The overall project risk report

Once the risk assessment is agreed by the team to reasonably represent the reality of the project and the risk it faces, it is presented as an overall risk report. The report is a detailed description of the risk assessment, including its assumptions, conclusions, interpretations and recommendations.

The report includes:

  • the risk management plan that was followed;
  • the base schedule and cost estimate that was used as a basis for the risk model;
  • full list of assumptions around ranges of expectation, probability, consequences, and logic (relationships and correlations) in the risk model;
  • list of exclusions and issues out of scope;
  • details of mitigation planned and proposed, and the assumptions around their effectiveness.

The report then gives its conclusions, in the form of:

  • confidence in meeting existing targets;
  • alternative targets that have higher likelihoods of being met;
  • levels of contingency that would give higher confidence in targets;
  • breakdowns of contingency, and areas of significant risk;
  • how risks and mitigation actions will be monitored as the project progresses.

The report also gives interpretations and recommendations indicated by the risk assessment, including recommendations for further review. It serves as a tool to monitor the risk as the project progresses, and to ensure agreed mitigation steps are taken and are effective.

Primarily, however, the report serves as a means of the project team documenting and communicating its beliefs about the risk that exists to the project, what are reasonable expectations of the project, and how the project is managing the risk.

Preparation of the report does not require any time or effort from the project team, as they will have already agreed its content during the risk assessment.

This step repeats as part of the ongoing risk reviews throughout the project.