Abbott Project Management Playbook

Mitigation and enhancement are the most widely applicable and widely used response strategies. Here, the approach is to identify actions that will decrease the probability and/or the impact of a threat and increase the probability and/or the impact of an opportunity. Accept a Threat or an Opportunity This strategy applies when the other strategies are not considered applicable or feasible. Acceptance entails taking no action unless the risk occurs, in which case contingency or fallback plans may be developed ahead of time, to be implemented if the risk presents itself. Documenting the Results of the Plan Risk Responses Process Risk response planning is based on the information placed in the risk register during execution of the Identify Risks and Perform Analysis processes. The corresponding risk response (mitigation) information is often referred to as the risk response plan, although it may in fact be an integral part of the risk register. Add Risk Responses to the Risk Register The response-related information for each risk is recorded in the risk register and updated regularly, Figure 4.5A is an example of a Risk Register. Any interested stakeholder should be able to rapidly access all the information required to verify their responsibilities and manage the risk in accordance with the risk response plan. IV.

RISK REGISTER

RISK IDENTIFICATION

ANALYSIS

RISK MANAGEMENT

Monitoring & Updating

Category of Impact

Pre-Mitigated Risk Mean Value

Pre-Mitigated Risk Ranking

Post-Mitigated Risk Mean Value

Post-Mitigated Risk Ranking

Item Status Date Identified Brief Risk Description

CII Project Phases

Response Action/Strategy Description Responsible Individual

Risk Resolution Date

Trigger Events

1

Active

07/14/12

Brief risk description text

Front End Planning

Cost

$1,200,000

High

Detailed Description

Tom

Brief Description

10/01/12

$165,000

Med

2

Active

07/15/12

Brief risk description text

Procurement

Schedule

$100,800

Med

Detailed Description

Fred

Brief Description

10/02/12

$46,600

Med

Figure 4.5A - Example of a Risk Register

Add Corresponding Risk Responses to the Project Management Plan While developing the detailed set of risk responses, the project-related implications are evaluated for inclusion in a modified project management plan. These include costs, resource assignments, scheduling details, and changes to project documentation.

4.6 M ONITOR A ND C ONTROL R ISKS Purpose and Objectives of the Monitor and Control Risks Process

The primary objectives of risk monitoring and controlling are to track identified risks, monitor residual risks, identify new risks, ensure that risk response plans are executed at the appropriate time, and evaluate their effectiveness throughout the project life cycle. In addition to tracking and managing the risk response actions, the effectiveness of all the Project Risk Management processes should be reviewed to provide improvements to the management of the current project as well as future ones. Integrate Risk Monitoring and Control with Project Monitoring and Control From the start, the project management plan should include the actions required to monitor and control project risk. This should be set up early in the project planning cycle, and then adjusted in view of the risk response planning decisions adding, for example, the actions associated with monitoring specific conditions or metrics. Once risk response planning has been carried out, the project schedule should include all the agreed-upon, response-related actions so that they can be carried out as a normal part of project execution and tracked accordingly.

28