Monitor the status of each risk periodically and implement the risk mitigation plan as appropriate.

To effectively control and manage risks during the work effort, follow a proactive program to regularly monitor risks and the status and results of risk handling actions. The risk management strategy defines the intervals at which risk status should be revisited. This activity can result in the discovery of new risks or new risk handling options that can require replanning and reassessment. In either event, acceptability thresholds associated with the risk should be compared to the risk status to determine the need for implementing a risk mitigation plan.

The acquirer shares selected risks with the supplier. Risks associated with the acquisition process are tracked and resolved or controlled until mitigated. This monitoring includes risks that can be escalated by the supplier.

Example Work Products

1.    Updated lists of risk status

2.    Updated assessments of risk likelihood, consequence, and thresholds

3.    Updated list of risk handling options

4.    Updated list of actions taken to handle risks

5.    Risk mitigation plans of risk handling options

Example Supplier Deliverables

1.    Updated list of risk status

2.    Updated assessments of risk likelihood, consequence, and thresholds

3.    Updated list of risk handling options

4.    Updated list of actions taken to handle risks

5.    Risk mitigation plans

Subpractices

1.    Monitor risk status.

After a risk mitigation plan is initiated, the risk is still monitored. Thresholds are assessed to check for the potential execution of a contingency plan.

A mechanism for monitoring should be employed.

2.    Provide a method for tracking open risk handling action items to closure.

Refer to the Project Monitoring and Control process area for more information about managing corrective action to closure.

3.    Invoke selected risk handling options when monitored risks exceed defined thresholds.

Often, risk handling is only performed for risks judged to be high and medium. The risk handling strategy for a given risk can include techniques and methods to avoid, reduce, and control the likelihood of the risk or the extent of damage incurred should the risk occur, or both. In this context, risk handling includes both risk mitigation plans and contingency plans.

Risk handling techniques are developed to avoid, reduce, and control adverse impact to project objectives and to bring about acceptable outcomes in light of probable impacts. Actions generated to handle a risk require proper resource loading and scheduling in plans and baseline schedules. This replanning should closely consider the effects on adjacent or dependent work initiatives or activities.

4.    Establish a schedule or period of performance for each risk handling activity that includes a start date and anticipated completion date.

5.    Provide a continued commitment of resources for each plan to allow the successful execution of risk handling activities.

6.    Collect performance measures on risk handling activities.