Identify Risks 

Purpose:

To identify, describe, and document risks that may affect project objectives (scope, schedule, cost, quality, etc.).

• What can go wrong (threats)?

• What can go right (opportunities)?

• Where are uncertainties coming from?

Key Inputs

• Project Charter (high-level risks)

• Project Management Plan (especially Risk Management Plan)

• Project Documents:

  • 1. Assumptions log

    2. Stakeholder register

    3. Lessons learned register

• Enterprise Environmental Factors (EEF)

• Organizational Process Assets (OPA)

Tools & Techniques

1. Expert Judgment - Engaging experienced professionals to foresee potential risks.

2. Data Gathering Techniques

• Brainstorming – team-based idea generation

• Interviews – insights from experts and stakeholders

• Checklists – based on historical data

• Delphi Technique – anonymous expert consensus
  
  

 3. Data Analysis Techniques

• Root Cause Analysis – identifying underlying causes

• Assumption & Constraint Analysis – testing validity

• SWOT Analysis – identifying strengths, weaknesses, opportunities, threats

• Document Analysis – reviewing contracts, plans, designs

4. Interpersonal & Team Skills

• Facilitation

• Workshops

• Cross-functional collaboration

5. Prompt Lists

Predefined risk categories such as:

• Technical

• External

• Organizational

• Project management
  
  

 6. Meetings - Structured risk identification workshops involving key stakeholders.

Key Outputs

1. Risk Register (Primary Output)

A living document capturing identified risks.

Typical Contents:

• Risk ID

• Description (cause → event → impact)

• Risk category

• Potential responses (initial)

• Risk owner (optional at this stage)
  
  

2. Risk Report

Provides a high-level view of overall project risk, including:

• Summary of major risks

• Trends and patterns

• Urgent risks requiring immediate attention

3. Project Document Updates

• Assumptions log

• Lessons learned register

• Issue log