CMMI Risk Management Goals
PolicyAF Policy Directive 90-9: Operational Risk Management, 1 April 2000
AFI 90-901: Operational Risk Management, 1 April 2000
AFMC Instruction 90-902: Operational Risk Management, Dec 2007
Tools & TechniquesRiskNav
Cost Risk and Uncertainty - Chapter 14, GAO Cost Estimating and Assessment Guide, Mar 09
TrainingRisk Process Orientation
Detailed Risk Process
ExamplesSample Risk Management Plan
Process Lessons Learned
For additional information on risk management best practices and lessons learned, please see the Risk Management topic and articles in the online MITRE Systems Engineering Guide.
Step 1: Prepare
- 1a. Obtain Buy-In from Program Manager
- 1b. Identify and Notify Stakeholders
- 1c. Identify and Distribute Objectives and Requirements
- 1d. Identify Risk/Hazard Taxonomies
View Step 1 Actions.
Step 2: Identify Risks and Hazards
- 2a. Assemble Stakeholders for Risk Assessment
- 2b. Review Objectives, Taxonomies, and Process
- 2c. Conduct Risk Identification
- 2d. Group-Related Risks
- 2e. Consolidate Related Risks and Write
View Step 2 Actions.
Step 3: Assess and Prioritize Risks
- 3a. Identify and Get Consensus on Impact/Severity
- 3b. Identify and Get Consensus on Probability
- 3c. Identify Time Window when Risk Could Occur
- 3d. Reassess Any Existing Risks in Database
- 3e. Prioritize Risks by Impact, Probability, and Time
- 3f. Identify Handling Bands
View Step 3 Actions.
Step 4: Decide on Control Options
- 4a. Identify Handling Options Within Each Risk Band
- 4b. Identify Risks to be Assumed or Watched
- 4c. Identify Risks to be Avoided, Transferred, or Mitigated
- 4d. Assign Plan OPRs for Avoided, Transferred, or Mitigated
- 4e. Establish or Update Risk Database
View Step 4 Actions.
Step 5: Establish Handling Plans
- 5a. Develop Draft Handling Plans and Resources
- 5b. Manager Review and Approval of Handling Plans
- 5c. Handling Plan Funded, Directed, and Integrated
View Step 5 Actions.
Step 6: Implement Handling Plans
- 6a. Finalize Risk Management Plan and Management Infrastructure
- 6b. Mechanism to Monitor Triggers, Cues, and Handling
- 6c. Implement Handling as Authorized, Funded, and Scheduled
- 6d. Provide Reporting on Handling Results and Progress
View Step 6 Actions.
Step 7: Monitor Handling Plans
- 7a. Periodically Review Handling Plan Results
- 7b. Stop or Modify Handling Plans and Resources
- 7c. Retire Risks When Handling Plans Completed
- 7d. Update Risk Database for Handling Process and Retirement
View Step 7 Actions.
- New Phase or Stakeholder?
- Key Milestone Approaching?
- "N" Months Since Last Assessment?
- Is the Risk Process Working?
View Decision Process.
Back to top