Risks change during the life of a project. New ones arise and old ones change their status. The exposure of the project to risk must be regularly reviewed.
The update of the Risk Log is a cyclical process during stage-end activities throughout the project.
This is the minimum number of times to review risks.
Lengthy or risky projects will need to review risks more frequently.
The objective of this sub-process is to revisit and revise, where necessary, the risks in the Risk Log.
These may have been affected by internal or external events.
Each risk should be examined to see if it has:
The next Stage Plan or an Exception Plan may raise new risks or change existing risks.
This sub-process should therefore be carried out in conjunction with Planning a Stage (SB1) and Producing an Exception Plan (SB6).
Updates to the Project Plan and Business Case may also contain changes that affect items in the Risk Log.
The Business Case update may also have raised new Project Issues, which in turn raise new risks or affect risks already recognised.
See also, Management of Risk.
The Project Manager is responsible for this sub-process assisted by Project Support.
Those with Project Assurance responsibilities should check out the work.
Each major risk should have an ‘owner’ – the person best placed to observe the risk and the factors affecting it.
This person will often be a member of the project management team but not necessarily.
|Business Case||Input||Needs to be referenced in case it has new information regarding risks.|
|Project Plan||Input||Revised Project Plan may provide information as a basis for risk actions and impacts.|
|Stage / Exception Plan||Input||New plan may contain new risks or alter existing ones.|
|Issue Log||Update||Are there any new Project Issues that are caused by (or could improve) the new risks?|
|Risk Log||Update||Has anything changed?|
These are given in tabular form in the file ‘SB4 updating the risk log.doc’ in the product package.