Login with Netlify Identity

Why Risk Management?

A ‘risk’ is defined as the effect of uncertainty on organisational objectives, which could be either positive and/or negative (ISO 31000:2018 see Appendix 1, of UNDP Enterprise Risk Management (ERM) policy for all terms and definitions).

On the other hand, an ‘issue’ is an unplanned event that has already happened and is currently having an impact on the project’s success. An issue is certain, it is happening in the present, and it needs immediate attention. Issues are managed through an issue register, while risks are mapped and managed through a risk register, as we will see in the following sections.

Risk management is a set of coordinated activities undertaken with the aim to identify and control the level of risks and their effects on organisational objectives. Risk management is a central component of project management and is integrated throughout the project cycle. Risk management focuses on exploring opportunities and avoiding negative consequences within the realisation of UNDP Strategy.

In risk management, risk treatments or controls are specific measures put in place to modify the risk exposure, by reducing the likelihood or the impact of a risk event. The Risk Manager is a designated person responsible for facilitating and coordinating the management of risks. The Risk Owner is the person with the ultimate accountability and authority to ensure that a risk is managed appropriately. At the project level, this is often the project manager. While a Risk Treatment Owner is the person assigned with the responsibility to ensure that a specific risk treatment is implemented.

Assurance is an independent check and verification to confirm whether risk management is being implemented as intended and delivering the expected benefits.

In project management, every project is subject to three constraints: scope (products), time (schedule), and cost (budget). Overall project quality and success depend on the ability to ensure a balance between these three constraints. Risk management is a process that enables the project manager to have information for prompt detection and management of risks to minimise the impact on project constraints.

Practice Pointer

Risks are not static. As circumstances change over time, new risks may emerge, the likelihood of a risk to occur may change, or some risks may go away altogether. Therefore, risk management is not a one-time exercise. It is a process, with an ongoing cycle of assessment, treatment, monitoring, and review.

In development projects, quality results are those able to meet organisational standards, donor requirements, and satisfy local stakeholders. In UNDP, Project Quality Standards provide the quality standards for programming.

Additional guidance to support this area of work are also available through resources listed below:

Loading resources