Project Management

Please login or join to subscribe to this thread

What information should be available to the project risk manager?

linkedin twitter facebook   Business Intelligence   Communications Management   Risk Management   Strategy  
avatar
Vincent Guerard Coach - Trainer - Speaker - Advisor| Freelance Mont-Royal, Quebec, Canada
In a large project the PM may choose to delegate risk management to a team member.

What information should be accessible to the Risk Manager? Should the RM have full access? Are there information that should be off limit?
Sort By:
< 1 2 >
avatar
Rami Kaibni
Community Champion
Senior Projects Manager | Field & Marten Associates New Westminster, British Columbia, Canada
For Risk Management purposes and analysis, RM manager should have access to all information (Open Book) because every single thing matters.
...
1 reply by Vincent Guerard
Dec 11, 2016 9:44 PM
Vincent Guerard
...
Thanks for your input
avatar
Markus Kopko AI Enabler for Project & Program Mgmt | Founder PMotion.ai / The PM AI Coach| PMotion.ai Hamburg, Hamburg, Germany
I am with Rami here, the risk manager should be a person the project manager has unlimited trust to, since the risk manager need to know everything related to the project.
Especially the confidential information can often be source for project risk; let's take the stakeholder register where often a lot of sensible information could be stored but where also often some risk sources can be included.
The risk manager belongs to the inner projectmanagement team and therefore should have access to all project information.
...
1 reply by Vincent Guerard
Dec 11, 2016 9:47 PM
Vincent Guerard
...
Thanks Markus
That is also my view
avatar
Sergio Luis Conte Helping to create solutions for everyone| Worldwide based Organizations Buenos Aires, Argentina
Besides the great comments from Rami and Markus, let me say something I have found lot of times. The first thing that is critical is the role definition for your project. To define the role you can take some of the ISO standards for example. But my recommendation is to take into account the organizational definition of the role if any. It is amazing but you can find hugh differences between the organizations. Once you have the role defined then you can define all related to it.
...
1 reply by Vincent Guerard
Dec 11, 2016 9:50 PM
Vincent Guerard
...
Thanks Sergio
When you say ISO your talking about 9000 or 31000?
Difference between organisations but why? some are public other private? Would that make there need in risk management different?
avatar
Sungjoon Park Coral Springs, Fl, United States
This is a great question and I generally agree with Rami and Markus regarding "Open Book" quote. But it might not be a matter of transparency or share of all information available. It may be a matter of confidentiality and sensitiveness of specific information from the organization's perspective. In general, a risk manager is one of key project management team members if assigned to the project full time but it doesn't mean he or she has authority to access all confidential information beyond his or her role and responsibility. And I fully agree with Sergio in this sense.
...
1 reply by Vincent Guerard
Dec 11, 2016 9:52 PM
Vincent Guerard
...
Thanks Sungjoon.
When you say beyond the role and responsibility, do you mean that some risk are not to be manage?
avatar
Vincent Guerard Coach - Trainer - Speaker - Advisor| Freelance Mont-Royal, Quebec, Canada
Dec 11, 2016 1:44 AM
Replying to Rami Kaibni
...
For Risk Management purposes and analysis, RM manager should have access to all information (Open Book) because every single thing matters.
Thanks for your input
avatar
Vincent Guerard Coach - Trainer - Speaker - Advisor| Freelance Mont-Royal, Quebec, Canada
Dec 11, 2016 7:06 AM
Replying to Markus Kopko
...
I am with Rami here, the risk manager should be a person the project manager has unlimited trust to, since the risk manager need to know everything related to the project.
Especially the confidential information can often be source for project risk; let's take the stakeholder register where often a lot of sensible information could be stored but where also often some risk sources can be included.
The risk manager belongs to the inner projectmanagement team and therefore should have access to all project information.
Thanks Markus
That is also my view
avatar
Vincent Guerard Coach - Trainer - Speaker - Advisor| Freelance Mont-Royal, Quebec, Canada
Dec 11, 2016 7:59 AM
Replying to Sergio Luis Conte
...
Besides the great comments from Rami and Markus, let me say something I have found lot of times. The first thing that is critical is the role definition for your project. To define the role you can take some of the ISO standards for example. But my recommendation is to take into account the organizational definition of the role if any. It is amazing but you can find hugh differences between the organizations. Once you have the role defined then you can define all related to it.
Thanks Sergio
When you say ISO your talking about 9000 or 31000?
Difference between organisations but why? some are public other private? Would that make there need in risk management different?
...
1 reply by Sergio Luis Conte
Dec 12, 2016 6:11 AM
Sergio Luis Conte
...
ISO 31000 family is a point of reference. IRM (Institute of Risk Management) documentation has helped a lot to me. About organizations, each one could have project risk management rules and plans defined so the first thing to do is searching for them.
avatar
Vincent Guerard Coach - Trainer - Speaker - Advisor| Freelance Mont-Royal, Quebec, Canada
Dec 11, 2016 10:10 AM
Replying to Sungjoon Park
...
This is a great question and I generally agree with Rami and Markus regarding "Open Book" quote. But it might not be a matter of transparency or share of all information available. It may be a matter of confidentiality and sensitiveness of specific information from the organization's perspective. In general, a risk manager is one of key project management team members if assigned to the project full time but it doesn't mean he or she has authority to access all confidential information beyond his or her role and responsibility. And I fully agree with Sergio in this sense.
Thanks Sungjoon.
When you say beyond the role and responsibility, do you mean that some risk are not to be manage?
...
1 reply by Sungjoon Park
Dec 12, 2016 11:07 AM
Sungjoon Park
...
I doesn't require to limit to the project risks but the project information. All project information might not be shared with a risk manager especially specific personal records, confidential information etc.
avatar
Sergio Luis Conte Helping to create solutions for everyone| Worldwide based Organizations Buenos Aires, Argentina
Dec 11, 2016 9:50 PM
Replying to Vincent Guerard
...
Thanks Sergio
When you say ISO your talking about 9000 or 31000?
Difference between organisations but why? some are public other private? Would that make there need in risk management different?
ISO 31000 family is a point of reference. IRM (Institute of Risk Management) documentation has helped a lot to me. About organizations, each one could have project risk management rules and plans defined so the first thing to do is searching for them.
...
1 reply by Vincent Guerard
Dec 12, 2016 10:37 PM
Vincent Guerard
...
Thanks for the clarification about ISO 31000 Sergio

Still intrigue about what information should not be available to Risk manager. If the role and responsibilities are to the project and the organization, what kind of risk one doesn't want to know about?
avatar
Sungjoon Park Coral Springs, Fl, United States
Dec 11, 2016 9:52 PM
Replying to Vincent Guerard
...
Thanks Sungjoon.
When you say beyond the role and responsibility, do you mean that some risk are not to be manage?
I doesn't require to limit to the project risks but the project information. All project information might not be shared with a risk manager especially specific personal records, confidential information etc.
...
1 reply by Vincent Guerard
Dec 12, 2016 10:38 PM
Vincent Guerard
...
I can agree that some information about human ressource are confidential. But what else if any should or could be off limit?
< 1 2 >

Please login or join to reply

Content ID:
ADVERTISEMENTS

"No opera plot can be sensible, for in sensible situations people do not sing."

- W.H. Auden

ADVERTISEMENT

Sponsors







Vendor Events

See all Vendor Events

Newsletters

Jun 3: The Career Problem Facing New PMs
May 20: Your PM Career as a Project Life Cycle
May 13: The Big Lie After Layoffs

See all newsletters