Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

5 Steps to Tracking and Mitigating Risks in Jira

Project risk management is crucial for project success, and especially important to keep critical risks under check in case of (inevitable) changes. The hidden complexities of a project is the main reason why timelines are not met and the resources are spent mid-way.

Below is a quick guide to a Project Manager how to best conduct project Risk Management in Jira:

Step 1 – Identify risks;
Step 2 – Define the risk model;
Step 3 – Customise the risk register;
Step 4 – Assess and report the risks;
Step 5 – Review the risks continuously.

Risk Cycle.png


Run a brainstorming session with your team to identify your project risks. Pay attention to the most common showstoppers like communication, performance, cost, schedule, other internal and external changes, and of course the overall strategy and goals.

You will end up with a list of issues in your Project. The best practice is to use a specific Issue Type, e.g. a custom issue type called ‘Risk’ is often used.

Project Risks - List of issues.png


Every risk needs to be quantified to be able to prioritise the most important ones. Standard options are Impact (what will happen if this Risk becomes a reality?) and Likelihood (how likely it is that this Risk becomes a reality?). Very often further characteristics are needed for differentiation – e.g. Financial Impact, Performance Impact, Reputational Impact.

You will have different templates available, using the SoftComply Risk Manager Plus. This helps you get started quickly and you can customise the model according to your needs later on.

Many companies have set up specific Risk Models that every Project Manager needs to use, to create a common understanding across the company.

This step is easiest using the help of additional apps for Risk Management – all Risk apps allow you to put in place a simple 2-parameter Risk Model, and the SoftComply Risk Manager Plus provides you also with risk models with more than 2 parameters.

Project Risks - Risk Models.png


You can customise the risk-specific workflows and use statuses like “In Mitigation”, “In Approval”, “Mitigated”, “Reviewed”, etc.

If you are using Risk apps, you are able to build these in dedicated views – either as a specific Risk Register (List) or as a Risk Table (spreadsheet view, where you can prioritise, maintain and edit all your risks in a single table).

Workflow status in table view.png


Once your team has created all Risk issues for a project, it is crucial to get a handshake from all the stakeholders.

The best way to do it is to provide them with a list of risks in prioritised order, making sure that the most critical ones are clearly understood and everyone involved is on the same page.

For this, you can export the Risk Table (only available for the SoftComply Risk Manager Plus) or take the reports to a Confluence page (using the SoftComply Risk Manager for Confluence). Although other risk apps do not offer Confluence reporting option, but you can always take screenshots to share information.

Project Risks - reporting.png


There is always something that we can do to keep our critical risks under control. Start linking these actions to the specific risks and make sure the Assignee understands the criticality and knows the due date of their tasks.

After initial Risk Review of the project, plan a regular risk review for your project meetings. Projects are not static – very often a risk that is considered to be Low in criticality at the start of the project, may become the Critical one over the course of a project.

Continuous risk review supports proactive project risk management making PM's work a lot easier. An overview of all your Risks will help the PM notice if any risks require their immediate attention, e.g. if any risk related actions have not been completed.

Project Risks - Risk Table.png


To summarize, moving your Risk Management from Excel to Jira support risk traceability, data connectivity and team collaboration.

Specific Risk apps are useful if you wish to maintain the same level of control across your projects, and to quickly identify and visualise the prioritized issues.

Furthermore, it is easier to get started with your risk management and to generate specific reports for your project risks.

SoftComply Risk Manager Plus is the most comprehensive Risk app in Jira Cloud.

This app allows you to establish central Risk Models and Risk Registers for all projects. This helps to make sure that all projects are handled with the same principles and using the same framework.

For the project manager, it will simply mean: Enabling the Risk Management app for the project, selecting a specific Risk Model and Risk Table, and identifying which issue type is considered a risk for the project. As a result, the Risks will be populated in a spreadsheet view where you can edit and update any risk related data.

Additionally, this is the only app where you can use a Risk Model with more than 2 risk characteristics (e.g. impact, likelihood, detectability). For simpler projects, there are a number of risk apps available, like the Risk Register and the SoftComply Risk Manager and others. These apps allow you to use max 2 risk characteristics like Impact and Likelihood for assessing each risk.

You are welcome to try out the SoftComply Risk Manager Plus for free for 30 days and if you need to discuss your specific approach with risk management, our specialised team is ready to support.

Simply book a consultation by using this link.



Log in or Sign up to comment
AUG Leaders

Atlassian Community Events