Project Risk Management

What is PMBOK Guide’s Project Risk Management Process?

Nothing | Zilch | Nada | Zero

That’s impossible! PMBOK Guide contains globally recognized Standard for Project Management. Surely the Guide would define a Project Risk Management Process.

Let me state something that belies common wisdom.

PMBOK Guide does not define a Project Risk Management Process.

Before I explain this, let us understand the meanings of a Standard and a Process. Let us look at some their definitions.

Standard is a level of quality or attainment.

Oxford Dictionaries

Process is a series of actions or steps taken in order to achieve a particular end.

Oxford Dictionaries

In simple terms we can say that a ‘Standard’ is used as a basis of comparison or judgement. On the other hand a ‘Process’ is a well defined sequence of actions or steps.

PMBOK Guide contains globally recognized Standard. It does not define a Project Risk Management Process (PRMP). In fact, it does not define any process or methodology.

Although PMBOK Guide defines 6 atomic Processes for conducting Project Risk Management activities,  it remains silent on how these processes should be performed in a Project. The Guide neither defines the sequence among these Processes nor gives a mandate to perform them. It just says that project team should carefully analyze these processes and perform them to enhance the chances of project success.

You should read PMBOK Guide to understand the definition & explanation of a ‘process’.

Why Does Everyone Talk About PMBOK Guide’s Project Risk Management Process?

Frankly I don’t know the answer for this. In fact, I have also seen many project management books and literature that describe so called PMBOK Guide’s Project Risk Management Process. The irony of the situation is that you can even hear some ridiculous terms like “PMP Risk Management”, “PMBOK Risk Management” and what not. You should ignore these fallacious terms.

In my opinion it is important to learn a subject using correct terminology. In our case it is important to distinguish between a Process and set of 6 processes. The distinction may sound academic but it is important; especially if you are preparing for the PMP Exam.

[pullquote align=”normal”]Don’t get caught by the fancy language like PMP Risk Management, PMBOK Risk Management or anything equivalent.[/pullquote]

Let us define a PRMP that is based on PMBOK Guide’s 6 process. But before that let us quickly define Risk.

What Is Project Risk?

“Risk” signifies “possibility”, “chance” or a “potential”. A Risk is something that has not yet happened but is likely to happen in future. In Project Management, Risk can be either positive (Opportunity) or negative (Threat). There is a Probability and Impact associated with every Risk.

You should read What is Project Risk to understand the definition and characteristics of a Risk in detail.

Project Risk Management Process (PRMP)

Let us now define a simple PRMP. While defining we will also learn about Project Risk Management as whole. We will also understand how our process is related to the 6 processes defined in PMBOK Guide. This will help you in preparing for PMP Exam as well.

Let us assume that we have to Manage Risks for a Project. Let us define an Approach to manage project risks. A simple approach is depicted in the following diagram.

pmbok risk management

This simple approach is our PRMP. Let us understand the approach/process in detail.

Step I – Plan

The process would start with Planning for Risk Management (RM). This will include planing for

  • List of RM Activities
  • Responsibilities associated RM Activities
  • Budget allocated for RM Activities
  • Timing of RM Activities
  • Communication and reporting for RM Activities

Step II – Identify

Next step would be to Identify Risks for the project and make a list of them. This will also include

  • Identify Risk Characteristics
  • Identify Symptoms, Root Causes and Triggers
  • Describe Impact on Project Objectives
  • Write detailed Risk Statements

Step III – Analyze & Prioritize

Next logical step would be to Analyze all the listed Risks and Prioritize them for future action. This will include

  • Analysis of Probability of each Risk
  • Analysis of Impact of each Risk
  • Analysis of Urgency of each Risk
  • Prioritization of each Risk

Step IV – Strategize

Next logical step would be to Plan Risk Responses for Prioritized Risks. This will include

Step V – Monitor & Control

Next logical step would be to Monitor & Control the Identified Risks. Since Risks are uncertain and they are likely to happen in future, Monitoring & Controlling should be done continuously. In addition the preceding 4 steps should be performed regularly and continuously as new Risks may come. This will include

  • Monitoring all identified Risks
  • Controlling the Risks through Planned & Unplanned Responses
  • Evaluating the Risk Process Effectiveness

PMBOK Guide’s Risk Management Processs

We have now covered “PMBOK Risk Management”…er… I mean a simple PRMP. Let us draw a parallel between PMBOK Guide’s 6 atomic processes and our PRMP.

  • Step I is equivalent to Process 11.1 (Plan Risk Management)
  • Step II is equivalent to Process 11.2 (Identify Risks)
  • Step III is part of Process 11.3 (Perform Qualitative Risk Analysis) and Process 11.4 (Perform Quantitative Risk Analysis).
  • Step IV is equivalent to Process 11.5 (Plan Risk Responses)
  • Step V is equivalent to Process 11.6 (Control Risks)

Over To You

You might be preparing for the PMP exam and wanted to understand Risk Management knowledge Area. Do you this article was useful?

Please leave a comment.

Image courtesy of David Castillo Dominici at

Similar Posts


Leave a Reply

Your email address will not be published.