For a risk management action plan to be effective, it should contain specifics. These specifics include identifying risks upfront, analyzing how risks will affect a project, potential risk planning, and monitoring risk. Monitoring risk is performed by controls set within the risk management plan that deal with potential risk.
A risk management plan should also include specific roles and responsibilities of the project manager, team members, and stakeholders. If projects include the need for IT personnel, IT members should be identified as well.
Risk management plans should be reviewed from time to time to ensure the controls you set are working. When updating any risk management plan, use prior project life-cycles for examples. What worked on the project and what failed? Identify true risks that had an impact on prior projects. Set levels for each risk from low to high to acceptable risks. An example of a high risk might be the quality of your IT department. If it fails to perform consistently, this can be a devastating risk. An example of a low risk doesn't mean it will affect the outcome of a project. Remember that once a risk is triggered, whether it is low or high or acceptable, it becomes a risk issue. Acceptable risks should not be ignored but instead, analyzed for future projects by identifying how the risk was triggered and how it was resolved.
Good risk management plans go hand in hand with project planning and should be systematic in nature. Risk will only be improved by discovering it and dealing with it. Once you discover and assess risk, how you control potential risks is key in your overall plan.
Setting Controls to Measure Risks
In order for you to set controls in your risk management action plan, you need to document past risks and their triggers. How were those risks resolved? If resolution was poor, what are better ways to prevent risks? For project planning, you can identify your risks by placing them in categories before setting controls.
Basic categories must include cost of the project, scope of the project, project schedule and deliverables, and the quality of the project. Controls should be set for each part of your project, but how your controls work remain the same. By using past project experience, create these controls:
Identify and plan for risks
Keep documentation of risks
Identify risk triggers
Re-analyze risks at set periods.
Determine who will be responsible for possible risks
Set risk strategies
After these controls have been set, decide what techniques you will use to monitor or eliminate risks. In your risk management plan, outline how risks were identified and documented. What practices did you use to resolve the risk? Were any project outcomes affected? What team members identified risks and what processes did they use? The only way you can set controls that will ensure good risk assessment in your plan is by developing good risk strategies. Risk strategies are what you will do if a risk is triggered and should include how you can avoid or transfer risks. The controls you set in your risk management plan will include strategies for each element of potential risk.