A pdf of the complete Praxis Comparative Glossary can be downloaded here.
From Risk to Rough order of magnitude
In plain English, risk is the possibility of something bad happening. It can be a countable noun (the ‘concept’ of risk) or a mass noun (a specific event). In the field of project delivery it is useful to distinguish between the countable and mass versions. Therefore, Praxis generally refers to risk in the mass sense and uses the term risk event for the countable version. In recent years the profession has taken the approach that risk is not purely bad and can encompass potential positive events. Hence the common definition of risk comprising threats and opportunities. | |
An ISO 21500 subject group that provides a set of processes for managing risk. The processes comprise: The equivalent in Praxis is the risk management function and its component procedure. The PMBoK® guide and ISO21500 share a very similar structure and the nearest equivalent knowledge area in the PMBoK® guide is project risk management. | |
The risk theme covers the risk management procedure from identification of risks through to the implementation of mitigation activity. Praxis covers this in the risk management function and its component procedure. In ISO21500 the equivalent subject group is risk and in the PMBoK® guide the equivalent knowledge area is project risk management. | |
The person assigned to implement the responses to a risk event or set of risk events. It distinguishes this role from the risk owner on the basis that the person who is accountable for making sure a risk is addressed is not necessarily the same person who is responsible for taking the detailed response actions. | |
An assessment of risk events that describes their significant and potential effect on objectives. Usually divided into quantitative risk analysis and qualitative risk analysis. | |
APM BoK 7’s term for risk management. | |
This theme combines the management of issues with risk management. The theme is broader than it first seems since it also includes elements of change control and configuration management. MSP 5th Edition distributes the risk management process across Design and Decisions. | |
An alternative name for a risk register used by the APM PSMC that explicitly contains opportunities as well as threats. Strictly speaking it is a ‘threats and opportunities register’. | |
See risk context. Note: PRINCE2 combines risk appetite and risk attitude into the single definition of risk appetite. | |
Risk assessment | In MSP this is the combination of identification and evaluation of risks. |
See risk context. Note: PRINCE2 combines risk appetite and risk attitude into the single definition of risk appetite. | |
The APM BoK 7 term for a budget that covers the cost impact of identified risks. | |
A hierarchical representation of risk events according to their categories and types. | |
The source of a risk event. Some practitioners advocate the use of a ‘meta-language’ to describe risks. This takes the form of “[Risk cause] results in [Risk event] which results in [Risk effect]”. A nail in the road (cause) results in a puncture and flat tyre (event) which results in being late for a meeting (effect). | |
The relationships between risk events that may affect the way they potentially occur. | |
| More: | Risk context addresses the individual and group attitudes and behaviours that affect the way risk arises and how it may be managed. This context can be viewed as having two components: risk attitude and risk appetite. Risk attitude describes an individual or group’s natural reaction to uncertainty of any type. Risk appetite represents the amount of risk that an individual or organisation is prepared to take in order to achieve their objectives. The APM BoK also has a function for risk context. The PMBoK® guide, PRINCE2 and ISO21500 do not address these factors in detail. |
The result of a risk event occurring. Some practitioners advocate the use of a ‘meta-language’ to describe risks. This takes the form of “[Risk cause] results in [Risk event] which results in [Risk effect]”. For example: A nail in the road (cause) results in a puncture and flat tyre (event) which results in being late for a meeting (effect). | |
The relationship between the amount of risk taken and the benefit expected. | |
The estimation of probability and impact of an individual risk event. | |
PRINCE2 and MSP 4th Ed. define this as the process of understanding the net effect of threats and opportunities on an activity. | |
Risk evaluation | In MSP this entails understanding the net effect of identified threats and opportunities when aggregated together. |
An individual occurrence of risk. Some sources use the term risk in both its singular and plural sense. The term risk event unambiguously refers to an individual risk event rather than an overall level of risk. | |
Risk identification | The determination of what could pose a risk and the listing of sources of threats and opportunities. |
The name used by the APM PSMC for a risk register. The fact that the APM PSMC also contains a definition for a risk and opportunities register suggests that this document does not contain opportunities. | |
| More: | Risk management allows individual risk events and overall risk to be understood and managed proactively, optimising success by minimising threats and maximising opportunities. Its goals are to:
In Praxis the risk management function has two components – risk techniques and risk context. Risk management is also a function in the APM BoK. The relevant tools and techniques are covered in the PRINCE2 risk theme and the PMBoK® guide project risk management knowledge area. ISO21500 has the processes in the risk subject group but doesn’t explain the tools and techniques. |
The risk management plan sets out the preferred procedures, tools and techniques to be used in risk management. | |
The PRINCE2 term for a risk management plan. | |
The PMBoK® guide term for the threat response that reduces probability or impact or both. Known in Praxis and elsewhere as reduce. | |
The person who is accountable for the resolution of a risk event. This person will be named in the risk register. Note: this is not necessarily the person who is responsible for implementing the risk responses, see risk actionee. | |
See contingency reserve. | |
The process of determining a priority for determining and funding risk responses. Priorities will be based on likelihood, impact and proximity. | |
A description of the types and levels of risk relating to any constrained area of work. An organisation, portfolio, programme, project, work package etc. could all have a risk profile. | |
The purpose of the risk register is to record information about identified risk events. The amount of information that needs to be recorded will depend upon the context of the work. In its simplest form (in a small self-contained project) the register will be a list of risk events and the results of qualitative analysis. A much more sophisticated risk register will be designed to enable aggregations across multiple projects and programmes. It will also record, or cross-reference to, more specialised documentation showing quantitative analysis of general uncertainty (e.g. Monte Carlo analysis or sensitivity analysis). | |
See contingency reserve. | |
The PRINCE2 term for the various risk responses. | |
| More: | The actions that can be taken in response to identified risk. The exact nature of these responses will depend upon whether they are in response to a threat (a risk event with a negative effect) or an opportunity (a risk event with a positive effect). See also threat responses and opportunity responses. PRINCE2 refers to these as risk response categories. |
| More: | Risk techniques are used in the identification, assessment and response planning steps of the risk management procedure. Few of the techniques described are unique to P3 management but they are all tailored and applied to suit the P3 context. |
The level of risk that an organisation is prepared to accept, i.e. a quantitative measure of risk appetite. | |
The levels of risk that, if exceeded, will trigger an issue, i.e. when a risk event must be escalated from one level of management to the next. | |
An MSP 5th Ed. term for the visualisation of all risks that could affect an aspect of the programme. | |
The result of combining the estimated impact and probability values of a risk. If subjective scales are used, examples of risk value could be high/medium or low/high. If a numeric scale is used, the value will be the product of the impact and probability estimates. | |
In the SPgM this is a graphical representation of information from the master schedule. | |
| More: | It is often impractical to plan a project in detail from beginning to end. Sensible decisions about stages in the future cannot be made until some of the current work has been completed. Rolling wave planning is the technique of planning the short to medium term work in detail and the remainder of the project in outline. Typically, as one stage nears its completion, the detailed planning will be underway for the next stage, and so on. |
An approximate estimate of costs and time performed early in the life cycle before scope has been fully defined. |
