Managing Risk (Analysis and Amelioration)


Why identify and manage potential risks and threats?

Risk reduction and avoidance activities are integral to successful project planning and delivery, ensuring customer satisfaction by consistently delivering on time and within budget.

Early preventative action could mean the difference between success and failure of every project. The job is not done until all identified threats have been managed in some way.

Key stages to reduce risk and increase certainty

  • Identify, analyse and prioritise the probable risks or threats
    (this may be facilitated using an GIFPA Risk Management Workshop)
  • Document any assumptions and make every effort to determine their validity
  • Quantify the probability that the threat will occur and likely timescales
  • Determine the impact and level of exposure of the threat when or if it occurs


  • Develop strategies to ameliorate these risks
  • Calculate effort, cost and time required to avoid, transfer or mitigate the threat
  • Track the status of each risk
  • Execute mitigation strategies as required to prevent or ameliorate each risk
  • Ensure integration with ordinary project management activities.

Process for continuous risk management

  • Establish an iterative, systematic risk analysis to regularly review and revise plans
  • Set thresholds and track threat parameters for timely appropriate action to be taken
  • Assign actions to named individuals to track each threat or defect against quality targets to a specific conclusion.

The process can be managed using some form of risk register showing the individual risks, current assesment of probability, impact, who is managing them and detailing the mitigation strategies.

GIFPA Ltd. 2016

Copyright 2016

All Trademarks Acknowledged

Applying Software Metrics
Assessing Capability     
Estimating and Risk       
Improving Processes     
Measuring Performance
Tools and Techniques   
About GIFPA         
Copyright & Legal