Risk Monitoring and Control

Risk monitoring and control is the process of keeping track of all the identified risks and identifying new risks, as their presence becomes known, and residual risks that occur when the risk man­agement plans are implemented on individual risks. The effective­ness of the risk management plan is evaluated on an ongoing basis throughout the project.

Figure (9.5) presents the steps of risk monitoring and control. After obtaining the priority for each risk, you should obtain a solu­tion with the project team and then agree on the emergency plan and, according to every risk, define the monitoring system that you will follow as the project manager.

When a risk is apparently going to eventuate, a contingency plan is put into place.

If there is no contingency plan, then the risk is dealt with on an ad hoc basis using what is termed a "workaround." A workaround is an unplanned response to a negative risk event. A corrective action is the act of performing the workaround or the contingency plan.

The concern of the project manager and the project team is that risk responses have been brought to bear on the risk as planned and that the risk response has been effective.

After they have observed the effectiveness of the risk response, additional risks may develop or additional responses may be necessary.

Risk management is a continuous process that takes place during the entire project from start to end. As the project progresses, the risks that have been identified are monitored and reassessed as the time that they can take place approaches. Early warning indicators are monitored to reassess the probability and impact of the risk. As the risk approaches, the risk strategies are reviewed for appropriateness, and additional responses are planned.

Risk assessments, reviews, and audits may be performed periodically to review the probability and potential impact of risks that have been identified and are nearer to their possible occur­rence. Risks that have already taken place can be reviewed and audited to assess the effectiveness of the risk response.

As each risk occurs and is dealt with or is avoided, these changes must be documented.

Good documentation ensures that risks of this type will be dealt with in a more effective way than before and that the next project manager will benefit from these lessons learned.