We use cookies to give you the best experience and to help improve our website

Find out more about how we use cookies

Choose whether to use cookies:

No thanks That's fine

Skip to main content

Jisc

You are in:

  • Advice
  • Guides
  • Risk management
  • Cause and effect

Utilities:

  • Search the Jisc website
    Clear search results

Search the Jisc website
Clear search results

Navigation:

Guide

Cause and effect

Page 6 of 14 - Risk management

Archived
This content was archived in March 2016

About this guide

  • Published: 30 November 2004
  • Updated: 27 March 2014

View full guide as a single page

Contents

Risk management
  • Attitudes to risk
  • Management attitudes and principles
  • A five step risk management model
  • Identifying risk
    • Cause and effect
    • The risk log
  • Qualitative risk analysis
  • Quantitative risk assessment
    • Costing risk
    • Opportunity costing
  • Risk response planning
  • Risk monitoring and control
  • Wider application

By now you will probably have a list of potential risks as long as your arm and be wishing you’d never thought of the project in the first place. The next step is to consider the root causes of the risks you have identified. If at this stage your list includes risk such as ‘project may overspend against budget’ or ‘project overruns expected timescale’ you will have to go back to the drawing board. Neither of these is a risk in itself: they are consequences of something else having gone wrong.

Similarly if you were to write there is a risk that ‘The project team is inexperienced’ what you are actually describing is a pre-existing condition that may go on to cause a variety of effects.

A risk should be documented in the form:

  • Condition
  • Cause
  • Consequence
  • Context.

A disciplined approach to how you document risks makes the rest of the management process very much easier.

After each of the risks you have listed try adding the word ’caused by’ then complete the sentence eg, staff may leave before the end of the project caused by…

This is a very typical project risk and there could be a variety of different endings to that sentence but unless you know which of them is applicable in your case you are not likely to be able to do anything about it. The next step is to look at what are the consequences of the risk occurring. You need to add the words ‘resulting in’ then complete a new end to the sentence.

  • Condition – ‘There is a risk that’
  • Cause – ’caused by’
  • Consequence – ‘resulting in’

Context is also important for instance in selecting and implementing a new IT system certain risks may be associated with one or more potential suppliers but not with others. If you state risks in a poor or sloppy way then risk management becomes a platitude. You will reveal nothing that is unique about your project and will not have the information you need to take effective action.

Good description also help you to filter out things that shouldn’t be in there ie, things that fall into the category of general management concerns rather than risks specific to your project.

Further resources

Useful tool in analysing cause and effect

  • Ishikawa diagram

Book Navigation

  • ‹ Identifying risk
  • up
  • The risk log ›

You are in:

  • Advice
  • Guides
  • Risk management
  • Cause and effect

Areas

  • Connectivity
  • Cyber security
  • Cloud
  • Data analytics
  • Libraries, learning resources and research
  • Student experience
  • Trust and identity
  • Advice and guidance

Explore

  • Guides
  • Training
  • Consultancy
  • Events
  • R&D

Useful

  • About
  • Membership
  • Get involved
  • News
  • Jobs

Get in touch

  • Contact us
  • Sign up to our newsletter
  • Twitter
  • Facebook
  • LinkedIn
  • YouTube
  • Cookies
  • Privacy
  • Modern slavery
  • Carbon reduction plan
  • Accessibility