• Commonsense knowlegde often differs from domain specific knowledge: In PMI-terminology both kinds of anticipated  events are risks, positive and negative. "Project risk is an uncertain event or condition that, if it occurs, has a positive or negative effect on at least one project objective [...]". Hence one may say that one has the risk to spend less time than planned. (comp. PMBOK3, page 238)

Project Risk Management

The Project Risk Management "[...] includes the processes concerned with conducting risk management planning, identification, analysis, responses, and monitoring and control on  a project": the main task of Project Risk Managment is "[...] to increase the probability and impact of positive events, and (to) decrease the probability and impact of events advers to the project" (comp. PMBOK3, page 237).

For being able to fullfill this task, the Project Risk Management has an internal structure which follows the pattern of «plan», «execute», and «control»:

  • At first one has to "[...] (decide) how to approach, plan, and execute the risk management activities for a project" - one plans the risk management.
  • Secondly one must "[...] (determine) which risks might affect the project and (document) their characteristics" - one identifies the risks.
  • Then one has to "[...] (combine) the probability of occurence and the impact" of a risk as its priority value - one analyses the risks qualitatively.
  • The following "quantitative risk analysis" has to "[...] numerically (analyze) the effect on overall project objectives of identified risks",
  • But the main purpose of alle these project management activities is the combination of risks and "risk responses": one has to "[...] develop options and actions to enhance opportunities, and to reduce threats to project objectives".
  • And finally one has to monitor and to control whether risks become facts and which reactions are realized.

(comp. PMBOK3, p. 237)