Project Management

Project Risk Management Roles: Who Does What

From the The Money Files Blog
by
A blog that looks at all aspects of project and program finances from budgets, estimating and accounting to getting a pay rise and managing contracts. Written by Elizabeth Harrin from RebelsGuideToPM.com.
accounting | agile | ai | audit | benefits | Benefits Management | books | budget | business case | carnival | case study | checklist | collaboration tools | communication | competition | complex projects | consultancy | contingency | contracts | corporate finance | cost | cost management | credit crunch | data | data security | debate | delegating | earned value | events | FAQ | financial management | financial management | forecasting | future | general | Goals | green | interviews | it | measuring performance | Mentoring | methods | metrics | multiple projects | negotiating | news | organization | outsourcing | pmi | PMO | portfolio management | presentations | privacy policy | process | procurement | productivity | project closure | project data | project delivery | Project Success | project testing | prototyping | qualifications | quality | Quarterly Review | records | recruitment | reports | requirements | research | resilience | resources | risk | ROI | salaries | scope | security | small projects | social media | software | software | stakeholders | success factors | supplier management | team | timesheets | tips | training | transparency | trends | value management | vendors | video | virtual teams | workflow | show all posts

About this Blog

RSS

Recent Posts

How to learn AI the sensible way

Making sense of project cost reports

How real PM mentoring actually works

The Accidental Product Manager: What project managers need to know

How healthy are your project finances?

Categories

accounting, agile, ai, appraisals, Artificial Intelligence, audit, Backlog, Benchmarking, benefits, Benefits Management, Benefits Realization, Bias, books, budget, Business Case, business case, business case, Career Development, Career Development, carnival, case study, Change Management, checklist, collaboration tools, communication, Communications Management, competition, complex projects, Conferences, config management, consultancy, contingency, contracts, corporate finance, corporate finance, cost, Cost Management, cost management, credit crunch, CRM, data, data security, debate, Decision Making, delegating, digite, earned value, Education, Energy and Utilities, Estimating, events, FAQ, financial management, financial management, forecasting, future, GDPR, general, Goals, Governance, green, Information Technology, Innovation, insurance, interviews, it, Knowledge Management, Leadership, Lessons Learned, measuring performance, Mentoring, merger, methods, metrics, multiple projects, negotiating, Networking, news, Olympics, organization, Organizational Culture, outsourcing, personal finance, Planning, pmi, PMO, PMO, Portfolio Management, portfolio management, presentations, privacy policy, process, procurement, product management, productivity, Program Management, project closure, project data, project delivery, Project Success, project testing, prototyping, qualifications, Quality, quality, Quarterly Review, records, recruitment, reports, requirements, research, resilience, Resource Management, resources, risk, Risk Management, ROI, salaries, Schedule Management, Scheduling, scope, Scope Management, security, small projects, Social Impact, social impact, social media, software, software, software, Stakeholder Management, stakeholders, Strategy, success factors, supplier management, team, Teams, testing, testing, timesheets, tips, training, transparency, trends, value management, vendors, video, virtual teams, workflow

Date

linkedin twitter facebook Request to reuse this  

Categories: risk


Project risk management is a team effort. As the project manager it might feel like you are taking the lead role, but overall it shouldn’t be a one-person job. You need to work together to identify the risks on your project and do something about them.

You can’t work as a team if you don’t have a team. So, you should identify your risk management team as early as practical in the project. That’s what textbooks would recommend, but in my experience you don’t always know who is going to be the right person to be the risk owner for a particular risk until it makes it on to the risk log – then you need that person on your team.

However, there are some common roles you will definitely need involved in risk management. Identifying who is going to fill those roles will save you time later. When a risk is uncovered, you don’t want to be waiting around trying to work out who is going to look at it. You want to know, broadly, who is going to help you deal with it.

Let’s look then at who does what in risk management on a project. These are the people you need to inform about the risk management processes and get them lined up to act when something is brought to your attention.

Project manager

You might think this is obvious – many of you reading this will be project managers. But if you are an IT workstream lead or a Scrum Master, or Product Owner, then maybe you will be working alongside the project manager.

The role of the project manager is to create the risk management plan. The risk management strategy is likely to be set by the Project Management Office, but you might need one specifically for your project. It is more likely that you’ll take the risk management policies for the business and the PMO and make them actionable and meaningful for your project.

Another role for the project manager is to update the risk log. Unless you have a dedicated risk manager working alongside you, that job falls to the PM.

Finally, the project manager should take a role in the governance of risk. That involves ensuring risk management actually happens and that people take the process seriously. They should know what the process is and follow it. You can check that there is enough attention being paid to risk overall and provide oversight. For example, make sure you have risk management as a standing item on your project board agenda.

Project sponsor

Second, we have the role of the project sponsor. They may not take a hands on role in doing mitigation actions (although they might, depending on what is required). However, they are going to be a huge influence on how risk is managed.

The sponsor will set the risk appetite for the project. That means they are accountable for the risk profile of the project (making sure it isn’t riskier than they would like) and ensuring it fits within the risk appetite for the business overall. 

The sponsor also acts as the escalation point for the team. They are able to resolve risks that the project manager and team can’t. And if it needs to go even higher, the sponsor is the person to do that.

Suppliers

Next we have suppliers. This is shaping up to look like a list of people who are involved in your core project team and project board, and that is not a coincidence!

