Risk category

Risk category is defined as a group of possible causes of risk. Risk categorization is the important step in Risk Management and allows classifying risks into appropriate categories in order to plan further steps to take for each of these categories Properly prepared risk categorization might have big influence on further steps of effective counteracting of the risk.

There are two main ways to categorize organization risks^[1]:

• categorizing by source of the risk by using the Risk Breakdown Structure (RBS) method
• categorizing by the project scope by using the Work Breakdown Structure (WBS) based method

or other ways, e.g. (project stage, root causes)

The main purpose of risk categorization is determining areas of the project, which are most subjected to the causes of uncertainty.

Risk Breakdown Structure

Risk Breakdown Structure (RBS), hierarchically presented specification of given risks divided into 4 main categories and multiple subcategories which are specified by areas and causes of identified risks. The Risk Breakdown Structure was developing in time. For different type of projects there can be different Risk Breakdown Structures appropriated^[2].

Example of Risk Breakdown Categories and Subcategories for typical project^[3]:

External, predictable or unpredictable e.g. legal challenges,

• Market
• Customer
• Weather
• Regulatory
• Subcontractors/Suppliers

Technical, e.g. technology shifts

• Technology
• Requirements
• Complexity and Interfaces
• Quality
• Performances and Reliability

Organizational, e.g. unclear organizational objectives

• Resources
• Fundings
• Prioritization
• Project Dependencies

Project Management, e.g. poor budget planning

• Planning
• Controlling
• Estimating
• Communication

Risk categories based on Work Breakdown Structure

Taking into consideration area of the project, we can list following categories:

1. Operational risks
2. Budget risks
3. Schedule risks
4. Business risks
5. Technical environment risks
6. Information security risks
7. Programmatic risks
8. Infrastructure risks
9. Quality and Process risks
10. Resource risks
11. Supplier risks
12. Technology risks
13. Technical and architectural risk

Other risk categories

Risk categories based on PMBOK Guide^[4]:

• External Unpredictable, e.g. unplanned regulatory changes
• External Predictable, e.g. inflation, safety
• Internal (Non Technical), e.g. Procurement Process Delay
• Technical, e.g. Productivity limitations
• Legal, e.g. customer lawsuits

Footnotes

References

• APM (2004), Project risk analysis & management (PRAM) guide (2nd ed.) High Wycombe, Bucks, UK: APM Publishing
• OGC (2009), Managing Successful Projects with PRINCE2 The Stationery Office
• Project Management Institute (2013), A Guide to the Project Management Body of knowledge|Body of Knowledge (PMBOK Guide) - 5th Edition, Project Management Institute, Inc., Pensylwania
• Pritchard C. L. (2015), Risk Management: Concepts and Guidance, Fifth Edition CRC Press
• Su L. (2012), WBS-based Risk Identification for the Whole Process of Real Estate Project and Countermeasures. Proceedings of the 2012 National Conference on Information Technology and Computer Science CITCS 10.2991/citcs.2012.19

Author: Natalia Kobos