Confusion over Risks and Issues

Share on linkedin
Share on facebook
Share on twitter
Share on pinterest
Confusion over risks and Issues

Most experienced project managers, when asked, will give a definition that clearly outlines risks as potential problems. These possible problems may be realised if not managed effectively. Their would see issues as current problems that are currently having an impact that need to be resolved.  However, our experience of looking at RAID logs and talking to project teams suggests otherwise. The management of the difference between risks and issues becomes a grey area in practice. Why is it that there is a confusion over risks and issues.


Common Position on Risk Management

Not all, in fact most, projects fail to effectively manage risks. The default position is to record risks but not to actively manage them.  Even projects that have well established governance practices and are actively managing risks can fail. Falling into a state of confusion over correctly documenting and managing both risks and issues.  For example, there are circumstances where issues may also have further risk and more significant impact at some future point.


Control and understanding

It is vital, in managing projects to a successful conclusion, that risks and issues are identified early. This forms a basis to effectively analyse and control them during project execution. In the case of risks the following governance should be in place:

  • A concise definition of all of the risks to the successful delivery of the project. Good practice is to hold these in a risk log which is accessible by all members of the project team.
  • Analysis of the impact if it were to mature and probability of risk being an issue
  • Clear definition of the mitigation used to minimise or completely negate the risk
  • Documentation of an action log with risk mitigation. Along with an action owner and dates for actions to be completed
  • Appropriate and agreed risk ownership (mitigation actions may or may not be appropriate to be undertaken by overall risk owner)
  • Ongoing and regular reviews of the risks analysing progress and any new scoring of risk level
  • Escalation of high level risks or movement into the issues log if the risk has actually matured.