Suppliers and the work they do also carries risk. They have responsibilities around risk management, namely making sure that they flag anything important to the project manager. They may maintain their own project risk log, but they should also be passing up significant risks to the project manager.

If a supplier tells you that their work is creating no project risk and there’s nothing for you to be notified of, be very suspicious! That to me would sound like someone who doesn’t know what risk management is or what they should be doing.

Many risks relating to your supply chain are going to carry a financial risk. For example, if the supplier can’t source the correct parts for your machine, then you’ll have to get them elsewhere at a higher cost. Make sure you factor in risk management plans for supplier risks because they could leave you significantly out of pocket.

Project team

Your core project team are essential people to work with you on risk management. You’ll involve them in risk identification at the beginning of the project and throughout. You’ll rely on their expertise to put together risk management plans and own the actions. You’ll need them to help you spot new risks or to deal with risks that become issues.

The day to day risk management activities are going to be carried out by the team.

Project Management Office (PMO)

Before you get too far into a project at a new place, talk to the PMO. What they expect you to do for risk management is going to follow the normal pattern: identify risks, manage them, report the big ones, but there might be specific processes or templates they expect you to use.

You might also be subject to internal audit or project assurance. The PMO may get involved in this and it would be natural to expect them to see your risk logs as part of any review.

The PMO’s role isn’t all about governance and holding you to account. You may also be able to draw on them for support. Sometimes project coordinators sit within the PMO and can be ‘loaned out’ to project managers for project admin or support tasks. This could include coming to risk meetings to take notes, updating the risk log, chasing team members for updates and things like that.

In Summary…

Think about who you are going to need for risk management on your project, just like you think about what resources you need for every other area of your project. Identify the types of people who will need to know about the process. And then involve them early.

Let them know what you expect of them and what the process is going to be. The earlier you do this on the project, the easier you will find the later stages of risk management because everyone will know what the whole thing is about.

Pin for later reading:


Posted on: October 29, 2018 08:59 AM | Permalink

Comments (15)
Please login or join to subscribe to this item
avatar
Rami Kaibni
Community Champion
Senior Projects Manager | Field & Marten Associates New Westminster, British Columbia, Canada
Good Post Elizabeth. In reality, you need all your stakeholders more or less for your Risk Management efforts or at least in Risk Identification.

avatar
Anish Abraham Privacy Program Manager| University of Washington Auburn, Wa, United States
Good article, Elizabeth and thanks for sharing.

avatar
Aziz Azzam PM| Moby Media Group, FZ LLC Doha, Qatar
Thanks for sharing the great article. In fact, you would have to involve all the relevant stakeholders and is a continuous efforts.

avatar
Pench Batta Enterprise Lean Agile DevOps Coach /SAFe Program Consultant (SPC6)| Capgemini, Inc. Bentonville, Ar, United States
Elizabeth, excellent article on Risk management and responsible personnel. Thanks for sharing!

avatar
Sante Delle-Vergini, PhD Senior Project Manager| Infosys Melbourne, Victoria, Australia
"The sponsor will set the risk appetite for the project. That means they are accountable for the risk profile of the project." So true. Thanks Elizabeth.

avatar
RAJESH K L Project Manager, PMP| Bharat Electronics, Bengaluru, India Bengaluru, Karnataka, India
Thanks for sharing

avatar
Tamer Zeyad Sadiq Assistant Cost Manager| Turner & Townsend Riyadh, Ar Riyad, Saudi Arabia
Very good topic about the roles and responsibilities of stakeholders to manage risk management!!!!

avatar
Alice La Valle Italy
Thank you Elizabeth. Very good article and very good topic

avatar
Eduin Fernando Valdes Alvarado Project Manager| F y F Fabricamos Futuro Villavicencio, Meta, Colombia
Very interesting, thanks for sharing

avatar
Eduin Fernando Valdes Alvarado Project Manager| F y F Fabricamos Futuro Villavicencio, Meta, Colombia
Very interesting, thanks for sharing

avatar
ABDULRAHMAN KHEDR Construction Supervision Project Manager.| Saudi Consolidated Engineering Company ( Khatib and Alami) Mecca, Taif, Al Hawiyah, Addahhas, Saudi Arabia
Good article, Elizabeth and thanks for sharing.

avatar
Michael Delaney Partner| Delaney Management LLC West Chester, Pa, United States
You described the roles very well

avatar
Octavio Bustamante Manager for Supply Chain| Pfizer EscazĂș, San Jose, Costa Rica
Thanks for sharing this information!

avatar
Jay Goldberg Management Consultant| SPA Inc Bethesda, Md, United States
Very good article, Elizabeth. Risk management sometimes gets "lost" if it isn't kept active and people aren't involved. I agree that you need someone from every aspect of the project, and representing all stakeholders. Ideally, everyone involved with the project should be aware of the risk register and know that their input is welcome.

avatar
William Washinski II Product Owner| Cigna Tampa, Fl, United States
Scrum Master and Product Owner will be working alongside the project manager - makes a lot of sense.

Please Login/Register to leave a comment.

ADVERTISEMENTS

I did this thing on the Ottoman Empire. Like, what was this? A whole empire based on putting your feet up?

- Jerry Seinfeld

ADVERTISEMENT

Sponsors







Vendor Events

See all Vendor Events

Newsletters

Jun 3: The Career Problem Facing New PMs
May 20: Your PM Career as a Project Life Cycle
May 13: The Big Lie After Layoffs

See all newsletters