be a continuous process throughout the life of this project. As risks
approach on the project schedule the project manager will ensure that the appropriate risk
Page 4
Risk Management Plan
Impact
H
M
L
L M H
Probability
7. <Project Name> Version: 1.0
manager provides the necessary status updates which include the risk status, identification
of trigger conditions, and the documentation of the results of the risk response.
The qualitative analysis will prioritize the risks based on the probability and the impact
criteria. The effect of the risks on the project activities will then be estimated, a numerical
rating will be applied to each risk, and then documentation will be done based on the
following steps:
• Identifying and valuing assets
• Determining the Single Loss Expectancy (SLE)
• Determining Annual Rate of Occurrence
• Determining Annual Loss Expectancy
• Determining the cost of controls
• Risk On Security Investment (ROSI)
• Results of the Quantitative Risk Analysis
2.4 RISK RESPONSE PLANNING
Each major risk (those falling in the Red & Yellow zones) will be assigned to a project
team member for monitoring purposes to ensure that the risk will not “fall through the
cracks”.
For each major risk, one of the following approaches will be selected to address it:
• Avoid – eliminate the threat by eliminating the cause
• Mitigate – Identify ways to reduce the probability or the impact of the risk
• Accept – Nothing will be done
• Transfer – Make another party responsible for the risk (buy insurance, outsourcing, etc.)
For each risk that will be mitigated, the project team will identify ways to prevent the risk
from occurring or reduce its impact or probability of occurring. This may include
prototyping, adding tasks to the project schedule, adding resources, etc.
For each major risk that is to be mitigated or that is accepted, a course of action will be
outlined for the event that the risk does materialize in order to minimize its impact.
2.5 RISK MITIGATION AND AVOIDANCE
The project manager has led the project team in developing responses to each identified
risk. As more risks are identified, they will be qualified and the team will develop
avoidance and mitigation strategies. These risks will also be added to the Risk Register
and the project plan to ensure they are monitored at the appropriate times and are
responded to accordingly.
The risks for this project will be managed and controlled within the constraints of time,
scope, and cost. All identified risks will be evaluated in order to determine how they affect
Page 5
Risk Management Plan
8. <Project Name> Version: 1.0
this triple constraint. The project manager, with the assistance of the project team, will
determine the best way to respond to each risk to ensure compliance with these constraints.
In extreme cases it may be necessary to allow flexibility to one of the project’s constraints.
Only one of the constraints for this project allows for flexibility as a last resort. If
necessary, funding may be added to the project to allow for more resources in order to
meet the time (schedule) and scope constraints. Time and scope are firm constraints and
allow for no flexibility. Again, the cost constraint is flexible only in extreme cases where
no other risk avoidance or mitigation strategy will work.
3 RISK REGISTER
The Risk Register for this project is a log of all identified risks, their probability and impact
to the project, the category they belong to, mitigation strategy, and when the risk will
occur. The register was created through the initial project risk management meeting led by
the project manager. During this meeting, the project team identified and categorized each
risk. Additionally, the team assigned each risk a score based on the probability of it
occurring and the impact it could potentially have. The Risk Register also contains the
mitigation strategy for each risk as well as when the risk is likely to occur.
Based on the identified risks and timeframes in the risk register, each risk has been added
to the project plan. At the appropriate time in the plan—prior to when the risk is most
likely to occur—the project manager will assign a risk manager to ensure adherence to the
agreed upon mitigation strategy. The each risk manager will provide the status of their
assigned risk at the bi-weekly project team meeting for their risk’s planned timeframe.
The Risk Register will be maintained as an appendix to this Risk Management Plan.
Page 6
Risk Management Plan