Artifact:
Risk List
The following people use the risk list:
- The project manager, to keep the project on schedule in the face of the
unforeseen.
- The architect, to drive the technical focus of iterations.
- The project team, to manage their activities
1. Objectives
A brief description of the purpose of the Risks List.
2. Scope
A brief description of what the Risks List applies to; what is affected or influenced
by this document.
3. References
A list of related or referenced documents.
4. Risks
For each risk, in decreasing order of magnitude:
1. <Risk Identifier a descriptive name or number>
1. Risk magnitude or ranking
An indicator of the magnitude of the risk may be assigned to help rank the risks from
most damaging to the project to least damaging.
2. Description
A brief description of the risk.
3. Impacts
List the impacts on the project or product.
4. Indicators
Describe how to monitor and detect that the risk has occurred or is about to occur.
Include such things as metrics & thresholds, test results, specific events, etc.
5. Mitigation strategy
Describe what is currently done in the project to reduce the impact of the risk.
6. Contingency plan
Describe what will be the course of action if the risk does materialize: alternate
solution, reduction in functionality, etc,
2. <next Risk Identifier a descriptive name or number>
The risk list is maintained throughout the project. It is created early in the
Inception phase, and is continually updated as new risks are uncovered and existing risks
are mitigated or retired. At minimum, it is revisited at the end of each iteration, as the
iteration is assessed.
The project manager is responsible for maintaining the risk list and keeping it up to
date.
The risk list should capture the top risks on the project. The top ten are
critical, the top twenty are serious, and beyond that use your discretion. The top
ten should be made known to all team members.
| |

|