10-1 Risk Identification
Risk identification begins with generating a list of all the possible risks that could affect the project. This step will typically be initiated by the project manager who might assemble a risk management team of core project team members and stakeholders. Sometimes, major risks are identified by the project sponsor as part of the development of the project charter. Others such as subcontractors, customers, and vendors might be involved. Brainstorming sessions are held to identify. Typical tools and techniques for risk identification include the use of risk breakdown structures (RBS), similar to Work Breakdown Structures discussed under project planning, which represent groupings of project risks in a structured hierarchical manner. An example of an RBS for an IT project is attached here. It shows 4 main groupings of project risk and each group has sub-categories under it. For example, Business risks include competitors, suppliers and cash flow. risk-breakdown-structure
Another technique is the use of risk profiles which are lists of questions that address traditional areas of uncertainty associated with the project. Another approach is to use risk categories and identify risks for each category. This is very common. The categories might be technical, schedule, cost, human resources, external, sponsor/customer etc. For example you might identify Technical risks to include failure to meet customer requirements, application of new technology, new quality standards or codes. Schedule risks might include supplier delays, receipt of critical equipment from vendor, obtaining regulatory approval for government agency. Sponsor/customer might include delays in approvals and security of sponsor financing. I am sure you can identify examples for the other categories. It is important that the risk management team keeps an open mind, uses common sense, and encourages critical thinking for this process. The goal is to identify potential problems before they happen.