1. Add a New Portfolio Risk
Add the Risk information and all the details that are so the risk can be properly registered and reviewed at any time.
1. To add a ‘Risk’ within a Portfolio, click the ‘Risk Management’ tab from the left side bar of the page. Once done, click the ‘+ New Risk’ button as shown below.
2. Fill in the required fields. Once complete, click the ‘Add Risk’ button.
Below are the required fields:
- Project – The project that the risk is associated with so that it can be tied directly to a project when reporting at a portfolio level.
- Risk Name – Short Title that outlines what the risk is and its impact. The name should include 3 pieces the 'what', the 'how', and the 'impact'.
- Risk Category – The most relevant area of the project that the Risk is associated too.
- Work Stream
- Risk Description – Detailed outline regarding the specifics of the risk, how it is found, other members involved, etc. This should contain any relevant information for the risk so that anyone reviewing the document can fully understand the risk, and everything associated with it.
- Potential Outcome – Short description of what outcome might occur if the risk impacts the projects. This is to outline impact at a greater detail than what is stated in the risk name Ex. Delay to the schedule by 2 weeks due to not having the materials to build the foundation. This also delays all dependency work as nothing can be built prior to the foundation being set.
- Raised By – Outlining the individual, group or other that raised the risk for the Project. Information needs to be detailed enough that the owner of the risk knows who or which meeting to refer back to if needed to gather additional information.
- Raised Date – Highlights the data that the Risk was originally found, to better assess and track it. The date should be the initial date that the risk was discussed, not subsequent meetings. This ensures the true original date to gather additional information if needed.
- Source – Source discusses what meeting, event or otherwise prompted the discussion and raising of the risk. Any relevant content or information discussed regarding the initial risk finding should be included.
- Risk Impact – Outlines the impact that the risk can have on the entire project ranging from Very Low through to Very High. Baseline impact levels:
- Very high - Major impacts to project that could be up to project failure
- High - Impact severe enough to cause a significant overage of time or money
- Moderate- Impact will cause some rework or overage
- Low - Impact will not cause any major rework or overage
- Very low - Impact will not cause any rework or overage
- Risk Probability – Outlines the probability that the risk will occur ranging from Very Low through to Very High. The probability is used to determine the overall risk level. Probability ratings can vary from project to project. Probability ranges should be determined for each project. Baseline Probability:
- Almost certain- This risk is planned to occur (Greater than 95%)
- Likely - More often than not, this risk will occur (75% chance)
- Possible - There is a chance that this risk will occur (50% chance)
- Unlikely - More likely than not the risk will not occur (25% chance)
- Rare - It is not expected that this risk will occur (less than 5%)
- Risk Score – Algorithm to understand a weight score of the risk based on the impact it can have on the project, compared to the probability of it occurring.
- Qualitative Impact – What potentially could happen to the project if and when the risk appears. When reviewing qualitative impact, ensure all aspects and options are considered including downstream and future losses as well as name reputation.
- Risk Strategy – Decision on how the risk is going to be managed to ensure lower impact on the project. Typically there are 3 overall options:
- Mitigate the risk- prevent from occurring
- Reduce the risk- ensure the impact is as minimal as possible
- Accept the risk and do nothing if it occurs
- Response Notes – Information, ideas and thoughts around the risk and what it has appeared.
- Owner – The member of the project who is going to manage the risk and take ownership of it. The owner of the risk needs to fully understand every aspect of the risk as well as the risk plan so they can assist in identifying and reacting if the risk occurs.
- Due Date – The forecasted date that the Risk will be mitigated or closed/
- New Review Date – Allocated Date for the next review of a risk within the Project. This helps on tracking any critical problems that might occur.
3. If the User who created the Risk is an Approver, the Risk will be automatically approved and will be reflected in the ‘Portfolio Risk Register’ table. This action sends an Email Notification to all users set to receive notification if a Risk is added to the Project.
Note: Be aware that the created Risk will be added to the Project that is indicated on the Risk creation.
If the User who created the Risk is not an Approver, it will send an Approval notification to the Approvers.