The Risk Management Plan ideally supports the following sections:
In this section, present a clear, concise statement of the purpose of the Risk Management (RM) plan. Include the name, and if applicable, code name of the project, the name(s) of the associated system(s), and the identity of the organization that is responsible for writing and maintaining the RM plan.
This section briefly describes the history of the project and the environment in which the project will operate. (This information may be included through reference to other project documents.) Include the following information:
- Identification of other systems with which the subject system interfaces
- Contractor support for development and maintenance
- System architecture, operating system and application languages
- Development methodology and tools used for the project
The scope statement is a very important part of the RM plan. It is an agreement among the project team, the project sponsor and key stakeholders. It represents a common understanding of the project for the purpose of facilitating communication among the stakeholders and for setting authorities and limits for the project manager and team. Purposes of the scope statement includes relating the project to business objectives, and defining the boundaries of the project in several dimensions including approach, deliverables, milestones, and budget.
You should include in this section policy decisions that affect how RM is conducted. This section also references documents to support the RM process. Include any project or standards documents that are referenced in the body of the plan or that have been used in the development of the document.
In this section, describe the project’s approach to risk management. Include the sections on identification, analysis, planning, tracking, control, and communications. Discuss the project’s risk mitigation strategies in general and also detail specific strategies that will have a significant impact across the project.