Skip to content

The key to successful project risk management

Added to your CPD log

View or edit this activity in your CPD log.

Go to My CPD
Only APM members have access to CPD features Become a member Already added to CPD log

View or edit this activity in your CPD log.

Go to My CPD
Added to your Saved Content Go to my Saved Content

Technology is driving future work. Robotics, artificial intelligence, big data and genomics are some of the major technologies today that will grow significantly in the future. New technology will bring uncertainty and risks. Project risk management will be more important in the future to manage these new risks as Projecting the Future indicates.

Project management has been used successfully for years on projects; it will continue to be important for future work and projects. Knowledge of project management is essential for successful projects now and in the future because the work in the future will be centred on projects. So, understanding the four knowledge cornerstones of risk management dramatically increases the probability of achieving project manager success. Conversely, a lack of knowledge will likely lead to poor project performance.

I believe the four knowledge cornerstones of effective project risk management are key to a successful project. They are:

  • project management,
  • earned value management (EVM),
  • risk management,
  • subcontract management.

This blog focuses on project management known project risks.

Project management

It is essential you become proficient with project management to understand project risk management. This means understanding the common components of projects, the project management process, and the project management elements. The four constraints of a project are well known:


The contract statement of work (SOW) defines the project scope. The challenge to the project manager is to perform to the scope but not more and not less. Sometimes the scope is not fully defined or misunderstood creating a serious risk situation which may not be known until late in the project. The project manager is responsible to ensure that the scope is clear to the project team, so everyone is on the same page.

When I was the project manager for a major subcontract, I insisted the subcontractor generate a scope compliance spreadsheet listing: each SOW paragraph number; description of scope; and how they were accomplishing scope to minimise a scope risk. I also sat down with the subcontractor’s project manager and went through their SOW paragraph by paragraph. I asked him to explain what each scope meant to confirm we were on same page. We did not have any scope issues throughout the project.


The request for proposal (RFP) specifies the project schedule or period of performance. The challenge to the proposal team is to generate a plan that includes a schedule that meets the RFP requirement. The schedule must have margin built into it. Contractors can control their own schedule by adding resources or working two shifts. However, contractors do not have any control over their subcontractors. Subcontractors are a major source of project risk to the schedule.

A labour strike concern and risk became known during the proposal phase for one of our major subcontractors. To mitigate the risk, we decided to subcontract with another company in a leader follow scenario. Our prime subcontractor received the majority of the units with the secondary supplier the smaller quantity. If the strike occurred, we would award the secondary supplier more units. As it turned out, the strike was averted but we were covered for the risk.


The project’s cost risk begins with the proposal response time frame, often 60 days. The short time puts a lot of pressure on the proposal team to collect, review, and approve costs. Typically, a bottom-up cost estimate and a top-down estimate are compared to confirm they are in alignment within a specified tolerance. This is the in-house cost estimate. Subcontractor pricing is more of a challenge because they have 3-4 weeks to prepare their proposal to ensure it gets into the company’s proposal. This is the biggest risk for establishing the budget. The other major risk is executing the project to the budget and avoiding serious issues.

For one major supplier, I was assigned to visit their facility and work with them to lower costs. I spent about two weeks in a conference room going through every cost line with them. At the end of the session, I added about $500,000 to their proposal. One example of why I did this was to increase the proposed number of visits and number of people per visit to a foreign bearing vendor.  I felt their estimate was low. They actually needed three visits to the bearing vendor and with a few more people in attendance because the bearing was very special and warranted multiple visits during the manufacturing phase. My goal was to ensure the subcontractors bid was fair even if it meant adding costs. It must be a win- win situation for you and your subcontractor.


The quality constraint works similar to the other constraints. For example, if a project is running late and over cost, the project manager may deliver the product on time but with less testing and inspection, compromising the quality.

The Hubble telescope is a good example compromise. Due to immense pressure from management, engineers deleted a final mirror shape test in order to launch it into space sooner. The first operational test in space showed the image to be fuzzy. The shape was wrong. It took several years and hundreds of millions of dollars to fix the telescope in space. This is an example of comprising quality to satisfy a late schedule, which resulted in delayed use of the telescope and added costs.

These are also known project risks. The majority of projects fail due to known risks, but if you succeed in understanding these four constraints as best you can, you will have the knowledge and tools to manage known risks on your project.

The project management knowledge cornerstone is absolutely necessary to managing known risks on a project. My next blog will discuss the EVM knowledge cornerstone. What are some of your experiences handling project risks? Let me know in the comments.

You may also be interested in:

Image: MJgraphics/


Join the conversation!

Log in to post a comment, or create an account if you don't have one already.

  1. Gregory B
    Gregory B 12 November 2019, 02:23 PM

    Nice piece on the importance of project management risk to teh future of work

  2. Kellie Hughes
    Kellie Hughes 13 November 2019, 12:30 PM

    Very helpful. Thanks!