Project Management Central

Please login or join to subscribe to this thread

Topics: Career Development, Consulting, Risk Management
when you prioritize the Risk ... do you consider the Impact first or the probability for each risk ? and why ?

when you prioritize the Risk ... do you consider the Impact first or the probability for each risk ? and why ?
Sort By:

Risk prioritization is done using the formula P*I. You are essentially understanding the risk ranking in a much quantitative way by multiplying the numbers. Based on the risk ranking numbers which is obtained my multiplying probability with impact, you prioritize the risk(higher number has to be first priority as it will be having more impact if you don't get it resolved quickly)

Rand -

Given two equal risks from a P*I perspective, I'd do one of two things:

1. Give a higher priority to the one with the higher impact to be better safe than sorry.
2. Include a third dimension of ability to influence/mitigate. Risks which lend themselves to influence or mitigation should be given a higher priority than ones over which there may simply not be a good response strategy.


when you have a risk with low probability and high impact ... and you overlooked it ... then it happened .. what will you do with such high impact ??

You do both together in two steps:
Step 1: Qualitative Assessment with probability x Impact matrix with certain rating and rating Interpretation in order to identify the highest rated risk based on scaling rating interpretation of risk (low, medium, high) and Impact scale interpretation (like impact on budget). For the evaluation I discuss per risk both (P and I) in order to get to a scaling per risk within the matrix.
Step 2: Quantitative Assesment for the selected highest risk from step 1 where you apply different analysis, for example Expected Monetary Value Analysis (EVM) that considers both Probability and Impact. I am used to discuss with the team iteratively per risks both topics (P and I) also taking into account dependencies between risks.

Like Peter, I would do my quantitative assessment on the high impact - high likelihood risks. That helps me know how much money I can/should invest in mitigating or palliating a risk. I don't want to spend more managing the risk than what it will cost me if it happens.

Unlike Kiron, I would break ties based on the likelihood, rather than the impact. I would rather spend my time on more likely scenarios.

Hi Rand, I always consider first the impact because I like to understand how would the risk shake up my project. Then I think what is the actual probability it may happen. I also consider influence and dependencies of other risks that I have already identified. Not for the calculation formula of the risk probability but to be aware that some risks' consequences may trigger other so to keep it in mind.

I consider risks much as Lenka does, and consider those with high impacts first. I know I can tolerate a low-impact risk if it is realized, but I'm very wary of high-impact risks that can threaten the project.

my deepest thanks for all your informative and valued contributions

You need to consider both probability and impact for prioritizing risks along with many other factors. These factors have to be collectively considered.

Please login or join to reply

Content ID:

Not that there's anything wrong with that.

- Jerry Seinfeld



Vendor Events

See all Vendor Events