We use cookies to give you the best experience and to help improve our website

Find out more about how we use cookies

Choose whether to use cookies:

No thanks Yes, I accept

Skip to main content

Jisc

You are in:

  • Advice
  • Guides
  • Project management
  • Managing risks

Utilities:

  • Search the Jisc website
    Clear search results

Search the Jisc website
Clear search results

Navigation:

Guide

Managing risks

Part of

Archived
This content was archived in March 2016

About this guide

  • Published: 26 January 2008
  • Updated: 27 March 2014

View full guide as a single page

Contents

Project management
  • Why projects fail
  • Starting a project
    • The business case
    • Project initiation
    • Project infrastructure
  • Key roles
    • The project board
    • Building the team
    • Resourcing the team
  • Stakeholder management
  • Budgeting and costing
  • Planning a project
    • Top tips for project planning
    • The sliding planning window
    • Product-based planning
    • Estimating
    • Scheduling, precedence diagramming and the critical path
    • Gantt charts
    • Contingency planning
  • Managing project boundaries: stages, phases and milestones
    • Reporting and meetings
    • Managing by exception
  • Controlling a project
    • Managing risks
    • Managing issues
    • Managing scope
    • Managing quality
  • Communication and collaboration
    • Methods of communication
  • Staff development
  • Keeping records
  • Closing a project
    • Handing over and lessons learned
  • Post project review
  • References and resources

All projects bring with them an element of risk. In the best-planned projects there are uncertainties and unexpected events can always occur for example project staff might leave unexpectedly, the budget might suddenly be cut or a fire or theft might affect the project progress.

The majority of risks are however related to the fact that your plan is based on estimates and they are therefore manageable. Risk management is a mechanism to help you to predict and deal with events that might prevent project outcomes being delivered on time.

Identifying risks

You will undertake an initial risk assessment as part of starting up the project. Basically you are asking the questions:

  • What could possibly happen to affect the project?
  • What is the likelihood of this happening?
  • How will it affect the project? and
  • What can we do about it?

The sort of areas you will be looking at for associated risks are:

  • The activities along the timeline and any threats to completion and to timescales
  • The project components: people, equipment, infrastructure requirements, other resources
  • Dealings with contractors and suppliers
  • Other projects that might have an impact
  • Organisational changes that might take place during the project
  • Outside influences that might affect the project such as changes in funding, government policy or the requirements of a funding body

Creative Commons attribution information
Risk Matrix

Greatest risk often occurs where there is some sort of interface. This may be an interface between systems, departments, processes or organisations.

The assessment of likelihood of the risk occurring and potential impact if it does occur will come from the experience and knowledge of project stakeholders and others consulted during the risk analysis process. In other words, identifying risks is best done as a team effort. People with different skills, experiences and specialisms will see individual risks differently and you want a balanced, rather than a biased, analysis.

You can think of risks in terms of a matrix:

Your greatest effort will be focussed on addressing the risks that are most likely to occur and those that will have the biggest impact if they do occur.

Recording risks

You will need to maintain a risk log or register. This should record:

  • A description of the risk
  • The likelihood of the risk occurring
  • The potential impact of the risk
  • Details of mitigating actions to be taken
  • Identification of any early warning signs that indicate the risk is about to occur
  • The risk owner
  • Details of any contingency plans where applicable

In order to effectively manage risk it is important that each risk is allocated to an identified owner. This should be someone within the project team whose responsibility it is to keep an eye on the situation and ensure that the necessary mitigating actions are actually carried out.

Responses to the initial risk assessment may include:

  • Risk transfer – move the risk to someone more able to deal with it eg contract out the supply and support of the hardware infrastructure
  • Risk deferral – alter the plan to move some activities to a later date when the risk might be lessened eg wait till a statutory change has ‘bedded-in’ before changing a related process
  • Risk reduction – Either reduce the probability of the risk occurring or lessen the impact eg increase staffing resource on the project
  • Risk acceptance – Sometimes there’s not a lot you can do other than accept the risk and ensure that contingency plans are in place
  • Risk avoidance – Eliminate the possibility of the risk occurring eg use alternative resources or technologies

Managing risk is an ongoing process. The nature of the risks you are facing will alter as the project progresses eg staff recruitment may be a big issue at the start of a project whereas staff retention is the issue as the project draws near to an end. At the very minimum you should review your risk assessment and management plan at each stage boundary before moving into the next stage of the project.

Book Navigation

  • ‹ Controlling a project
  • up
  • Managing issues ›

You are in:

  • Advice
  • Guides
  • Project management
  • Managing risks

Areas

  • Connectivity
  • Cyber security
  • Cloud
  • Data analytics
  • Libraries, learning resources and research
  • Student experience
  • Trust and identity
  • Advice and guidance

Explore

  • Guides
  • Training
  • Consultancy
  • Events
  • R&D

Useful

  • About
  • Membership
  • Get involved
  • News
  • Jobs

Get in touch

  • Contact us
  • Sign up to our newsletter
  • Twitter
  • Facebook
  • LinkedIn
  • YouTube
  • Cookies
  • Privacy
  • Modern slavery
  • Carbon reduction plan
  • Accessibility