Risk Identification


Risk Identification is the process of determining which risks might affect the project and documents their characteristics. Participants of risk identification activities: project manager, project team members, risk management team (if identified), subject matter experts from outside the project team, customers, end users, other project managers, stakeholders, and risk management experts. While these personnel are often key participants for risk identification, all project personnel should be encouraged to identify risks.

 Risk Identification is an iterative process because new risks may become known as the project progresses. The Risk Identification process usually leads to the Qualitative Risk Analysis process. Alternatively, it can lead directly to the Quantitative Risk Analysis process when conducted by an experienced risk manager. On some occasions, simply the identification of a risk may suggest its response, and these should be recorded for further analysis and implementation in the Risk Response Planning process.

Inputs of Risk Identification Process:

  1. Enterprise Environmental Factors – Published information, including commercial databases, academic studies, benchmarking, or other industry studies, may also be useful in identifying risks.
  2. Organizational Process Assets – Information on prior projects may be available from previous project files, including actual data and lessons learned.
  3. Project Scope Statement – Uncertainty in project assumptions should be evaluated as potential causes of project risk.
  4. Risk Management Plan
  5. Project Management Plan

Tools and Techniques used in Risk Identification:

  1. Documentation Reviews
  2. Information Gathering Techniques like Brainstorming, Delphi technique, Interviewing, Root cause identification, Strengths, weaknesses, opportunities, and threats (SWOT) analysis
  3. Checklist Analysis – Risk identification checklists can be developed based on historical information
  4. Assumptions Analysis
  5. Diagramming Techniques like Cause-and-effect diagrams, System or process flow charts, Influence diagrams

Output of Risk Identification Process: Risk Register (Risk Tracker) – it should contain the following information: List of identified risks, List of potential responses, Root causes of risk and Updated risk categories.


Search more stuff on Project Management, Agile & Scrum:

  1. No comments yet.
  1. No trackbacks yet.

Subscribe & Get FREE updates on Project Management