15 Best Practices For Effective Project Risk Management

Editorial Team

15 Best Practices For Effective Project Risk Management


In project management we have unforeseen and uncertain or unplanned events that can impact a project either positively or negatively. A negative risk is normally referred to as a threat whereas a positive impact on a project is an opportunity. In other words, a risk is any unexpected event or result that may negatively affect the projects timetable. Generally, a risk can affect the people, processes, technology and resources involved in a project.

Many times a risk is unpredictable and you may not tell when it will occur. Due to their uncertainty, project risks require serious preparation in order to manage them efficiently and effectively. Therefore, project risk management refers to the process where project managers use their experience and other professional tools to minimize any potential problem that may be a threat to the success of the project.

Types of Project Risks

According to Anna Mar (2013), there about 22 types of project risks. Project risk management activity involve identifying, assessing, measuring, documenting, communicating, avoiding, mitigating, transferring, accepting, controlling and managing the risk. Risk identification is intuitive for project managers with experience.

The following are some of categories of risks:

Executive Support: This is one of the main risks experienced by project managers during project management. It is mainly caused by a wavering, inconsistent or weak executive commitment. A clear solution for this is met by asking for a specific commitment and where denied you can document it as a risk.

Scope: This is based on the quality of your estimates, dependencies and scope before starting a project. If you guess the estimates, then there is high likelihood of occurrence of a risk. If the team of your work or project managers are unsure about a particular estimate then this is a risk. It is important to have clear and accurate estimates before the commencement of a project.

Change Management: A project requires to be closely monitored to ensure a continuous flow of work. Mostly, a change in management its an implication of a project that has failed because they continually add budget and time to the project.

Stakeholders: The attitude of stakeholders towards a project matters a lot in project management. Stakeholders with negative attitude towards a project may intentionally become a stumbling block in every step of the way. Also, if there is an anticipation of a conflict or lack of cooperation between stakeholders then that’s a big risk.

Resources and Team: Resources are essential in every project. Issues on resources such as turnover and learning curves are common project risks. The team’s skills play a very critical part in a successful project management. Inexperienced or a team that want to acquire relevant skills affect greatly the project management.

Design: Low quality design is a risk. The flexibility and feasibility of the architecture and design are a key to the success of a project.

Technical: The type of technology is pivotal in the success of a project. Flaws should be detected and corrected before the start of a project. For a project to be successful relevant technology should be put in place.

Integration: Whatever is delivered need to be integrated with the processes, organization, systems, culture and knowledge of the environment.

Requirements: Garbage in, garbage out. Feasibility, quality and completeness of the requirements is very important.

Procurement: Uncorrupt procurement process is very important in risk management because of the required quality of work.

Authority: The teams for the project usually lack authority to complete project work and this influence to achieve project objectiveness.

Others: Quality, Feasibility, Decision Making, Approvals and Red Tape, Organizational, External, Project Management, User acceptance or commercial.

Project Risk Management

There are many project risks which need to be done away with for a successful project. There are 5 steps for a sound project risk management:

1. Identify the Risk

This is the first key step for a sound risk management in projects. This step involves uncovering, recognizing and describing the risks that might affect the project or the outcome of the project. The early the identification of the risk the better. Therefore, risk identification refers to the process of listing the potential risks and their characteristics. The results of risk identification are usually documented in a risk register. The risk register includes the listed risks along with their sources, potential risk responses and the risk category. This information is further used for risk analysis which in turn will support creating risk responses.

The main aim of risk identification is to ensure that all risks are identified. Ultimately, the purpose of risk identification is to minimize negative impact of project hiccups and threats and to maximize the positive impact of the project opportunities. Its through the Identification of a risk that the project manager is able to control the impact of the risk on the project. Potential project risks awareness reduces the numbers of surprises during the project delivery and, thus, improves the chances of project success allowing the team to meet the time, schedule, and quality objectives of the project.

Identification of risk allows one to create a comprehensive understanding that can be leveraged to influence the stakeholders and create better project decisions.  Therefore, good risk identification creates good project communication and eventually good project decisions. Consequently, risk identification is the foundation of good risk management and no spreadsheet or any fancy tool that will overcome poor tax identification.

The whole team should be involved in tax identification since its typically is one of brainstorming and all the brainstorming rules apply. All members of the project team should identify all the potential risks in a project.

2. Analyze the Risk

Risk analysis is basically risk assessment. Risk assessment is very important. It refers to a careful examination of what in the project could cause harm to people, so that they can take precautions or what they should do to prevent harm.

A good risk assessment has 5 steps to be thorough and successful.

  • Identify the hazards: During risk assessment project managers should be able to distinguish a risk and hazard. Something with a potential to cause harm is referred to as hazard whereas a risk is the likelihood of that potential harm being realized. Hazards are identified using techniques such as walking round working place or asking your employees.
  • Decide who might be harmed and how: These includes the team members working in a warehouse or any other construction site.
  • Evaluate the risk and decide on the control measures: This is done sequentially after the above two steps and its aimed at protecting the people from the harm. The hazards can be removed completely or the risk controlled so that the injury is unlikely.
  • Record your findings: These is the process of listing or putting down in writing and it’s a legal requirement. This is done immediately after the know-how of the hazard and how they might be harmed.
  • Review your assessment and update as and when necessary: This is actually the reviewing of the risk assessment since work places stay the same.

