How to Make a Risk Management Plan

As a project manager, planning is one of the most critical aspects of your job. While diligently planning for the milestones, project managers should also consider KPIs and outcomes that are vital to success. One often-overlooked aspect of project planning is creating a detailed risk management plan

Put simply, risk management plans help PMs record, plan for, and mitigate risks that could potentially throw a wrench in a project’s execution and final outcome. While it’s impossible to identify and plan for every possible risk that could impact your project, a properly prepared risk management plan will go a long way in preventing catastrophic damage due to a risk that you could have seen coming.

So, what exactly should you put in a project risk plan? Keep reading to find out and learn how Wrike can help you create comprehensive risk management plans that increase your project’s likelihood of success!

What do you put in a risk management plan?

It goes without saying that a project risk management plan should include a list of the potential risks that could arise during the project’s life cycle. However, In order to make the most effective project risk plan possible, you need to dig a little deeper. 

As you begin identifying your project’s risks, place them into one of the following three categories:

  1. Known risks: these are risks that are readily identified by you and your project team members. In other words, they’re the most obvious risks that you and others have likely encountered before or ones that are inherent in almost every project. Examples include blown budgets, resource limitations, and material shortages.
  2. Unknown risks: unknown risks are those that are not as obvious and not easily identified by you or your team members. However, upper-level management and project stakeholders often have insight into these potential risks. Seeking their input to discover these risks is a major part of developing your risk management plan. 
  3. Unknowable risks: these are risks that simply cannot be foreseen, such as an illness, accident, or system failure.

As you identify and classify the project risks, it’s important to consider the three elements of each risk in order to develop a plan to mitigate damage and disruption to the project. The three elements of a risk are:

  1. The actual risk itself — that is, the event or condition that may jeopardize either an element of the project or the entire project. It’s important to define each risk as clearly as possible so that appropriate responses can be prepared. 
  2. The consequences of the risk. Again, it’s critical to be as specific as possible so that project team members and stakeholders understand the gravity of the risk and its potential impact on the project. 
  3. The probability of the risk. Assessing the likelihood of each risk actually happening will help you determine how much time and resources to allocate toward planning for and potentially mitigating each risk. 

Now that your risk management plan establishes all the potential risks and their individual elements, it’s time to assign ownership of the risks and determine preemptive risk responses. Just as you assign project tasks to individual team members, your risk management plan should identify who’s responsible for monitoring and responding to each risk through the life of the project. 

Project risk responses typically fall under one of four categories: you can avoid the risk by pivoting your plan; you may transfer the risk to someone else, whether a team member, someone else within the company, or an outside vendor; you could mitigate the risk to reduce its impact on the project; or you could simply accept the risk and deal with the consequences accordingly. 

No matter which response you choose, the key is to document what each response looks like for each individual risk in the risk management plan before the project gets underway.

Risk management plan examples

Every risk management plan should contain the following elements: 

  1. Risk identification
  2. Risk evaluation
  3. Assignment of risk ownership to project team members
  4. Risk responses
  5. Plan to constantly monitor for new risks and address them appropriately

Here's an example of a risk management plan from the state of North Dakota that checks all these boxes.

How do you maintain a risk management plan?

Just like your project management plan, a risk management plan should be a living document that is continually monitored and updated throughout the project life cycle. As you encounter risks in the course of the project, reference them in your risk management plan and make note of which response was used, how effective it was in mitigating the risk, and what you could do next time to further prevent or minimize the risk’s impact on the project. 

A properly maintained risk management plan can be utilized in future projects to better plan and prepare for all three types of risk. For example, an unknowable risk encountered in Project A then becomes a known risk in Project B.

Tips for creating your own risk management plan

Creating and maintaining an appropriate risk management plan is much easier with the right tools at your disposal. With Wrike, you’ll have access to project matrixes and templates that help you easily identify and classify risks, document action plans, and monitor and update risks as you encounter them. What’s more, you can easily share this information with project team members and stakeholders. 

If you’re ready to see exactly how Wrike can help you mitigate project risks with your very own risk management plan, give it a shot for two weeks on us. Simply fill out the form below to start your free trial today!

Comments 0

Oops! This content can only be shown if you consent to cookies.

Find out more