1. Develop risk management plan
2. Identify risk – discuss with vendor about the occurrence likelihood about this delay of delivery.
3. Perform Qualitative Risk Analysis (prioritizes the identified project risks using a pre-defined rating scale. e.g. probability or likelihood, highest priority to lowest priority. Prioritized risk register based upon the probability and impact of those identified risks). Categorize the risk.
4. Perform Quantitative Risk Analysis (further analysis of the highest priority risks with a numerical or quantitative rating, Tornado Diagram, Decision Tree)
5. Develop Risk Response – prevention or reaction
6. Monitor risk
7. Control risk
1. PESTLE - Political, Economic, Social, Technological, Legal, Environmental
2. SWOT - Strengths, Weaknesses, Opportunities, Threats (more)
1. Avoid - means to change the management plan or change schedule to remove the risk.
2. Mitigate - means to reduce the impact or probability. Use another component.
3. Transfer - source to a vendor use FFP contract. Buy insurance.
4. Accept - do nothing.
5. Escalate - report to senior management for decision
1. Accept - no action.
2. Escalate - escalate to governer
3. Exploit - engage best intelligence agency. Exploiting is about doing everything to ensure that the event happens.
4. Enhance - Increasing the probability and/or impact of positive risks.
5. Share - share the security with police, local security.
Dormancy
Urgency
Connectivity
Proximity
Manageability
Controllability
Detectability
Strategic impact
Propinquity