Monitor and Control Risks Process

Posted on June 30, 2009 by


The Monitor and Control Risk process is one of the 42 project management processes described in the fourth edition PMBOK®. It’s one of the six Risk knowledge area processes, and one of the ten Monitoring and Controlling processes. The primary purpose of this process is to implement risk plans, watch already identified risks and residual risks while watching for new risks, and evaluate risk process effectiveness. The Risk Register is where the list of identified risks and information about then can be found. How risks are to be handled can be found in the Risk Management Plan, which is part of the Project Management Plan.

Monitoring the status and effects of risks, as well as the potential for new risks can be done through obtaining Work Performance Information and Performance Reports. Variance and Trend Analysis and Technical Performance Measurement are tools that examine actual project performance and therefore provide current information on project risk.

Because the status of risks change throughout the project and new risks arise, Risk Reassessments should be scheduled during the project. And to determine whether risk responses are effective, Risk Audits should be performed. Comparing the amount of contingency reserves to the amount of remaining risk is called Reserve Analysis. Throughout the project, Status Meetings should include updates and discussion on project risk.

The outputs of this process include updates to the Risk Register when changes occur as well as the results of risk audits and reassessments. If a change is needed in response to more information about risks or new risks, Change Requests may be made. Also, updates may be made to the Organizational Process Assets, Project Management Plan, and Project Documents. Also see the earlier postings of Risk Register (posted March 27, 2009) and Variance Analysis (posted June 29, 2009).