Risk identification is the first step in the risk management process, and it is here that organizations often run into trouble. It is vital that you learn to distinguish risk from simple uncertainty. All risks are uncertainties, but not all uncertainties are risks. You encounter numerous uncertain factors daily, but only a select few are relevant to your project or business. Unfortunately, it is easy to fill your risk register with extraneous entries and waste precious resources trying to manage them.
To avoid this, you should link all risks to a specific business or project objective. In fact, a good definition of risk is "an uncertainty that could affect one or more objectives." For example, if your objective is to deliver the new company website by August 10th, any variable that could affect that date is a risk. The stock price going down is probably not relevant, but the unavailability of UX resources probably is.
This guideline highlights another principle. Effective risk management is only possible if your project or business objectives are explicitly defined. If they are undefined, you must remedy that before doing anything else.
When documenting risks, a helpful approach is to include the objective under threat in the risk description. You often see risk descriptions such as "Unavailability of UX resource," but "Unavailability of UX resource may delay project delivery" is much better. And if you cannot find an objective to link the risk to, you must question whether it is a risk at all.
Risk identification is much easier with a suitable tool. This is one reason we created Risk Register by ProjectBalm.
Our goal was to automate best practice risk management techniques, and do so via an elegant, usable interface that works with you, and not against you. Risk Register will help you to identify, analyse, treat and monitor risks more easily and effectively than ever before.
If you are experienced at risk management, you will find in Risk Register a tool that works the way you want it to work. If you are new to risk management, our documentation and videos will take you through the whole risk management process, giving lots of useful examples.
Risk Register is fully compatible with risk management standards such as ISO 31000, and can also be used for governance, risk, and compliance (GRC) programs such as Sarbanes-Oxley and PCI. And, of course, Risk Register allows you to easily distinguish between opportunities and threats.
Over the last few years, we've grown to become the most popular risk management solution in the Jira marketplace and we are now an Atlassian Platinum Partner. Why not try out Risk Register by ProjectBalm for yourself?