Risk Management
Risk Management
Overview
Terminology
Configuration
Roles and permissions
How to access the global and project level
How to use the feature
Basic use cases examples
Overview
Risk Management is a mandatory process for each correctly managed project. The Risk Management tool allows to set the risk matrix through your organization, manage risks on projects and provide global risk reporting and overview for management.
- Global module - The main purpose is to work with risks on the global level in the role of line manager, risk manager or Project Management Office (PMO).
- Project module - The purpose of the Risk Management module on a project is to manage project risks in a controlled manner.
Terminology
- Qualitative Risk Analysis - A technique used to quantify the risk associated with a particular hazard. Risk assessment is used for uncertain events that could have many outcomes and for which there could be significant consequences.
- Quantitative Risk Analysis - Further analysis of the highest priority risks during which a numerical or quantitative rating is assigned in order to develop a probabilistic analysis of the project.
- Probability - This refers to the likelihood that a hazard will occur.
- Impact - This is an estimate of the potential losses associated with an identified risk. It is a standard risk analysis practice to develop an estimate of probability and impact.
- Severity - The extent of the damage to the institution, its people, and its goals and objectives resulting from a risk event occurring.
- Category - Risk categories are made up of risk causes that fall into common groups. These groups can include risks such as technical risks, internal risks, external risks, group risks, organizational risks or environmental risks.
- Response - Risk response is the process of developing strategic options, and determining actions, to enhance opportunities and reduce threats to the project's objectives. A project team member is assigned to take responsibility for each risk response.
-
Templates – there are two basic template categories related to risks:
- Global Risk Management page template
- Project Risk Management module templates
Configuration
The Risk management module comes preconfigured. But it is expected that each organization will customize its settings according to own internal risk metrics. You can find those settings in Global menu >> Administration >> Categories. The customizable Risk attributes are:
- Category – list of potential risk sources
- Status – list of risk statuses used for risk lifecycle
- Probability – definition of risk probability range used by probability & impact matrix: name, value (integer), description
- Impact – definition of risk impact range used by probability & impact matrix: name, value (integer), description
- Severity – definition of areas in probability & impact matrix by severity value and color. Each severity consist of name, value interval, description and color (red/orange/green/blue)
-
Response – list of general risk response approach options (avoid, mitigate, transfer, accept…)
Roles and permissions
The following permissions are available for each user role.
Global permissions:
- Edit risks dashboard – global risk page edit option
Project permissions:
- View risks (read-only) – view all risks on projects
- Manage risks – edit all risks on projects
- Manage own risks – edit all the risks on projects where the user is assignee or author
- Delete risks – delete all risks on projects
- Edit project page layout
How to access the global and project level
There are two basic module levels related to risks. The global level can be accessed in Global menu >> Risks.
The project level can be accessed in Project >> Risks (the Risks module must be enabled in project Project controls >> Modules).
How to use the feature
You can add two types of modules related to Risk Management to any customizable page: Risk matrix and List >> Risks
To create a new risk, just click on the green button "New risk" in the sidebar menu of the Risk Management module. You will be asked to enter information about the risk, such as name, project, assignee, status, description, risk evaluation, risk solution, and other details.
To see the list of all created risks, just click on the button "Show all" in the sidebar menu of the Risk Management module.
Below the sidebar menu is placed the Legend of risk statuses used, which can be easily edited by clicking on the pencil icon or deleted by clicking on the trash icon.
In order to display selected related risk on a task, a native field needs to be enabled on a selected tracker (Administration >> trackers >> selected tracker).
Basic use cases examples
This is how can the Risks page look like on the global level.
This is how can the Risks page look like on the project level.
Here you can see illustrative use cases for risk matrix.