Professional Documents
Culture Documents
APX-01-02T
Ver 3.01 / 28-May-12
Account Name:
Project ID:
Project Name:
Risk
Applicability
Risk Description
Risk
Risk
Phase *
Identification Assessment
Date *
Date *
Risk Category *
Risk
Response *
Status of
Risk *
Anticipated
Impact *
1 of 18
PM-05-01-Risk_Monitoring_Log
2 of 18
PM-05-01-Risk_Monitoring_Log
APX-01-02T
Ver 3.01 / 28-May-12
Account Name:
Project ID:
Risk
Applicability
Risk Description
Risk
Mitigation Action Plan Responsibility *
Identification *
Date *
Target Date
Probability * Impact
*
Risk Severity
3 of 18
PM-05-01-Risk_Monitoring_Log
4 of 18
PM-05-01-Risk_Monitoring_Log
APX-01-02T
Ver 3.01 / 28-May-12
Account Name:
Project ID:
Risk
Applicability
Risk Description
Risk
Identification Actual Impact
Date *
Risk Occurrence
Actual Action
Remarks
5 of 18
PM-05-01-Risk_Monitoring_Log
6 of 18
PM-05-01-Risk_Monitoring_Log
APX-01-02T
Ver 3.01 / 28-May-12
Guidelines for using RML template
Note: RML template helps in keeping track of identified and materialized risks, their classification, assessment, prioritization, likely impact and the
action plans for risk response. This also helps in keeping track of changes in risk priorities and action plans.
Field name
Guideline
Risk Applicability
Risk Description
Risk Identification
Date
Risk assessment Date Mention the date on which the risk is assessed / monitored.
7 of 18
PM-05-01-Risk_Monitoring_Log
Phase
Helps in identification of the phase during which the risk is likely to impact. It could be:
1) Sales/RFP
2) Contracting
3) Requirement
4) Design
5) Development
6) Testing
7) Rel. & Imp.
8) Warranty
9) Support
10) ERP-Planning and preparation
11) ERP-Blueprint
12) ERP-Realization
13) ERP-Go-Live
Risk Category
Risk Response
Avoid Execute action plan prior to occurrence to avoid risk totally. Ideal for Risks with very high impact
Mitigate Reduce risk partially with appropriate action plan
Transfer - Transfer the impact to others like Client and business partners (in terms of exclusions, etc.) Taking appropriate
insurance is also a transfer strategy.
Accept - Accept the impact of risk. Select when the Risk index is low or when Cost of action plan exceeds the benefits.
Status of Risk
8 of 18
PM-05-01-Risk_Monitoring_Log
"Anticipated Impact" These helps to qualitatively evaluate impact (Anticipated / Actual) in terms of Effort, Cost and Schedule individually or in
and "Actual Impact" combination. Approximate cost, schedule and effort are worked out by PM in arriving at action plans for identified risk /
(on the project)
evaluating actual impact on materialized risk.
Note: Select cost only when there is a direct expense involved (E.g.. Additional HW for testing, Third party testing, Additional
tools procurement, Extended on-site non-billable stay), though effort involves cost.
Responsibility
Name of the person who holds the responsibility for implementing the identified action plan.
Target Date
Probability
Select the probability of occurrence of risk with your judgment / in consultation with an expert / SM
3 - High
2 - Medium
1 - Low
Impact
Risk Severity
Risk severity is the product of risk impact and probability, which help in acknowledging the severity of risk, i.e.. High, Medium
or Low.
Actual Action
Narrate the actual action taken for minimizing the impact of a materialized risk.
Remarks
Briefly describe the actual impact of materialized risk and additional information (if any) in remarks.
Note
9 of 18
PM-05-01-Risk_Monitoring_Log
In order keep visible track of changes in Risk response type / Action plan and Risk severity based on revised risk assessments,
enter the revisions in the next line with an intermediate Sr.No.(Serial Number)
E.g.. For risk in Sr.No. 2, the PM wants to revise the Action plan and Risk Index after some time. He has to enter new values in
these columns by inserting a row. Sr.No. for this row will be 2.1. This provides history of changes in risk perception and related
fields.
10 of 18
PM-05-01-Risk_Monitoring_Log
APX-01-02T
Ver 3.01 / 28-May-12
Guidelines for 'Risk Category'
Sr. No Category
6 Requirement Stability:
7 Requirement Complexity
8 Niche Technology
9 Project Environment
10 Test Data/Scripts
11 Effective tool selection
12 Communication:
11 of 18
PM-05-01-Risk_Monitoring_Log
13 SLA/Penalty
14 Data Migration
15 Data Security
16 System Capacity
17 Change Management
18 Infrastructure
20 Network Connectivity
22 Knowledge Transfer
23 Currency
24 Taxation
12 of 18
PM-05-01-Risk_Monitoring_Log
25 Credit
26 Location/Geography
27 Natural Calamities
13 of 18
PM-05-01-Risk_Monitoring_Log
Risk Guidelines
Look for the risks in preproject phase i.e. RFP and contracting phase. Risks could be related to
contract's terms and conditions, liabilities related, certain financial clauses, warranty period etc.
Risk can surface if communication protocol between the is not identified, or unclear to the team
members. Following can be the team combinations where the communication protocol plays a
critical role:
- Client - Offshore team
- Onsite - Offshore team
- Teams with third party team/stakeholder combination
- Support projects (critical in Level 1 support)
14 of 18
PM-05-01-Risk_Monitoring_Log
15 of 18
PM-05-01-Risk_Monitoring_Log
Credit related risks would be applicable during sales/RFP/Contracting/execution phase. This could be
an ongoing risk. Client credibility needs to be looked at the RFP phase, before signing the contract,
and throughout the project execution. If client's credibility is at stake for the ongoing
project/account, informed business decisions needs to be taken to minimize the risk exposure.
Risk needs to be thought upon pertaining to specific location/geography. Risk could be related to
1. Specific location security for the onsite resources
2. Availability of Visa for the specific location in time
3. Taxation, rules and regulations for specific location
4. HR rules compliance/Compensation for a specific location
5. Custom duties/octroi for a specific location
Risk can surface due to hazards/natural calamity prone geography. Strong and well tested BCP,
security measures for the resources should be thought upon.
16 of 18
PM-05-01-Risk_Monitoring_Log
APX-01-02T
Ver 3.01 / 28-May-12
Low
Medium High
Impact
Risk Severity
High
Medium
Low
Recommended action
High - Needs to be brought into the notice of Corporate Risk Management Committee, BU
Risk Manager, BU Opeartions head, Senior Managers. Prefered risk response would be to
avoid the scenario or condition giving rise to the risk.
Medium - Requires PMs attention and SMs guidance in risk management.
Low - Requires PMs attention. Consider contingency response to execute when the risk
occurs. Alternatively accept the impact of risk if it is not worth responding.
17 of 18
PM-05-01-Risk_Monitoring_Log
18 of 18