Content
Risk and Opportunity Management Plan
Who is Responsible for the Risk and Opportunity Management Plan ?
The Risk (Process) Manager role is responsible for the Risk and Opportunity Management Plan.
What is the Risk and Opportunity Management Plan ?
The Risk and Opportunity Management Plan is a description of how Risk is to be managed within an equipment project, support programme, business change programme or combination of related programmes. It is typically made up of the following areas:
- Introduction
- Purpose of Risk Management
- Organisation, Roles and Responsibilities
- Methodology (Identification, Analysis, Planning and Management)
- Risk Management Activities
- Reviews and Reporting Procedures
- Risk Register
- Tools and Techniques
- Definitions
It defines roles, responsibilities, methodology, tools and techniques specific to the project or programme and how Threats and Opportunities are to be managed through life as part of the overall management strategy. Consequently, it is very closely linked with the Through Life Management Plan (TLMP).
The objective is to reduce risk to an acceptable level (Risk Appetite), not to eliminate it at a disproportionate cost. The following list provides an indication of the contents to be included in a Risk and Opportunity Management Plan, but should not be considered exhaustive.
For each section identify ‘Who, What, When, Why, Where and How’ wherever relevant.
| Section |
Description |
| Introduction |
The purpose of the Plan tailored to the project or programme, background on the team managing the project or programme, and references to supporting or related documentation. |
| Purpose of Risk Management |
Risk and Opportunity Management objectives set in the appropriate project context, including an outline of strategies to be adopted and success criteria. |
| Identification of Main Risk Areas |
Those areas where the project's risk mitigation activities are expected to be focused. |
| Organisation, Roles and Reporting Procedures |
Identification of specific posts and appointments involved in risk and opportunity management, the Terms of Reference for each post and definition of specific tasks, including the:
- Management of associated databases
- Provision of data to support project decisions
- Cost and benefit analyses of mitigation or realisation activities
- Development and recording of metrics
- Scrutiny and audit activities.
|
| Methodology (Identification, Analysis, Planning and Management) |
How the Risk and Opportunity Management methodology will be implemented, examples are the frequency of and attendance at Risk Identification workshops, also the project’s analysis criteria. The guidance provided on each of the four stages of the Iterative Process should be consulted. |
| Risk Management Activities |
Any additional RM activities not covered by the four stages, for example joint working with a contractor. |
| Reviews and Reporting Procedure |
Details of review programmes and tasks at all levels, including the reporting procedures. The Plan should also identify the arrangements for the review of the risk and opportunity management process itself. |
| Risk Register |
Details of the format of the risk register, its usage, and configuration management arrangements.
[The Register may be as simple as a spreadsheet for small non-complex projects or a database product with a multitude of features for large and complex projects]. |
| Tools and Techniques |
The tools and techniques to be used with their key features. Also the part they play in the iterative process and specifically review, reporting, and approvals. |
| Definitions |
Common Terms should be used wherever possible, also any acronyms explained.
|
