Project Risk Assessment
(Individual project)
Project Risk Assessment Fall 2021 Page 1 of 6
Overview
What do you think of when you hear the word “Risk” – walking across a busy street, not using sunblock,
drinking while driving, casino gambling? Certainly, because they all involve the possibility of loss (of one
sort or another). Do you ever think of project management and risk? You should! Projects by their very
nature are risky. According to a study of more than 10,000 projects, only 2.5% of companies completed
100% of their projects successfully (Andriole, 2020). The good news is that risks can be managed – wait
for the crossing light, use SPF-100, call Uber, avoid Las Vegas. With projects, it works a bit differently.
According to PMI, risk is any uncertainty that, if it occurs, would have an effect on at least one project
objective. That is a neat and tidy definition, but what about the management part? Again, there is good
news – project managers can minimize, or eliminate risks on their projects. A research study of projects
in businesses from various industries concluded the use of risk management leads to significantly more
projects meeting their objectives (Hillson & Simon, 2020).
In reality, there is no “one size fits all” approach to risk management. Project complexity and size are
important considerations in choosing the right risk management approach. A multi-year project using
innovative technology would not use the same risk management methods as a project lasting a few
months to install a conventional IT system in a small business. Look through textbooks on Risk
Management and you will invariably see detailed and robust risk planning processes such as:
Stakeholder analysis, Proprietary risk tool, RACI chart, Risk interviews, Quantitative risk analysis, Risk
breakdown structure, Contingencies, and so on.
These processes are very appropriate for long-term, costly, and complex projects. The Class Project,
however, is none of those. While every project should use risk management, not every project needs to
use the same risk management processes. We will employ a risk management approach scaled to the
short-term, low-cost, straightforward Class Project.
There are two parts to this assignment.
Part 1 – Risk Register in Excel
This part of the assignment deals with risk identification. As such, you should start coming up with a list
of what might go wrong during Mamma Mia’s project. You will perform a qualitative risk assessment.
Using estimates of probability and impact for each risk, you will filter the risks so that the top risks are
singled out for action.
Figure 1: A matrix for assessing risk priority
Project Risk Assessment
(Individual project)
Project Risk Assessment Fall 2021 Page 2 of 6
This assignment does not include quantitative analysis, a numerical analysis of the effect of risks on
project objectives. This is a costly technique, and therefore only used on large or high-risk projects.
Risk Metalanguage
Without using a structured approach risk definition, you could very well identify things that are not risks
– like misgivings, issues, or concerns. In this assignment, you will build risk descriptions using risk
metalanguage. This technique employs a particular sentence structure with three parts – “Due to cause,
risk may occur, leading to effect.” The three elements of a risk description are:
1. Cause (a definite fact)
2. Risk (an uncertain event or set of circumstances)
3. Effect (a direct impact on a project objective)
(Hillson & Simon, 2020)
Example of a risk metalanguage statement: “Due to hardware shipping delays, the network installation
may not start as planned, leading to schedule delays and added costs to the project.”
As you finish each risk description, record it in the risk register.
Risk Responses
You will choose a response strategy (avoid, mitigate, transfer, accept) for each item in your risk register.
Note that the level of response you choose should correspond to the risk priority. For example, the most
aggressive response strategies (avoid/mitigate) should be applied only to the highest priority risks, and
only the lowest priority risks should be accepted (Hillson, 2009). Likewise, you only need to enter a
response plan for the high-priority risks. Table 1 provides more details on risk responses.
Table 1: Risk Responses (Rowe, 2020)
Project Risk Assessment
(Individual project)
Project Risk Assessment Fall 2021 Page 3 of 6
Risk Register
Managing your risk information can be challenging unless you have a way to organize it. This is why a
risk register is used for recording risks as they are identified. Each risk is captured with the same
information, even though the specific content differs from one risk to another. Use the “Risk
Register.xlsx” file to record your risks, filling in all 10 rows:
Risk Id: The risk identification number makes it easy to search the risk register.
Risk Name: This should be brief, 3 words or less, so that it fits well on the Risk Matrix.
Risk Description: A risk metalanguage statement describing cause, risk, and effect.
