Marginalia

(8.6) Risk Monitoring and Control

(8.6.1) Process Input

... generated by predecessor processes

(8.6.2) Process Definition

Risk Monitoring And Control is the process for "[...] tracking identified risks, monitoring residual risks, identifying new risks, executing risk response plans, and evaluating their effectiveness throughout the project life cycle" (comp. PMBOK3, p. 237). The "planned risk responses" which are integrated into the project management plan by the proces Integrated Change Control are therefore executed if the risk triggers fire. But the result of these risk responses must be evaluated too. In addition  the process Risk Monitoring And Control has to evaluate whether ...

  • the "project assumptions are still valid"
  • a "risk [...] has changed from its prior state"
  • "proper risk management policies and procedures are being followed"
  • "contigency reserves [...] should be modified in line with the risk of the project"

(comp. PMBOK3, pp. 264f).

The subject Risk Management operates on the base of other risk concerning concepts

(8.6.3) Tools and Techniques

PMBOK Mentioned Methods

  • Risk reassessment has the task to identify new risks and to restart the row of risk management processes for making them managed
  • Risk audits "[...] examine and document the effectiveness of risk responses [...]"
  • Variance and trend analysis executed on the base of work performace information may "[...] indicate the potential impact of threats or opportunities" or may activate a trigger 
  • Technical performance measurement is used for being able to compare the plan and the reality which itself may activate triggers
  • Reserve analysis "[...] compares the amount of contingency reserves remaining to the amount of risk remaining at any time in the project [...]"
  • Status meetings are used to analyse triggering situations and so on

comp. PMBOK3, pp. 266f)

Open Source Tools

  • myPmpsFactory offers  a risk report template according to the risk management plan: it allows to list the top risks, to communicate the 'integrated project risk tuple' and its' historical context. This 'template' can be edited by Open Office 3 (Impress).

(8.6.4) Process Output

  • Updates of  the Risk Register are at least evoked by newly found risks
  • Requested Changes are evoked by appropriate changes of the baselines
  • Recommended Corrective Actions are evoked by appropriate changes which reorganize the activities after having found a threat for being able to met the approved baselines
  • Recommended Preventive Actions are evoked by appropriate changes which reorganize the activities before really having found an anticipated threat for being able to met the approved baselines
  • Updates of  the  Organizational Process Assets are evoked by lessons learned
  • Updates of  the  Project Management Plan are evoked by changes of the risk register and the risk management plan

(comp. PMBOK3, p. 267f)

(8.6.5) Output Using Successor Processes

Successors using the initially generated output as own input(1):

Processes using the updates as input(2):

  1. For details see FAQ::Q001:1
  2. For details see FAQ::Q001:2