Risk audit and risk review both are necessary for an effective risk management strategy. However, the majority of the companies do not know how to do it. In this article at Project Risk Coach, Harry Hall explores the domain of risk audit and risk review to give you essential tips.
Risk Audit and Risk Review
The author quoted Dr. Michael Ong’s words: “Good Risk Management fosters vigilance in times of calm and instills discipline in times of crisis.” Following are the ways you can perform risk audit and risk review:
Risk Audit: Either project managers alone or along with their teams or the risk audit team perform risk audit. They evaluate how effective the risk responses and processes are and how proactive the risk owners are. A risk audit provides a lessons learned list that project managers and teammates can utilize to prevent repeating previous mistakes. The size of the risk audit team depends on how big or complicated your projects are. For a small risk audit, it usually takes an hour or less.
Risk Review: The risk audit team focused on the past (“How did we do?”). The risk review is about what to do next (“How will we do?”). You must update risk response plans and risk management procedures to improve current status. There is a series of questions, you should ask during a risk review venture:
- What lessons have you learned from the audit that you can utilize for future projects?
- Are there any new risks that you have not encountered before?
- What changes do you see in the risks?
- Is there a possibility of risks that could accumulate and create significant problems later?
- Must you devote time to response plan for contingencies and backups?
- Are there any risks that can no longer affect you?
- What is the momentum of the residual risks?
To view the original article in full, visit the following link: http://projectriskcoach.com/conduct-a-risk-audit-and-risk-review/