Qualitative risk assessment

The aim of risk reviews is to reassess the risk register and the risk estimates at regular intervals in the project life cycle. It is usual to do this in line with the review and reporting cycle agreed for other project controls disciplines. It may also be the case that specific reviews are held at key stages (for example, RIBA works stages) to ensure that the estimates, formal cost plans and cash flows reflect the impact of all the risks.

The purpose of each review should be to:

• delete all closed or passed risks;
• add and assess new risks, assigning new actions as necessary;
• review progress of management actions and revisit them as appropriate;
• update assessments for all identified risks and assign new actions as necessary;
• recalculate the risk allowances if risks are quantified;
• update and reissue the risk register after each review;
• report back on the effectiveness of risk management; and
• repeat the process regularly.