Assessment
Risks are assessed to determine the probability of occurrence (P), severity of potential Impact (I) and ability to influence the risk (M).
1. Overview
This assessment output provides a basis for prioritizing efforts and allocating resources for managing risks.
When assessing each risk, we consider three scenarios, Original, Current and Target are considered.
Original
This indicates the risk position when it is first identified. The Original score should not be changed once it is set.
This indicates the risk position when it is first identified. The Original score should not be changed once it is set.
Current
This indicates the latest position of the risk considering any action plans in place. This position is updated during the lifecycle of the risk until the risk is closed out.
This indicates the latest position of the risk considering any action plans in place. This position is updated during the lifecycle of the risk until the risk is closed out.
Target
This indicates the position at which the risk is deemed as acceptable and serves as the mitigation goal to achieve.
This indicates the position at which the risk is deemed as acceptable and serves as the mitigation goal to achieve.
There are two methods for assessing risks, Qualitative Risk Assessment and Quantitative Risk Assessment. The ERM framework focuses primarily on qualitative risk assessment with high level quantification of impact.
In Qualitative Risk Assessment, risks are evaluated for their potential likelihood of occurrence, potential impact, and degree of manageability. The results provide a basis for prioritizing risks and allocating resources to manage them.
Quantitative risk assessment is performed by project controls functions (estimating for cost risk assessment and planning/scheduling for schedule risk assessment). Part of the performance of quantitative analysis is evaluating the identified risks and the associated scoring for each risk.