Ask the Expert

When during a project lifecycle should we conduct a risk assessment?

At what point in a project's lifecycle should one conduct a risk assessment? Do you have any suggestions as to how to accomplish this so that the risks uncovered are such that they can be responded to?

    Requires Free Membership to View

At least during three key points:

  • Before
  • During
  • After

Two things spring to mind about conducting a risk assessment as soon as possible. First, transparency is key to finding risks early. People afraid to address issues are likely to pooh-pooh legitimate concerns. Second, enterprise risk management (ERM) offers quite a bit of guidance. My friend Bob Charette contributed a chapter to my second book, The Next Wave of Technologies: Opportunities in Chaos, on ERM since any type of major IT change in an organization is fraught with risks.

There's way too much on ERM for me to attempt to do it justice here. Suffice it to say there are significant limitations to surveys and "roundtable" meetings. Risks need to be assessed systematically and throughout the project's entire lifecycle.

This was first published in December 2009

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: