Project Management Central

Please login or join to subscribe to this thread

Topics: IT Project Management, Risk Management
To manage risks in IT projects, what standard or methodology would you use?

I was working on a hybrid model to manage risks, based on good practices such as ISO 31000, PMBOK, APM, COSO ERM, this to determine the strengths of each one, I would like to know your opinions and experiences
Sort By:

Risk register
Risk probability and impact assessment
These are more relevant to risk assessment and tracking during project life cycle.

If you are working on IT project then my recommendation is following the CMU SEI approach. With that said, when you see the approach, not only the CMU SEI approch but the approaches you will stated above, you will find that are all close similar in the basement.


ISO 31000, PMBOK, APM and PRINCE2 are simila. COSO is oriented on financial risk so is ERM.

All suggest you identify, qualify, quantify and respond.

For CMU SEI (Carnegie-Mellon University/Software Engineering Institute) I understand it is a proprietary method, might be specially adapted to IT

Yes. i agree with Sergio. CMU SEI is the good option.

Hello friends,
Do you know any methodology for assessing the level of maturity in corporate risk management?

Please login or join to reply

Content ID:

"If you think you've hit a false note, sing loud. When in doubt, sing loud."

- Robert Merrill



Vendor Events

See all Vendor Events