Process 21 of 49

Identify Risks

Identifies individual project risks and sources of overall project risk, documenting them in the risk register and risk report. You can't manage what you haven't named.

Process Group Planning Knowledge Area Project Risk Management

Identify Risks surfaces the threats and opportunities that could affect the project, drawing on every plan and document plus the team’s and stakeholders’ knowledge. It produces the risk register — the list of individual risks with their characteristics — and the risk report, the picture of overall project risk.

Identify Risks: key inputs and outputs
The key inputs feeding Identify Risks and the deliverables it produces — full ITTOs are listed below.

It is iterative and inclusive: risks emerge throughout the project, and the people doing the work often see them first. Brainstorming, checklists, interviews, and prompt lists help cast a wide net, while clear risk statements (cause, event, effect) keep entries actionable.

Common pitfalls. Treating it as a one-time workshop; vague risk statements that can’t be acted on; focusing only on threats and missing opportunities; and a register filled in once and never revisited.

Inputs, Tools & Techniques, and Outputs

Inputs

  • Project management plan
  • Project documents
  • Agreements
  • Procurement documentation
  • Enterprise environmental factors
  • Organizational process assets

Tools & Techniques

  • Expert judgment
  • Data gathering
  • Data analysis
  • Interpersonal and team skills
  • Prompt lists
  • Meetings

Outputs

  • Risk register
  • Risk report
  • Project documents updates

← All PMBOK Processes