Impact: (effect on the project’s cost, quality, or time)
1 = Very Low, 2 = Low, 3 = Medium, 4 = High, 5 = Very High.
Probability: (of occurrence)
1 = > 0% to < 20%*
2 = 20% to < 40%
3 = 40% to < 60%
4 = 60% to < 80%
5 = 80% to < 100%**
* If the probability is 0%, it is not a risk
** If the probability is 100%, it is no longer a risk because it is an actual problem.
Score: Impact * Probability
Response Strategy: Avoid, Transfer, Mitigate, Accept.
Response Plan: For high priority (red) risks only, add a brief description of how to implement the
Response Strategy.
IMPORTANT: The submission file should be named as “LastnameFirstname” “Deliverable for”
“Assignment Name”, such as – MylastnameMyfirstname Risk Register for Project Risk Assessment.docx
Part 2 – Answers to Questions in Microsoft Word
When the risk register is completed, answer the following questions, and submit them as a Microsoft
Word document. Some of these questions will require you to do external research. “Yes” or “No”
answers with no explanations or discussions are not appropriate answers.
1. Compare and contrast qualitative risk assessment versus quantitative risk assessment.
2. Which risk(s) would be the most threatening to the success of your project, and why?
3. If your project could only tolerate a 5-day delay, which risk response plan(s) would be implemented?
Remember that risk responses will affect cost, schedule and/or scope – so discuss what can you
afford to do.
4. What would be the most expensive risk response plan? Explain in terms of time or schedule.
5. What benefit is gained from regularly updating a risk register?
6. Describe a probability impact matrix and the purpose it serves.
IMPORTANT: The submission file should be named as “LastnameFirstname” “Deliverable for”
“Assignment Name”, such as – MylastnameMyfirstname Questions for Project Risk Assessment.docx
Project Risk Assessment
(Individual project)
Project Risk Assessment Fall 2021 Page 4 of 6
Formatting Your Questions Document
• Create an APA format title page that includes: The title of report (Questions for Project Risk
Assessment), your name, Course and Section number and date (use assignment due date); do
not include graphics or themes.
• No running header required for this document.
• The body of the paper should be double spaced (or 1.5″), not to exceed 5 pages.
• Answers should be formatted as normal sentences (no numbering, not a run-on sentence as
part of the question, no indenting).
• Use 1″ margins on all sides.
• Font should be 11-point Calibri, 11-point Arial, 10-point Lucida Sans Unicode, 12-point Times
New Roman, 11-point Georgia, or 10-point Computer Modern.
• Font should remain consistent throughout the paper, i.e., not changing from one font to
another.
• Use at least one external reference and one from the course content (from the class reading
content, not the assignment instructions or case study itself) with APA formatted citation and
reference. For information on general APA format and specifics related to citing from the class
content, refer to Content → Course Resources → Writing Resources. Resources must not use
Wikipedia, general information sites, blogs, or discussion groups.
• The list of References must be its own page at the end of the document and it must be in APA
format, i.e., double spaced, .5″ hanging indent. No more than 10% of the paper may be in the
form of a direct citation from an external source. All in-text citations must appear in the
References list and all entries in the References list must be used as in-text citations.
• Run Microsoft Word’s grammar/spell checker; there should be no errors in grammar, verb
tenses, pronouns, spelling, punctuation, first person usage, or contractions.
• Submit your paper as a Word document, or a document that can be read in Word.
Project Risk Assessment
(Individual project)
Project Risk Assessment Fall 2021 Page 5 of 6
Grading Rubric
Criteria
90-100%
Far Above Standards
80-89%
Above Standards
70-79%
Meets Standards
60-69%
Below Standards
< 60%
Well Below Standards
Possible
Points
Risk Register
Needed for filtering risks so
that the high priority risks are
singled out for action.
32-35 Points
Risk register has 10 entries,
all risk descriptions use
metalanguage. Every risk
has impact, probability, and
response strategy. Only lowpriority risks use “Accept”
strategy. All high-priority
risks have a response plan.
28-31 Points
Risk register has 8-9 entries,
most risk descriptions use
metalanguage. Most risks
have impact, probability, and
response strategy. Most
high-priority risks have a
response plan.
