Within project management, risk management refers to activities for minimizing project risks, and thereby ensuring that a project is completed within time and budget, as well as fulfilling its goals.
Risk management activities are applied to project management. Project risk is defined by the Project Management Institute (PMI) as, "an uncertain event or condition that, if it occurs, has a positive or negative effect on a project’s objectives."[1]
Within disciplines such as operational risk, financial risk and underwriting risk management, the concepts of risk, risk management and individual risks are nearly interchangeable; being either personnel or monetary impacts respectively. However, impacts in project risk management are more diverse, overlapping monetary, schedule, capability, quality and engineering disciplines. For this reason it is necessary in project risk management to specify the differences (paraphrased from the U.S. "Department of Defense Risk, Issue, and Opportunity Management Guide for Defense Acquisition Programs"):
An improvement on the PMI's PMBOK definition of risk management is to add a future date to the definition of a risk.[2] Mathematically, this is expressed as a probability multiplied by an impact, with the inclusion of a future impact date and critical dates. This addition of future dates allows predictive approaches.[citation needed]
Good project risk management depends on supporting organizational factors, having clear roles and responsibilities, and technical analysis.
Chronologically, project risk management may begin in recognizing a threat, or by examining an opportunity. For example, these may be competitor developments or novel products. Due to lack of definition, this is frequently performed qualitatively, or semi-quantitatively, using product or averaging models. This approach is used to prioritize possible solutions, where necessary.
In some instances it is possible to begin an analysis of alternatives, generating cost and development estimates for potential solutions.
Once an approach is selected, more familiar risk management tools and a general project risk management process may be used for the new projects:
Finally, risks must be integrated to provide a complete picture, so projects should be integrated into enterprise wide risk management, to seize opportunities related to the achievement of their objectives.
In order to make project management effective, the managers use risk management tools. It is necessary to assume the measures referring to the same risk of the project and accomplishing its objectives.[clarification needed][citation needed]
The project risk management (PRM) system should be based on the competences of the employees willing to use them to achieve the project’s goal. The system should track down all the processes and their exposure which occur in the project, as well as the circumstances that generate risk and determine their effects. Nowadays, the big data analysis appears an emerging method to create knowledge from the data being generated by different sources in production processes. According to Górecki, big data seems to be the adequate tool for project risk management .[citation needed]