Risk Management is the process of identifying, analyzing and responding to risk factors. Risk Management Systems are designed to do more than just identify the risk. The systems must also be able to quantify the risk and predict the impact of the risk on the project. The outcome is therefore a risk that is either acceptable or unacceptable. The acceptance or non-acceptance of a risk is usually dependent on the project manager’s tolerance level for risk.
If risk management is set up as a continuous, disciplined process of problem identification and resolution, then the system will easily supplement other systems. This includes; organization, planning and budgeting, and cost control. Surprises will be diminished because emphasis will now be on proactive rather than reactive management project and in the best interests of its objectives. Proper risk management implies control of possible future events and is proactive rather than reactive
The purpose of risk management is to
•Identify possible risks.
•Reduce or allocate risks.
•Provide a rational basis for better decision making in regards to all risks.
Various sources of risk include
•Top management not recognizing this activity as a project
•Too many projects going on at one time
•Impossible schedule commitments
•No functional input into the planning phase
•No one person responsible for the total project
•Poor control of design changes
•Problems with team members.
•Poor control of customer changes
•Poor understanding of the project manager’s job
•Wrong person assigned as project manager
•No integrated planning and control
•Organization’s resources are over committed
•Unrealistic planning and scheduling
•No project cost accounting ability
•Conflicting project priorities
•Poorly organized project office
Come to the Institute of Forensics and ICT Security and enroll for a short course in Risk Management in order to help your company/organization in achieving its intended objectives by reducing the number of Risks.