Pre and post mitigation score

Risk Management

Anis Chamaa Beirut, Lebanon

when a risk event is closed as mitigated, do you adjust the pre-mitigation score to reflect low score, or you only decrease the post treatment score without changing the pre-mitigation score?

Posted: Oct 8, 2025 3:15 AM

Sort By:

Luis Branco CEO| Business Insight, Consultores de Gestão, Ldª Carcavelos, Lisboa, Portugal

Anis Chamaa
This is a great question and one that often reveals how mature a project’s risk management process really is.

According to PMI’s Standard for Risk Management in Portfolios, Programs, and Projects (PMI, 2019), the pre-mitigation score should remain unchanged, as it represents the inherent risk, the level of exposure before any response actions are implemented.
It forms part of the project’s historical record and enables you to demonstrate the actual effectiveness of your risk treatment.

When a risk is mitigated or closed, only the post-mitigation (or residual) score should be adjusted, as it reflects the remaining exposure after the mitigation actions have taken effect.
The variance between the two scores tells the story of your mitigation success.

Changing the pre-mitigation score would distort the baseline and weaken lessons learned, audits, or trend analyses.

In short:
Pre-mitigation = Inherent Risk (baseline)
Post-mitigation = Residual Risk (after response actions)

Keep both visible for transparency, traceability, and maturity evidence.

Curious to hear how other practitioners track these values in their risk registers do you also keep both fields for audit trail and lessons learned?

Posted: Oct 8, 2025 4:32 AM (Updated by author: Oct 8, 2025 4:33 AM)

Sandeep Kashyap CEO| ProofHub India

The pre-mitigation score usually stays the same. It shows the original level of risk before you took any action.

Once the risk is mitigated, you only update the post-mitigation score to reflect the lower risk level. This helps you keep a clear record of what the risk was before and how much it improved after.

This way, you can look back and see which actions actually worked.

Posted: Oct 8, 2025 8:56 AM

Rami Kaibni

Community Champion

Senior Projects Manager | Field & Marten Associates New Westminster, British Columbia, Canada

Anis, when a risk is mitigated, you do not adjust the pre-mitigation score and it should remain unchanged, as it reflects the original, inherent level of risk before any controls or mitigation strategies were applied. Instead, you reduce the post-treatment (residual) score to reflect the effectiveness of your mitigation actions.

Even after a mitigation plan is implemented, it's important not to close the risk immediately. The risk should remain open and be monitored over time to assess the impact and success of the mitigation. This is because mitigation efforts can sometimes lead to secondary risks or reveal other related issues. Once you're confident the risk is fully under control and no further actions or impacts are expected, only then should it be considered for closure.

Posted: Oct 8, 2025 10:52 AM

Mahi - Mahesh Gundu Sr. Project Manager| Oracle Hyderbad, Telangana, India

The pre-mitigation score will remain unchanged. The variance between the pre- and post-mitigation scores determines how the risk is assessed and the subsequent actions have be taken.

Posted: Oct 8, 2025 12:52 PM

Lissette Indhira Pimentel Sosa

Community Champion

Program Manager| HARPER SRL Santo Domingo / Distrito Nacional, Dominican Republic

Excellent question, Anis. In best practice, the pre-mitigation score should remain unchanged, as it reflects the inherent risk before any action is taken. The post-mitigation (or residual) score is what you adjust to capture the reduced likelihood or impact after controls are applied. Keeping both allows you to demonstrate risk reduction over time and measure the true effectiveness of your mitigation strategies.

Posted: Oct 9, 2025 6:39 PM

Please login or join to reply

Pre and post mitigation score

Sponsors

Newsletters