Risk Management Process


Risk is a measure of future uncertainties in achieving program performance goals, requirements, and objectives within defined cost, schedule, and performance constraints. Risk can be associated with all aspects of a program (e.g., threat, System Safety, technology maturity, supplier capability, design maturation, performance against plan) as these aspects relate across the Work Breakdown Structure (WBS), Integrated Master Schedule (IMS) and Integrated Master Plan (IMP). Risk addresses the potential variation in the planned approach and its expected outcome. [1]


Risks have three (3) components:

  1. A future root cause (yet to happen), which, if eliminated or corrected, would prevent a potential consequence from occurring,
  2. A probability (or likelihood) assessed at the present time of that future root cause occurring, and
  3. The consequence (or effect) of that future occurrence.

Risk Management
Risk management is a continuous process that is accomplished throughout the life cycle of a system and should begin at the earliest stages of program planning. It is an organized methodology for continuously identifying and measuring the unknowns; developing mitigation options; selecting, planning, and implementing appropriate risk mitigations; and tracking the implementation to ensure successful risk reduction. Effective risk management depends on risk management planning; early identification and analyses of risks; early implementation of corrective actions; continuous monitoring and reassessment; and communication, documentation, and coordination. It’s most effective if it is fully integrated with the program’s Systems Engineering, Program Management, and Test & Evaluation processes.


The risk management process includes the following continuous key activities as shown above:

System Safety
System Safety is the application of engineering and management principles, criteria, and techniques to achieve acceptable risk within the constraints of operational effectiveness and suitability, schedule, and cost throughout the system’s lifecycle. System safety covers the entire spectrum of environment, safety, and occupational health (ESOH) considerations. It is an integral part of the Systems Engineering (SE) process and specific activities are required throughout the different phases of the acquisition lifecycle. [2]


As a Program Manager (PM), systems engineer, risk manager, or safety manager there are many areas of risk and safety management that need to be understood in order to successfully execute a program. A few of these areas include:



AcqLinks and References:

Updated: 8/14/2018

Print Friendly, PDF & Email