25-27 Points
Risk register has 5-7 entries,
many risk descriptions use
metalanguage. Many risks
have impact, probability, and
response strategy. “Accept”
strategy used for medium to
high-priority risks. Some
high-priority risks have a
response plan.
21-24 Points
Risk register has 2-4 entries,
few risk descriptions use
metalanguage. Many risks
missing impact, probability,
and response strategy. Few
high-priority risks have a
response plan.
0-20 Points
Risk register has fewer than
2 entries, metalanguage not
used in risk descriptions.
Impact, probability, and
response strategy are mostly
missing.
35
Questions
Answers appropriately
explain concepts (not
yes/no).
27-30 Points
All questions answered with
appropriate explanations.
24-26 Points
1-2 questions not answered
or do not use appropriate
explanations.
21-23 Points
3-4 questions not answered
or do not use appropriate
explanations.
18-20 Points
5-6 questions not answered
or do not use appropriate
explanations.
0-17 Points
Questions not answered or
do not use appropriate
explanations.
30
Research
Use at least 2 references
from academically credible
sources with APA formatted
citation (in-text).
18-20 Points
Required references are
incorporated, used
effectively, and cited using
APA style. References used
are relevant and timely and
contribute strongly to the
analysis.
16-17 Points
Required references are
relevant, and somewhat
support the analysis.
References are appropriately
incorporated and cited using
APA style.
14-15 Points
Only one reference is used
and properly incorporated,
and/or reference(s) lack
correct APA style.
12-13 Points
A reference may be used, but
is not properly incorporated
or used, and/or is not
effective or appropriate,
and/or does not follow APA
style for references and
citations.
0-11 Points
No course content or
external research
incorporated, or reference
listed is not cited within the
text.
20
Format
Uses format provided.
Includes Title Page and
References Page.
14-15 Points
Well organized and easy to
read. Very few or no errors in
sentence structure,
grammar, and spelling.
Double-spaced, written in
third person, and presented
in a professional format.
12-13 Points
Effective organization. has
few errors in sentence
structure, grammar, and
spelling. Double-spaced,
written in third person, and
presented in a professional
format.
11 Points
Some organization. may
have some errors in
sentence structure,
grammar, and spelling.
Double spaced, and written
in third person.
9-10 Points
Not well organized, and/or
contains several errors in
grammar and/or spelling,
and/or is not double-spaced
and written in third person.
0-8 Points
Extremely poorly written, has
many errors in grammar
and/or spelling, or does not
convey the information
required.
15
Project Risk Assessment
(Individual project)
Project Risk Assessment Fall 2021 Page 6 of 6
References
Andriole, S. (2020, December 1). Why No One Can Manage Projects, Especially Technology Projects.
Retrieved 2021, from Forbes: https://www.forbes.com/sites/steveandriole/2020/12/01/whyno-one-can-manage-projects-especially-technology-projects/?sh=265772922da2
Bissonette, M. (2016). Project Risk Management: A Practical Implementation Approach. Newtown
Square, Pennsylvania, U.S.A.: Project Management Institute. Retrieved from UMGC E-Book
Collection at https://sites.umgc.edu/library/index.cfm#ebooks
Dobson, M. S., & Dobson, D. S. (2012). Project Risk and Cost Analysis. U.S.A.: Amacom. Retrieved from
UMGC E-Book Collection at https://sites.umgc.edu/library/index.cfm#ebooks
Hillson, D. (2009). Managing Risk in Projects. Burlington, VT, U.S.A.: Gower Publishing Company.
Retrieved from UMGC E-Book Collection at https://sites.umgc.edu/library/index.cfm#ebooks
Hillson, D., & Simon, P. (2020). Practical Project Risk Management. (3rd). Oakland, CA, U.S.A.: BerrettKoehler Publishers, Inc. Retrieved from UMGC E-Book Collection at
https://sites.umgc.edu/library/index.cfm#ebooks
Rowe, S. (2020). Project Management for Small Projects. (Third). Oakland, CA, United States: BerrettKoehler Publishers, Inc. Retrieved from UMGC E-Book Collection at
https://sites.umgc.edu/library/index.cfm#ebooks
