RISK MANAGEMENT PLAN
VERSION NUMBER: 1.0
Notes to the Author
[This document is a template of a Risk Management Plan document for a project. The template includes instructions to the author, boilerplate text, and fields that should be replaced with the values specific to the project.
• Blue italicized text enclosed in square brackets ([text]) provides instructions to the document author, or describes the intent, assumptions and context for content included in this document.
• Blue italicized text enclosed in angle brackets () indicates a field that should be replaced with information specific to a particular project.
• Text and tables in black ...view middle of the document...
Styles used for the Section Headings are Heading 1, Heading 2 and Heading 3. Style used for boilerplate text is Body Text.
4. To update the Table of Contents, right-click on it and select “Update field” and choose the option - “Update entire table”.
5. Before submission of the first draft of this document, delete this instruction section “Notes to the Author” and all instructions to the author throughout the entire document.
[PROVIDE INFORMATION ON HOW THE DEVELOPMENT AND DISTRIBUTION OF THE RISK MANAGEMENT PLAN WILL BE CONTROLLED AND TRACKED. USE THE TABLE BELOW TO PROVIDE THE VERSION NUMBER, THE AUTHOR IMPLEMENTING THE VERSION, THE DATE OF THE VERSION, THE NAME OF THE PERSON APPROVING THE VERSION, THE DATE THAT PARTICULAR VERSION WAS APPROVED, AND A BRIEF DESCRIPTION OF THE REASON FOR CREATING THE REVISED VERSION.]
|Version |Implemented |Revision |Approved |Approval |Description of |
|Number |By |Date |By |Date |Change |
| | | | | | |
| | | | | | |
TABLE OF CONTENTS
1.0 INTRODUCTION 4
1.1 Purpose Of The Risk Management Plan 4
2.0 risk management Procedure 4
2.1 Process 4
2.2 ROLES AND RESPONSIBILITIES 4
2.3 Risk Identification 5
2.3.1 Methods for Risk Identification 5
2.4 Risk Analysis 6
2.4.1 Qualitative Risk Analysis 6
2.4.2 Quantitative Risk Analysis 6
2.5 Risk Response Planning 6
2.6 Risk Monitoring, Controlling, And Reporting 7
2.7 Risk Contingency Budgeting 8
3.0 Tools And Practices 8
4.0 Closing a Risk 8
5.0 Lessons Learned 9
Appendix A: Risk Management Plan Approval 10
APPENDIX B: REFERENCES 11
APPENDIX C: KEY TERMS 12
1 PURPOSE OF THE RISK MANAGEMENT PLAN
A RISK IS AN EVENT OR CONDITION THAT, IF IT OCCURS, COULD HAVE A POSITIVE OR NEGATIVE EFFECT ON A PROJECT’S OBJECTIVES. RISK MANAGEMENT IS THE PROCESS OF IDENTIFYING, ASSESSING, RESPONDING TO, MONITORING AND CONTROLLING, AND REPORTING RISKS. THIS RISK MANAGEMENT PLAN DEFINES HOW RISKS ASSOCIATED WITH THE PROJECT WILL BE IDENTIFIED, ANALYZED, AND MANAGED. IT OUTLINES HOW RISK MANAGEMENT ACTIVITIES WILL BE PERFORMED, RECORDED, AND MONITORED THROUGHOUT THE LIFECYCLE OF THE PROJECT AND PROVIDES TEMPLATES AND PRACTICES FOR RECORDING AND PRIORITIZING RISKS BY THE RISK MANAGER AND/OR RISK MANAGEMENT TEAM.
Risks related to IT systems or applications must be identified and documented based on the methodology in NIST SP 800-30, Risk Management Guide for Information Technology Systems. IT system...