Compliance
Self Assessment
Compliance Process
CMMI Risk Management Goals
Risk Review
Policy
AF Policy Directive 90-9: Operational Risk Management, 1 April 2000
AFI 90-901: Operational Risk Management, 1 April 2000
AFMC Instruction 90-902: Operational Risk Management, Dec 2007
Procedures
Affinity Diagrams
Brainstorming
Risk Plotting
Risk Statements
Taxonomies
Individual
Consolidated
Risk Areas
Tools & Techniques
RiskNav
Risk Matrix
Risk Radar
Cost Risk and Uncertainty - Chapter 14, GAO Cost Estimating and Assessment Guide, Mar 09
Training
Risk Process Orientation
Detailed Risk Process
Facilitator Training
Examples
Sample Risk Management Plan
Process Lessons Learned
|
|
For additional information on risk management best practices and lessons learned, please see the Risk Management topic and articles in the online MITRE Systems Engineering Guide.
Step 1: Prepare
- 1a. Obtain Buy-In from Program Manager
- 1b. Identify and Notify Stakeholders
- 1c. Identify and Distribute Objectives and Requirements
- 1d. Identify Risk/Hazard Taxonomies
View Step 1 Actions.
Step 2: Identify Risks and Hazards
- 2a. Assemble Stakeholders for Risk Assessment
- 2b. Review Objectives, Taxonomies, and Process
- 2c. Conduct Risk Identification
- 2d. Group-Related Risks
- 2e. Consolidate Related Risks and Write
View Step 2 Actions.
Step 3: Assess and Prioritize Risks
- 3a. Identify and Get Consensus on Impact/Severity
- 3b. Identify and Get Consensus on Probability
- 3c. Identify Time Window when Risk Could Occur
- 3d. Reassess Any Existing Risks in Database
- 3e. Prioritize Risks by Impact, Probability, and Time
- 3f. Identify Handling Bands
View Step 3 Actions.
Step 4: Decide on Control Options
- 4a. Identify Handling Options Within Each Risk Band
- 4b. Identify Risks to be Assumed or Watched
- 4c. Identify Risks to be Avoided, Transferred, or Mitigated
- 4d. Assign Plan OPRs for Avoided, Transferred, or Mitigated
- 4e. Establish or Update Risk Database
View Step 4 Actions.
Step 5: Establish Handling Plans
- 5a. Develop Draft Handling Plans and Resources
- 5b. Manager Review and Approval of Handling Plans
- 5c. Handling Plan Funded, Directed, and Integrated
View Step 5 Actions.
Step 6: Implement Handling Plans
- 6a. Finalize Risk Management Plan and Management Infrastructure
- 6b. Mechanism to Monitor Triggers, Cues, and Handling
- 6c. Implement Handling as Authorized, Funded, and Scheduled
- 6d. Provide Reporting on Handling Results and Progress
View Step 6 Actions.
Step 7: Monitor Handling Plans
- 7a. Periodically Review Handling Plan Results
- 7b. Stop or Modify Handling Plans and Resources
- 7c. Retire Risks When Handling Plans Completed
- 7d. Update Risk Database for Handling Process and Retirement
View Step 7 Actions.
Decisions
- New Phase or Stakeholder?
- Key Milestone Approaching?
- "N" Months Since Last Assessment?
- Is the Risk Process Working?
View Decision Process.
Back to top
|