<Project Name>

Risk Management Plan

 

Version <1.0>

 

 

[Note: The following template is provided for use with the Rational Unified Process. Text enclosed in square brackets and displayed in blue italics (style=InfoBlue) is included to provide guidance to the author and should be deleted before publishing the document. A paragraph entered following this style will automatically be set to normal (style=Body Text).]


Revision History

Date

Version

Description

Author

<dd/mmm/yy>

<x.x>

<details>

<name>

 

 

 

 

 

 

 

 

 

 

 

 

 


Table of Contents

1. Introduction         

1.1 Purpose     

1.2 Scope     

1.3 Definitions, Acronyms and Abbreviations     

1.4 References     

1.5 Overview     

2. Risk Summary      

3. Risk Management Tasks

4. Organization and Responsibilities

5. Budget 

6. Tools and Techniques  

7. Risk Items to be Managed      


Risk Management Plan

 

1.                  Introduction

[The introduction of the Risk Management Plan should provide an overview of the entire document. It should include the purpose, scope, definitions, acronyms, abbreviations, references, and overview of this Risk Management Plan.]

1.1               Purpose

[Specify the purpose of this Risk Management Plan.]

1.2               Scope

[A brief description of the scope of this Risk Management Plan; what Project(s) it is associated with and anything else that is affected or influenced by this document.]

1.3               Definitions, Acronyms and Abbreviations

[This subsection should provide the definitions of all terms, acronyms, and abbreviations required to properly interpret the Risk Management Plan.  This information may be provided by reference to the project Glossary.]

1.4               References

[This subsection should provide a complete list of all documents referenced elsewhere in the Risk Management Plan. Each document should be identified by title, report number (if applicable), date, and publishing organization. Specify the sources from which the references can be obtained. This information may be provided by reference to an appendix or to another document.]

1.5               Overview

[This subsection should describe what the rest of the Risk Management Plan contains and explain how the document is organized.]

2.                  Risk Summary

[A brief overview of the project, and summary of the overall amount of risk involved in the project.]

3.                  Risk Management Tasks

[A brief description of the risk management tasks to be performed during the project. In this section you should describe the following:

-         The approach to be used to identify risks and how the risks list will be analyzed and prioritized.

-         The risk management strategies that will be used, including mitigation, avoidance, and/or prevention strategies for the most significant ("top-10") risks.

-         How the status of each significant risk and its mitigation activities is to be monitored.

-         Risk review and reporting schedules.  A risk review should be part of each iteration/phase acceptance review.]

4.                  Organization and Responsibilities

[A list of the specific groups or individuals to be involved in the project's risk management activities and a description of the tasks and responsibilities of each.]

5.                  Budget

[The budget available for managing project risks (when this information is not already included in the overall project budget).]

6.                  Tools and Techniques

[A list of the tools and/or techniques that will be used to store risk information, evaluate risks, track the status of risks, or generate risk management reports.]

7.                  Risk Items to be Managed

[A list of the risk items that have been identified.  This can be a link to the Artifact: Risk List for the project.

An industry best practice is to publish and keep visible a "Top-10" list of risks that are considered significant enough for the project to spend resources on their management. You may maintain a longer list if organizational practice or the contract requires it.

Indicators that the risk is being realized, and mitigation, avoidance or preventative strategies are identified for each risk listed. Some risks will also require a description of the action that is contingent upon the risk being realized.]