7.4 Assessing the risk

7.4.1 Risk evaluation criteria

We recognized that we may not be able to take action for all possible risks identified. Therefore there is a need to prioritize the risks, but before this can happen there is a need to evaluate the risk itself. The evaluation is based on three criteria:

  • the probability that the risk will occur;

  • the impact that the risk will have, should it occur;

  • the proximity of the risk.

7.4.2 Risk probability

The probability, or likelihood, that a risk will occur is somewhere between never happening and certain to occur. This assessment can be either quantitative or qualitative. There is a wide range of approaches to obtaining qualitative assessments including interviewing experts or stakeholders and brainstorming ...

Get Project Management for IT-Related Projects now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.