3.10 Risk Framework
A risk framework outlines the organization’s:
- risk management approach
- risk appetite
- risk tolerance
- accountabilities and responsibilities for managing risk.
In today’s world organizations should constantly reassess and update their framework – as frequently as weekly, or even daily. Organizations that are proactively managing their risk, controls and compliance activities will potentially be better positioned to respond to change e.g. businesses fast-tracked their digitization process in 2020, to enable effective remote working and ecommerce.
The hallmarks of a good risk management framework are: pragmatism, flexibility, informed decision-making and ecosystem connectedness.
Key Takeaways
- Uncertainty is about a state of not knowing or unpredictability and there are many degrees of uncertainty:
- Risk – Associated with not knowing future events.
- Ambiguity – Associated with not being aware of current or future conditions.
- Complexities- Associated with dynamic systems having unpredictable outcomes.
- Volatility – Associated with rapid and unpredictable change.
- Project risk is an uncertain event or condition that, if it occurs, has a positive or negative effect on one or more project objectives such as scope, schedule, cost, procurement and quality.
- An individual risk are specific events or conditions that might affect project objectives, elements or task.
- Overall project risk represents the effect of uncertainty on the project as a whole.
- Risk attitudes of the stakeholders determine the extent to which an individual risk or overall risk matters.
- Risk management focuses on identifying and assessing the risks to the project and managing those risks to minimize the impact on the project.
- Risk Management Processes has six steps in the process:
- Planning Risk Management Process
- Identifying the Risks
- Perform Qualitative Risk Assessment
- Perform Quantitative Risk Assessment
- Developing Risk Responses
- Monitoring and Control Risks
- The risk management plan identifies the processes and procedures to be used in managing risk throughout the life of the project.
- A risk breakdown structure (RBS) can follow the work breakdown structure (WBS) to identify risk by activity.
- Contingency planning is the development of alternative plans to respond to the occurrence of a risk event.