Sign in
  • Blog
  • Risk management
  • PPM

Author  Ian Clarkson – Practice Director, PPM, QA

July 21, 2022 |

 8 min read

  • Blog
  • Risk management
  • PPM

Both projects and programmes bring change, and change comes with an inherent level of risk.

As change, by its nature, doesn’t allow a choice to take risk or not, organizations need to ask themselves: how much risk are we willing to take and what capability do we have to manage it?

However, where risk should rank and where it does rank in importance for organizations is often different.

Even with the best plan in place, it can go off track: things change, people change so you need to review risk on a continuous basis. In my experience, however, mentioning a risk register or risk log is either a) met with blank faces or b) seen as a box ticking exercise; documents maybe dusted off now and again when there’s a project review rather than referenced continually.

Can project, programme and other managers be forgiven for this? Indeed, they have a lot to deal with – creating plans, engaging stakeholders, managing budgets, tracking progress, etc – and maybe risk feels like a lesser priority. Project size can also be deceptive when judging risk level: some smaller projects can be more complex and riskier than larger ones.

But managers overlook risk at their peril. Luckily, comprehensive guidance is available.

Managing risk via Axelos ProPath guidance and certifications

The “golden thread” that runs through the Axelos ProPath designations is risk.

Whether you’re using PRINCE2 for project management or Managing Successful Programmes (MSP) for programme management, each has a concern for risk.

In fact, these best practices treat risk not just as “threat” but also as “opportunity”. Professionals may not typically think of risk that way and it takes a mind-shift to consider risk as something potentially beneficial.

The approaches to risk in PRINCE2, MSP and – naturally – the recently-updated Management of Risk (M_o_R 4) guidance – don’t attribute a positive or negative judgement to risk but offer ways to manage it effectively.

Including M_o_R 4 within the ProPath (Agile) Project Expert designations makes absolute sense. Managing risk is the most important element common to both projects and programmes and demands a rigour and discipline to be successful in either.

And M_o_ R 4 shouldn’t be pigeonholed as just “something for risk managers”. Certainly, anyone involved in projects and programmes should be doing it.

Its latest edition, I believe, is even more relevant to a broad audience, particularly recognizing the role of people, behaviour and bias in handling risk. Equally, the fact that it’s now just one exam at Practitioner level means there’s more time and flexibility on a course to get into the detail of the guidance and how it works in practice.

Effective risk management is cultural

If organizations and their professional practitioners are not managing risk properly it will contribute to failure.

And I would hope that – after the past two years of Covid-19 – businesses are thinking more about the threats and opportunities presented by risk. However, while many organizations are seeking to improve their project and programme management abilities, few are recognizing the need for better risk management skills.

To address this, I think awareness and management of risk needs to be synonymous with company culture, rather than being seen as a set of tools and templates. By actively confronting risk, people are given permission to identify, discuss and debate it; therefore, enabling them to manage risk proactively.

The various certifications within Axelos ProPath join up guidance that might not seem, at first glance, connected from a risk perspective. M_o_R 4 provides the crucial link in the chain between them.