Previous GP 5.2 Correct Root Causes of Problems  702/1102 - 32 sub articles Up 4. Generic Goals and Practices, Process Areas Next SG 1 Prepare for Risk Management
WebIdeaTree CMMI-DEV 1.2

Process
Areas
(staged)

Level 2
 RM
 PP
 PMC
 SAM
 MA
 PPQA
 CM
Level 3
 RD
 TS
 PI
 VE
 VA
 OPF
 OPD
 OT
 IPM
 RSKM
 DAR
Level 4
 OPP
 QPM
Level 5
 OID
 CAR

CMMI for Development, version 1.2
      4. Generic Goals and Practices, Process Areas
 4.19. RISK MANAGEMENT
Process AreaRSKM
Level2
ScopeA Project Management Process Area at Maturity Level 3

Purpose

The purpose of Risk Management (RSKM) is to identify potential problems before they occur so that risk-handling activities can be planned and invoked as needed across the life of the product or project to mitigate adverse impacts on achieving objectives.

Introductory Notes

Risk management is a continuous, forward-looking process that is an important part of management. Risk management should address issues that could endanger achievement of critical objectives. A continuous risk management approach is applied to effectively anticipate and mitigate the risks that may have a critical impact on the project.

Effective risk management includes early and aggressive risk identification through the collaboration and involvement of relevant stakeholders, as described in the stakeholder involvement plan addressed in the Project Planning process area. Strong leadership across all relevant stakeholders is needed to establish an environment for the free and open disclosure and discussion of risk.

Risk management must consider both internal and external sources for cost, schedule, and performance risk as well as other risks. Early and aggressive detection of risk is important because it is typically easier, less costly, and less disruptive to make changes and correct work efforts during the earlier, rather than the later, phases of the project.

Risk management can be divided into three parts: defining a risk management strategy; identifying and analyzing risks; and handling identified risks, including the implementation of risk mitigation plans when needed.

As represented in the Project Planning and Project Monitoring and Control process areas, organizations may initially focus simply on risk identification for awareness, and react to the realization of these risks as they occur. The Risk Management process area describes an evolution of these specific practices to systematically plan, anticipate, and mitigate risks to proactively minimize their impact on the project.

Although the primary emphasis of the Risk Management process area is on the project, the concepts can also be applied to manage organizational risks.

Related Process Areas

Refer to the Project Planning process area for more information about identification of project risks and planning for involvement of relevant stakeholders.

Refer to the Project Monitoring and Control process area for more information about monitoring project risks.

Refer to the Decision Analysis and Resolution process area for more information about using a formal evaluation process to evaluate alternatives for selection and mitigation of identified risks.

Specific Goal and Practice Summary

SG 1 Prepare for Risk Management

SP 1.1       Determine Risk Sources and Categories

SP 1.2       Define Risk Parameters

SP 1.3       Establish a Risk Management Strategy

SG 2 Identify and Analyze Risks

SP 2.1       Identify Risks

SP 2.2       Evaluate, Categorize, and Prioritize Risks

SG 3 Mitigate Risks

SP 3.1       Develop Risk Mitigation Plans

SP 3.2       Implement Risk Mitigation Plans

  

 SG 1 Prepare for Risk Management
 SG 2 Identify and Analyze Risks
 SG 3 Mitigate Risks
 GG 1 Achieve Specific Goals
 GG 2 Institutionalize a Managed Process
 GG 3 Institutionalize a Defined Process
 GG 4 Institutionalize a Quantitatively Managed Process
 GG 5 Institutionalize an Optimizing Process
Keywords : as needed ; formal evaluation process ; goal ; objective ; organization ; process ; process area ; product ; project ; project plan ; reference ; relevant stakeholder ; risk identification ; risk management ; risk management strategy ; specific goal ; specific practice ; stakeholder
Previous GP 5.2 Correct Root Causes of Problems   19 / 23  Next SG 1 Prepare for Risk Management Up 4. Generic Goals and Practices, Process Areas
Table  | Images  | Glossary  | Index  | Faceted index

Process
Areas(continuous)

Process
management  
 OPF
 OPD
 OT  
 OPP 
 OID
Project
management
 PP
 PMC
 SAM 
 IPM
 RSKM
 QPM
Engineering
 RD
 RM
 TS
 PI
 VE
 VA
Support
 CM
 PPQA
 MA
 DAR
 CAR

  
Page 702 / 1102
CMMI for Development 1.2 compiled by Christophe Guibert with WebIdeaTree 5
Last revision on 2008-06-29