Project Management Professional (PMP)® Articles - Five Tips for Incorporating Risk Management

Five Tips for Incorporating Risk Management into Your Project Management Strategy

According to, a risk is defined as "a probability or threat of damage, injury, liability, loss, or any other negative occurrence that is caused by external or internal vulnerabilities, and that may be avoided through preemptive action." While it is not always the most pleasant thing to think about, the components of this definition directly relate to project management. There is always a threat or hazard to deal with that may negatively impact your project. Whether it be related to budget, ethics, or meeting completion, the risk of not meeting your goals or project failure looms large. The numbers show that many project managers do have legitimate worries regarding project management success:

  • According to Geneca, 75 percent of business and IT executives anticipate that their projects will fail.
  • The Standish Group found that fewer than a third of all projects were successfully completed on time and on budget in 2016.
  • Data gathered by ProofHub found that only 2.5 percent of companies successfully complete 100 percent of their projects. They also found that only 40 percent of projects meet schedule, budget, and quality goals.

There is a lot to make project managers feel that most of their job is defined by mitigating risk. The chance that you may not come in under budget, or that deadlines or goals will not be met are issues most project managers have to deal with consistently. However, there are ways to blend in risk management with project management and ensure that you are accounting for potential threats to project success. Take a look at these tips for incorporating a risk management strategy into your project management process:

Understand the Risk You and Your Team are Facing

To truly prepare for anything that may come your way, you first have to identify what "anything" is. While there may be some anxiety around focusing on the "negative," engaging in this process will allow you to create a strategy for handling as many risky situations as possible. A great way to start this process is by involving as many individuals who will have a hands-on role with the project. This list includes team members and any internal stakeholders who may have a vested interest in the deliverable you are creating. These individuals will likely have a unique perspective on the project and can provide additional types of risk to watch out for. It is also a good idea to look back at past projects to get a sense for risky situations you may have faced and examine how you can prepare for them now.

Work to Decrease Surprises

While there will always be things that come that you cannot adequately plan for, there are common occurrences that happen that you can build into your project management strategy. Begin to look at past trends of how other projects have gone and incorporate these into your current PMP risk management strategy. For example, if you are working with a client whom you know likes to request spec or scope changes, adjust your schedule to allow for this. Extend the project schedule past what you usually would set, and even add in more funds to the budget to pay workers to handle these potential changes. You can also build in time to get their feedback on current progress to handle any alterations sooner in the process. Do what you can to plan for the "surprises" you know are likely going to come.

Assess All Risks

Now that you know the risk that can occur, and have a way to handle the ones you "know" are likely going to arise, it is time to assess the risks that are less predictable. This process will require you and your team to look at past data as well as the scope of your current project to decide on the likelihood that the risk will happen. The first type of risk assessment process is qualitative. This one typically is more descriptive and may use a "Low, Medium, or High" designation to determine relative risk. For example, you may discuss the likelihood of running over budget with your team. Going on past data as well as the size of the project you may deem this risk as "High" since everyone remembers this being an issue in the past.

On the other hand, you can also use quantitative risk assessment. Rather than using descriptions, this is where you would assign a number to indicate the probability of this situation occurring. Again, much like the previous example, you might depend on past data while also using a project management model and priority list to arrive at a viable conclusion on the likelihood of this occurrence.

Encourage Your Team to Commit to Transparency and Open Communication

Before moving forward with outlining a risk management plan, it is helpful to discuss with them the importance of accountability, transparency, and consistent communication. While you are working with your team to plan for risky situations, there are always going to be problems that arise that may not have been discussed. Therefore, it is crucial that everyone has a way to communicate these issues to one another if something occurs.

If you are working across multiple departments, you may want to designate a leader for each one that could be a contact point person for issues that arise. This step is where you also want to lay out preferred modes of communication whether that be email, instant messaging, or video conferencing. Ensure you have a process for discussing these issues and a location to carry out these discussions. Also, be sure you emphasize the importance of not waiting to inform others of a risk situation. Let your team know that they should notify the proper individual as soon as possible so the information can reach you in a timely fashion.

Decide How You Will Respond to Specific Risks

There are numerous risk management strategies in project management to undertake depending upon the situation presented by the risk. Relating to risk response development, there are four main tactics. They come in the form of avoidance, transfer, mitigate, and accept.

  • Avoid – This tactic requires you to change your project management plan to handle the issue. For example, you may extend the schedule or reduce the scope to manage risks associated with time adequately. You have avoided the danger by altering your plan in some way.
  • Transfer – Here, you do not eliminate the risk but pass it on to another person or organization. This situation likely occurs in the form of purchasing insurance, a fixed price contract, or even hiring a freelancer or contractor.
  • Mitigate – This step in the process allows you to reduce risk. This may be through safety training, assigning certain activities to team members based on experience, or making a process more straightforward to do and understand.
  • Accept – There are times when even planning may not reduce or get rid of risk. So, some teams decide to accept it. Specifically, they do not plan to take any action to avoid, transfer, or mitigate the risk. They may just deal with the consequences or use contingencies to ward off any resulting negative impact.

Each risk is unique, and it will be up to you and your team to decide which of these methods is appropriate at the time. While avoidance and mitigation will likely be preferred, there could be times where transferring and acceptance may be the only option. The goal is to reduce the negative impact the last two tactics may have on your project and the organization as a whole.

Final Thoughts

Risk management is just as crucial as developing an overall project management plan. While a lot of your job as a project manager is managing your team, and jumping in when you can, much of your role will be to identify and prepare for the risks that will arise. It is impossible to see the future, but past data, the experience of you and your team, and a general dedication to seeing the project through to completion will give you the tools you need to incorporate risk management into your project management strategy. Risk management is not just a process you do at the beginning, but it is a continuous improvement strategy that should be carried out throughout the duration of the project. Training yourself and your team to always be on the lookout for risk will allow you always to have the upper hand when it comes to risk management strategy.


13 Eye-opening stats about project management,

The Standish Group Chaos Manifesto 2013,

Project Risk Management Basics,

Qualitative Risk Analysis and Assessment,

Qualitative Risk Analysis vs Quantitative Risk Analysis,

Rethink Your Project Risk Management Strategy,

Why Up to 75 Percent of Software Projects Will Fail,