3. Evaluate or Risk Ranking

Evaluating the risk is done by determining the risk magnitude (size) which is a combination of likelihood and the consequence of a risk occurring. This is where the project manager identifies the consequence and the probability of the risk to occur at a specific condition. A risk is about uncertainty and therefore not predictable but can be controlled.

4. Treat the Risk

This is also known as risk response planning. In this step of risk management, the project manager is required to assess the highest ranked risks and set out a plan to treat or modify these risks to achieve acceptable risk levels.

There are 5 ways of treating a risk as follows:

  • Avoidance: This is where one decides to abstain from the areas, places or actions prone to risk. For Example, if you feel carrying out a certain task or project such as construction is too dangerous you can avoid the risk by doing something else.
  • Reduction: This practice includes mitigation actions that reduce the risk. For Example, putting on helmet when cycling to protect your head from injury.
  • Transfer: This is where all the risk is left for the third party. There are two major types of transfer, that is, taking insurance cover and outsourcing. For example, a company may decide to transfer a collection of transfer risks by taking an insurance policy.
  • Acceptance: This also known as risk retention. This is where one chooses to face the risk and being ready of any consequence that may arise from his/her decision. In other words, it is referred as risk taking in Business and Entrepreneurship. For example, an investor may decide to invest an infant company anticipating good returns in near future which is not assured.
  • Sharing: This is where the risk is spread among multiple organizations or parties and individuals. This majorly reduces the burden effect. There are variety of reasons for that including insurance products and self-insurance strategies.

5. Monitor and Review the Risk

Risk monitoring and reviewing is the final step in risk management. It is the process which evaluates and tracks the levels of risk in an organization This is the step that you project risk, register and use it to monitor, track and review risks. Risk monitoring purpose is to evaluate and keep track of the risks that occur and the effectiveness of the responses which are implemented by a project manager or organization. Risk monitoring is a continuous process in the life of a project. This is because the list of project risks changes as the project matures, new risks develop or anticipated risks disappear. Risk rating and priotizations can also change during the project life cycle. Risk monitoring determines whether the risk management policies and procedures are being followed and the remaining contingency reserves for cost and schedule are adequate.

There are Four MAIN risk monitoring types:

  • Voluntary: The risk monitoring as the name suggest, it is not required by the law but companies and project managers carry out them to from the events which have occurred in the past.
  • Obligatory: This is a risk monitoring strategy that is required by the law for some organizations for  proper risk monitoring and management.
  • Reassessment: this refers to secondary and tertiary assessment of risk and risk management tools.
  • Continual: This is a risk monitoring strategy which is continuous.

Related Articles:

  1. 10 Best Practices For Effective Project Monitoring And Control
  2. 10 Best Practices for Effective Project Quality Management
  3. 12 Best Practices for Effective Project Scope Management
  4. 15 Best Practices For Effective Project Schedule Management
  5. 12 Best Practices for Effective and Successful Project Execution
  6. 10 Best Practices for Effective Communication in Projects
  7. 13 Best Practices to Manage Project Issues Effectively
  8. 16 Best Practices for Running Project Status Meetings Effectively

Best Practices For Effective Project Risk Management

The best project management practices are capable of helping the project manager or the organization to effectively put in place strategies that will manage the uncertainty of the unpredictable project risks. Generally, a successful project manager should put in mind the following practices to manage the project risks.

The following are the 15 Best Practices in Project Risk Management:

1. Ensure all the stakeholders have a clear knowledge or understanding of the project requirements

If the stakeholders of the project fail to understand the project requirement, it is most likely the project will fail. The stakeholders should be aware of all the estimates before a project commences.

Mainly, the following is what the stakeholders should know before the project kick-off:

  • Project’s deliverables.
  • Key deliverables and their definition of “completeness”
  • Project’s goals and benefits
  • Project’s quality standards and success metrics
  • Risks and issues associated with the project.
  • Project budget, time and resource constraints.

2. Create a Risk Response Team

This is another best practice to manage project risk. Sometimes a stakeholder may pull funding and as a result an important technical component might break. Therefore, the risk management team should be comprised of experienced members who have a wide-range access to plan and risk controlling in the project. The team should have the required experience ant training necessary to save projects when mishaps happen. Basically, your risk response team should think of the worst-case scenarios and develop contingency plans.

3. Develop and formalize project management roles

Project management responsibilities are not only for the project managers but also every individual within an organization perform project management duties either formal or informal. Essentially, project management skills are very important to any individual whether a professional or not. Project management skills will help one identify, analyze and formalize project managing roles comfortably.

