Project Management Framework
Initiation - Risk Analysis

Definition

The risk analysis is the assessment of what could go wrong (risks), determination of which risks warrant preventive or contingency actions, and development of strategies to deal with those risks. During the Initiation Phase, risks are identified at a high level.

Why is this important?

Risk analysis allows the project team to proactively identify and prevent problems before they occur or by reducing the impact of problems when they do occur. Risks need to be continuously assessed throughout the project as the nature, probability, and impact of risks change by phase and activity.

Instructions

As part of the portfolio management program, the Information Services Board (ISB) has developed a comprehensive, high level assessment of project risk in the form of the Severity and Risk Matrix.

The Severity and Risk Matrix determines several procedures: the level of approval and oversight required on a given project, if the agency includes the project in its agency portfolio, and if the decision package for the project requires a formal evaluation by DIS. The matrix evaluates two sets of criteria, severity and risk, to derive the level of the project. The severity criteria assess the proposed project's impact on citizens and state operations, its visibility to stakeholders, and the consequences of project failure. The risk criteria assess the impact of the project on the organization, the effort needed to complete the project, the stability of the proposed technology, and agency preparedness.

The matrix, with instructions and explanations of the three levels, is located at:
isb.wa.gov/policies/portfolio/101S.doc (see Appendix A)