This is a guest post from Christine Sato
Proper risk management is vital to any project manager. Any big project is sure to have a great deal of risk, which needs to be identified and evaluated. The ability to accurately identify the risk factors and gauge the stakes of a given project is instrumental to proper management of that project.
It is safe to say that the management of risk is the job of a project manager, but who owns the risk? The concept of risk ownership is a tricky one, with a few potential answers.
Risk, as it applies to project management, is any element of uncertainty in a project. This can take the form of negative risks, or threats, and positive risks, or opportunities. Among these risks are known risks which can be planned for, and unknown risks which require adaptability to manage.
The project manager is responsible for risk management, which entails identifying the positive and negative risks, planning for known risks, and quickly adapting to unknown risks as they arise. They usually have the final say in risk management, but they can delegate some aspects of the risk management process through assigning owners to risk.
Project Management and Risk Ownership
Risk ownership, as it applies to project management, is mostly about assigning portions of risk to individuals. When these individuals are delegated ownership of risk, it doesn’t literally mean they own the risk; that would be the organization or individual that provides the capital. Rather, risk owners, as delegated by the project manager, are usually those who have intimate knowledge of the risk in question, and have a large amount of influence over its outcome. The ‘ownership’ in this definition of risk ownership means that they must own the consequences of the risk, meant in the same way that one owns their mistakes.
Aspects of Delegated Risk Ownership:
- Identifying threats
- Identifying impact
- Assigning responsibility
- Implementation of risk response
- Reporting risk
- Identifying risk interdependence
Bearing Risk Vs. Owning Risk
The literal owners of risk, the ones who financially back the project in question, are referred to as risk bearers instead of risk owners. The risk bearers could be the board of directors, an individual entrepreneur, angel investor, or other financial backer. Since these individuals are the ones bankrolling the project, they can be said to literally ‘own’ the risk, and will usually have the final say on any decisions made by the project manager. However, for the purposes of project management, these individuals are referred to as risk bearers, with the ones managing the risk being risk owners. In some cases, risk bearers can also be risk owners: for example, a member of the board of directors can be assigned ownership of one aspect of risk by a project manager.
Risks are part and parcel of any serious undertaking. Any business project is a roll of the dice, and the project manager is responsible for weighing the odds. In this aspect, risk ownership can be defined in three ways, with three groups of risk owners. Individual team members own specific aspects of the risk, requiring them to accurately monitor and mitigate them. The suppliers of capital and resources literally own the risk, seeing as they are the ones with the most at stake.
Lastly, the project manager has the most important role, owning risk as the final say in the risk-making process. They are responsible for taking the input from individual risk owners, weighing it against the desires of the risk bearers, and owning the final consequences of their decision.
Christine Sato founded the site CPA Review Courses – an online resource dedicated to helping professionals pass all four sections the CPA Exam on their first try. Christine provides cpa review courses and guides and gives expert cpa study tips in order to ease the process of becoming a CPA.