4. Develop leadership competencies alongside technical competencies

Project managers technical competencies such as their formal project management knowledge, certification etc., are very important. Many organizations nowadays focus heavily on project managers technical competencies and soft skills knowledge. Leadership skills are very vital especially when dealing with a complex set of resources-as in an agency or organization setting. For a successful project, the project manager should acquire and develop leadership skills.

5. Adopt better scheduling standards for technical work

For any project time is very crucial and scheduling will help you in managing time during the project. Better scheduling and estimations will help the project risk manager improve his/her success rate specifically when dealing with technical work.

6. Define and Evaluate quality standards throughout the project’s lifecycle

The quality standard of a project is very critical in creative projects. Quality on projects requires identification of standards and criteria to be set in each phase of the project life cycle. A project manager should have a clear idea of what constitutes “quality” throughout the project lifecycle based on the standards acceptable to every stakeholder, especially the people on both sides who have to sign-off on the final deliverables. The following are ways to do so:

  • Break the project into multiple stages.
  • Establish objective criteria for quality measurement.
  • Document and share the processes with stakeholders on both sides.
  • Establish baseline for quality that all stakeholders agree.
  • Back claims with data whenever you can.

7. Make your project more transparent

According to researchers, “Transparency implies that the hierarchy of management every employee will know what he or she needs to. By enabling a transparent project management system, everyone benefits from those working on the project to those sponsoring and auditing it.” The project transparency enables the team to have a great sense of responsibility and team work.

Greater project transparency enables project communication, project budget and time and the project changes such as changes in project’s scope, budget or deadline.

8. Emphasize the projects main “purpose”

In an Agency setting, the project’s purpose is very important since its possible for an employee to work on multiple projects simultaneously within the agency. The project purpose acts as a direction to be followed for the success of a project.

9. Build a “super team” to take care of repetitive tasks

A “super team” of experts will enable a project manager to maximize the impact of resources. The role of “super team” is to move from one project to another to perform the target task. This specialization will enhance efficiencies especially when carrying out numerous projects and to manage the occurrence of any unforeseen risks.

10. Find the “Goldilocks Zone” for multiple team membership

In some cases, an employee in an agency may be a member of multiple teams. As a result, this would enable the employee to improve on individual performing skills since the person gets exposed to different ideas and perspectives. However, when the employee reaches at the peak of improved performance, the curve of performance starts to fall.” Goldilocks” zone is the peak of employees improved performance from which any improvement will have a negative effect in the task performance.

11. Check-in frequently and regularly

Checking-in regularly creates a sense of accountability and shared responsibilities between managers and the team members. It is one of the easiest project management best practices to adopt and most impactful. Check-ins are more important if you have remote employees. Frequency of check-ins does not matter provided it is consistent. Check-ins can be daily, weekly or monthly as long as you do it on schedule every time and hold your team accountable.

12. Consolidate all project related information and data

Consolidation of all project related information and data help in leveraging the past knowledge to deal with future issues. Consolidating all project-related data and information in a centralized knowledge base helps anyone working in a project management related role to freely access the information.

13. Track correct deviations from project plans

Tracking the deviations and correcting them as quick as possible help in improving both current and future project performance. This can be done by gathering reports and holding meetings regularly to identify when things are going off-target. The following metrics can help you in estimating your deviation from the project plan.

  • Budgeted Cost of work performed
  • Budgeted cost of work scheduled
  • Actual cost of work performed.

14. Develop a process to escalate issues correctly

It is important to build up a culture where team members are comfortable escalating issues to higher management without fear. You should escalate only one issue to only one stakeholder at a time and do not involve stakeholders who are not affected by the issue.

 When escalating issues, one should identify the intensity of the problem, give a contextual data and finally offer suggestions on the corrective measures.

15. Practice empathy

Practicing empathy will help you understand the true impact of your work and how you can do it in the best possible way. In creative agencies, empathy is very vital and there is no prescription for practice of empathy, you jus place yourself in the shoes of other people.


The risk management process also helps to resolve problems when they occur because those problems are continuous and unpredictable or uncertain. Effective risk management strategies allow an organization or project managers to identify the strengths, weaknesses, opportunities and threats of a project. To ensure a project succeed, you should define how you will handle and identify potential risks, mitigate or avoid problems when you need to do. The most successful project managers recognize that risk management is very critical since project’s goal achievements depends on planning, preparation, results and evaluation that contribute greatly to achieving specific goals.


  • Bartlet, John. Project Risk Analysis and Management Guide.APMPublishing,2004.
  • Hillson, Dr D. Managing Risk in Projects. Aldershot: Gower Publishing,2012.
  • Sekhar, Y. C. Project Management: Principles & Practices,2005.
  • Chapman, Mr. R. The Rules of Project Risk Management: Guidelines for Major Projects. Aldershot: Gower Publishing,2014.
  • Heldman, Kim. Project Manager’s Spotlight on Risk Management. Hobken: John Wiley &Sons,2010
  • Kerzner, Harold. Advanced Project Management: Best Practices on Implementation. Hobken: John Wiley & Sons,2004.