Risk Assessment
Risk analysis and assessment is a process in which risks are analyzed to determine their likelihood of coming to pass and their potential impact on the project. The aim is to quantify each risk, based on which they can be prioritized (for modification purposes). Consideration must be given to the fact that the specific timing of the risk's occurrence has a bearing on its consequences. Using these two indicators, a so-called risk assessment matrix is introduced.
The score that results from these two indicators is called the risk impact. There are two approaches to assessing risks: top-down and bottom-up. In the top-down approach, a list of potential risk factors is developed. The assessment is based on previous experience. The aim is to identify the potential links between individual risks, their occurrence points, and possible consequences. This enables preliminary action to be taken to prevent or reduce the impact of the risk. In the bottom-up approach, risks are detailed at the lowest level.
Alternative critical paths are evaluated, and time and duration are calculated to enable managers to set buffers that would meet the negative consequences of risks being realized. In practice, this approach implies an inability of the manager to anticipate the risk and take preventive management action to avoid it.
Risk management matrix with five levels of each dimension. These levels can be high, medium-high, medium, medium-low, and low. Although, in the example, the effect is seen as more critical (hence, the diagram is not symmetrical), this need not necessarily be the case.