In this final part of “Risk Management Deeper Dive” I will briefly discuss “Risk Monitoring”. Monitoring your risks involves the following:
- Conducting regular meetings (as outlined in the Project Management Plan) where the risks and risk plans are reviewed. I recommend every week or every other week depending on the levels of risk exposure.
- The Risk Owners, the Project Sponsor(s) and the Project Manager(s), at a minimum, should be present at the meetings.
- In the meetings you should review the risks in order of risk exposure, with the highest exposure risks addressed first. In case your meeting time is limited, this ensures the most important risks are discussed.
- The risk probabilities and impacts are reviewed and changed as needed.
- The risk triggers are reviewed to ensure reliable monitors are in place. Any triggers tied to a near-term upcoming date are reviewed in detail.
- Risk mitigation plans are reviewed to confirm the plans are being executed.
- Risk contingency plans are reviewed to verify the plans are still valid.
- Close any risks that are no longer valid.
- New risks are raised and discussed. You can continue to use the Risk Hierarchy chart to help identify new risks.
After each meeting, the updated risk plan should be posted to the project repository. Open high-exposure risks should be highlighted in the project status report.