Skip to content
Added to your Saved Content Go to my Saved Content Added to your CPD log

View or edit this activity in your CPD log.

Go to My CPD
Only APM members have access to CPD features Become a member Already added to CPD log

View or edit this activity in your CPD log.

Go to My CPD
Roads 620 X 620[1]

What is risk management?


Risk analysis and risk management is a process that allows individual risk events and overall risk to be understood and managed proactively, optimising success by minimising threats and maximising opportunities and outcomes. 

Definition from APM Body of Knowledge 7th edition

Risk management

Risk management is focused on anticipating what might not go to plan and putting in place actions to reduce uncertainty to a tolerable level.

Risk can be perceived either positively (upside opportunities) or negatively (downside threats). A risk is the potential of a situation or event to impact on the achievement of specific objectives

Working with the risk owner, the project professional ensures that risks are clearly identified before moving on to the risk analysis step of the risk management process.

The project risk management process reflects the dynamic nature of project­work, capturing and managing emerging risks and reflecting new knowledge in existing risk analyses.

A risk register is used to document risks, analysis and responses, and to assign clear ownership of actions.

The risk management process

The risk management process

Source: Project Risk Analysis and Management Guide 2nd edition

Watch: What is risk?

This video is hosted by a third party (, you cannot view this video content unless you accept marketing cookies to be able to view this content. If the popup doesn't appear, please clear your browser cache and refresh the page.

What is risk analysis?

Risk analysis provides guidance on where the greatest vulnerabilities lie. Because risk analysis is fundamentally perception based, it is important for the project professional to engage stakeholders early to identify risks.

To make sense of differing perceptions, it is important to describe risk events clearly, separating causes (facts now), from risk events (situations that may occur), from effects (that have an impact on one or more of the project measures). This enables subsequent analysis and management of risks.

Effective risk analysis and contingency planning will see planned time and/or contingency used. Unused contingency is most likely caused by overestimation, luck or the efficient management of risk. Insufficient contingency is most likely caused by optimistic estimation, bad luck or inefficient management of risk.

Outputs from risk analysis help the project professional to:

  • Understand the probability of achieving out­turn dates, costs or
  • Inform and influence decision-making about the chances of achieving the business case and
  • Agree the level of contingency to provide the required level of confidence.

Related reading

Lab 620 X 620[1]
How to plan for the ‘unplannable’: human error

Traditional risk is narrowly focused on the technical or commercial aspects of project management, but that’s only part of the project dynamic... read more.

Read blog
Tunnel 620 X 620[1]
Dealing with project risks effectively

Risk management is not a separate discipline but an integral part of project management so should be part of the regular activities of a project manager... read more.

Read blog
Crane 620 X 620[1]
What do black swans have to do with risk?

Occasionally during risk workshops, someone (normally arms folded and wearing a smug expression) brings up the subject of black swans... read more.

Read blog
Cargo 620 X 620[1]
Successful quality management requires expert risk management

My career path had a focus on risk and quality management, two subjects I am very fond of; they are an integral part of projects, small or large, throughout the life cycle... read more.

Read blog
Degree Training
Exploring the emerging trends in risk management

Aimed at project professionals at all levels of experience, a packed audience attended an excellent interactive presentation at the BAWA Leisure complex in Filton, Bristol... read more.

Read article
Crowd Event 620 X 620[1]
Top 10 myths of risk

Since the dawn of time, mankind has used myths to make sense of the uncertainty that surrounds us. More recently, in the world of business and projects, risk management has performed the same role... read more.

Read blog

APM Risk Specific Interest Group

The APM Risk SIG (Specific Interest Group) provides a forum in which to share knowledge and ideas, develop expertise and understanding and actively promote the adoption of project risk management.

Get involved in the community


APM Body Of Knowledge 7Th Edition Promo Image

APM Body of Knowledge 7th edition

The APM Body of Knowledge 7th edition is a foundational resource providing the concepts, functions and activities that make up professional project management. It reflects the developing profession, recognising project-based working at all levels, and across all sectors for influencers, decision makers, project professionals and their teams. 

Buy from the bookshop

You may also be interested in

Apm Learning V2 Card
APM Learning

The APM Learning portal is an online resource which provides members with access to digital guides, modules and other digital learning resources as part of the membership benefit.

Resources V2 Card
What is ...?

Browse our popular project management 'What is ...?' topics for definitions, quick insights, view related case studies, research, blogs and glossary.

Project V2 Card
Project Journal

Project – APM's official journal – is circulated quarterly for members only, and online for regularly updated news, blogs, opinions and insights for those in the project community.

Hub V2 Card
APM Community

The APM Community is our online community platform that connects our members faster and easier than ever before.