Risk management is the process of identifying and controlling potential losses. It is a standard business practice that is applied to investments, programs, projects, operations and commercial agreements. The following are common steps in a risk management process.
Giving all stakeholders an opportunity to identify risk. This can increase acceptance of a program or project as everyone is given a chance to document all the things that might go wrong. The diverse perspectives of stakeholders helps to develop a comprehensive list of risks. It is also possible to use databases of issues with that occurred with similar business processes, programs or projects in your industry. Knowledge sources such as lessons learned and the risk registers of historical projects can also be used.
Assessing the probability and impact of each risk. These can be single estimates such as high, medium and low. Alternatively, they can be a probability distribution that model multiple costs and associated probabilities for each risk.