Understand the Exposure (Assessment)

The output from the Identification part of the First Risk Assessment is a list of properly described risks, which can be quite long, especially as an organization becomes good at risk identification. It is easy to identify 50 to 100 risks on a project, and perhaps considerably more on some “risky” projects. (Of course, it is also possible to identify too many risks—i.e., risks at too low a level or that are too detailed to be managed effectively—one project known to the authors had more than 4,000 identified risks!) Clearly, an organization cannot actively respond to all identified risks at the same time or with the same level of attention. It may be pointless or even impossible to develop a response for ...

Get Practical Project Risk Management, Third Edition, 3rd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.