(8.6) Risk Monitoring and Control
(8.6.1) Process Input
... generated by predecessor processes
- Risk Management Plan
- generated by: Risk Management Planning
- Risk Register
- Approved Change Requests
- Work Performance Information
- generated by: Direct and Manage Project Execution
- Performance Reports
- generated by: Performance Reporting
(8.6.2) Process Definition
Risk Monitoring And Control is the process for "[...] tracking identified risks, monitoring residual risks, identifying new risks, executing risk response plans, and evaluating their effectiveness throughout the project life cycle" (comp. PMBOK3, p. 237). The "planned risk responses" which are integrated into the project management plan by the proces Integrated Change Control are therefore executed if the risk triggers fire. But the result of these risk responses must be evaluated too. In addition the process Risk Monitoring And Control has to evaluate whether ...
- the "project assumptions are still valid"
- a "risk [...] has changed from its prior state"
- "proper risk management policies and procedures are being followed"
- "contigency reserves [...] should be modified in line with the risk of the project"
(comp. PMBOK3, pp. 264f).
- Part of the Monitoring and Controlling Process Group
- Child Process of Monitor and Control Project Work
- Member of Knowledge Area Project Risk Management
The subject Risk Management operates on the base of other risk concerning concepts
(8.6.3) Tools and Techniques
PMBOK Mentioned Methods
- Risk reassessment has the task to identify new risks and to restart the row of risk management processes for making them managed
- Risk audits "[...] examine and document the effectiveness of risk responses [...]"
- Variance and trend analysis executed on the base of work performace information may "[...] indicate the potential impact of threats or opportunities" or may activate a trigger
- Technical performance measurement is used for being able to compare the plan and the reality which itself may activate triggers
- Reserve analysis "[...] compares the amount of contingency reserves remaining to the amount of risk remaining at any time in the project [...]"
- Status meetings are used to analyse triggering situations and so on
comp. PMBOK3, pp. 266f)
Open Source Tools
- myPmpsFactory offers a risk report template according to the risk management plan: it allows to list the top risks, to communicate the 'integrated project risk tuple' and its' historical context. This 'template' can be edited by Open Office 3 (Impress).
(8.6.4) Process Output
- Updates of the Risk Register are at least evoked by newly found risks
- Requested Changes are evoked by appropriate changes of the baselines
- Recommended Corrective Actions are evoked by appropriate changes which reorganize the activities after having found a threat for being able to met the approved baselines
- Recommended Preventive Actions are evoked by appropriate changes which reorganize the activities before really having found an anticipated threat for being able to met the approved baselines
- Updates of the Organizational Process Assets are evoked by lessons learned
- Updates of the Project Management Plan are evoked by changes of the risk register and the risk management plan
(comp. PMBOK3, p. 267f)
(8.6.5) Output Using Successor Processes
Successors using the initially generated output as own input(1):
Processes using the updates as input(2):
- Scope Planning
- Activity Definition
- Activity Resource Estimating
- Activity Duration Estimating
- Schedule Development
- Cost Estimating
- Quality Planning
- Risk Management Planning
- Risk Identification
- Qualitative Risk Analysis
- Quantitative Risk Analysis
- Risk Response Planning
- Plan Purchases and Acquisitions
- Plan Contracting
- Select Sellers
- Direct and Manage Project Execution
- Monitor and Control Project Work
- Intgrated Change Control
- Close Project