8

How many risks do you manage actively out of your Risk Registry? And how many residual risks do you have there?

yegor256
  • 7,050
  • 4
  • 29
  • 50

1 Answers1

6

The answer is "it depends." It depends on your project size and the inherent "riskyness" of the project.

I primarily apply risk management on small-scale software projects. On these, I try to have at least 10-20 risks in total (including risks like "top person X gets hit by a truck"). Out of these, I work to make sure only a handful require active monitoring -- no more than five or six. Some additional risks may require residual monitoring.

If you brainstorm risks properly, you should be able to identify more than a hundred or two -- even on small projects. Keeping track of the top few, while delegating or ignoring the rest, is the only real way to manage.

If you really do have a lot of risks on your "hot list," you can always delegate so that the team shares the burden of monitoring for risks.

ashes999
  • 5,318
  • 28
  • 43
  • +1: 5 to 7 is usually a good number on the "hit parade"; there will usually be many more risks than these. For consistency across multiple projects you might want a "top 5" or a "top 10" (for larger projects). – Peter K. May 21 '11 at 15:53
  • Risk on we work are above the threshold which you have to define, you can't create risk management plan for each risk. ashes999 is absoultely right, you have to create a baseline under which risk will come under "Watch List". – Chris Jun 27 '11 at 12:01