There are different types of risk assessment reports that help in taking a project

forward. Risks that are identified and assessed in time may be avoided or dealt with
in a proper manner.
In risk management of a project, one of the steps is risk assessment (which follows
risk identification). Risk assessment is done to calculate or understand the
probability of a risk and the impact or effect it will have on a project. It may be
relevant to any one phase in the project life cycle and is an on-going process till the
end of the project. Different types of risk assessment reports are created when a
risk is identified and assessed.
Risk assessment is done to evaluate many types of risks in a project. Evaluation for
each may be inter-related, and documents for each are independently created.
The means of evaluating the risks in each category is based upon qualitative and
quantitative risk analysis of the project. It may be risks identified as per each work
package in the work breakdown structure from any phase. Risks that are assessed
may also be external or internal in nature.
Qualitative risk analysis deals with the probability occurrence of a risk and its
anticipated impact. Risks that are analyzed may be prioritized into high, medium
and low for their probability and impact respectively, as per the image illustrated
below. While there is a high probability a risk might happen, it need not necessarily
mean that its impact too would likewise be high. In this case, a probability-impact
analysis may be done and represented graphically as per the image in this article.
Quantitative risk analysis quantifies probability and impact. That is, a numerical
value is assigned and the risk assessed may be translated into terms of numbers
and percentages. There are many techniques adopted for quantitative risk analysis,
namely,
Decision Tree Analysis
Expected Monetary Value Analysis
Simulations such as the Monte Caro Simulation
When risks are identified, assessed and documented, a follow up plan may be
formulated in time to avert, avoid or work around an identified risk.
Probability-Impact Analysis
Documents involved in Risk Assessment
There are different kinds of risk assessment reports. As risk assessment follows risk
identification, a lot of these documents will be based on the risk identification
reports. Documentation is done in a systematic way and can be from different
inputs. Some of them are discussed below.

Stakeholder Analysis - Risk Report: This identifies probable risks posed by

stakeholders and the impact the risk might have on other stakeholders or the
project at large. An example of this may be in sponsor partnerships where funds are
supplied by more than one individual and there are divided interests by the
sponsors in the same project.
WBS - Risk Report: The work breakdown structure, broken down to work packages
can be assessed for risks. It may detail risks at different stages based on cost,
schedule, resource and manpower factors.
Scope - Risk Report: The scope statement or mission statement may be assessed
for risks at the beginning of a project. For example, it could be the impact of a
particular project on the community.
Cost Evaluation Risk Report: Cost or funds are at constant risk in a project. It has to
be maintained and controlled with as little deviation as possible from the forecasted
values. Risks related to cost are in the cost evaluation risk reports.
Schedule Evaluation Risk Report: Time is luxury that a project cannot afford. It is
imperative that time schedules are met with as little delay as possible. Time delays
can impact the progress of a project and put it at risk. Such risks are documented in
the schedule evaluation risk report.
Technical Evaluation Risk Report: Risks related to resources, manpower and
departments fall under this category. Risks arising due to quality constraints or the
triple constraints, and those which are due to design errors and poor planning also
fall under this group.