ArtsAutosBooksBusinessEducationEntertainmentFamilyFashionFoodGamesGenderHealthHolidaysHomeHubPagesPersonal FinancePetsPoliticsReligionSportsTechnologyTravel

Sample Risk Management Plan - Part 4: Risk Matrix

Updated on April 5, 2015

Published: November 16, 2011

Section 4: Risk Matrix

Construction of a risk matrix starts by first establishing how the matrix is intended to be used. … A key initial decision that has to be made is to define the risk acceptability or tolerability criteria for the organization using the matrix. Without adequate consideration of risk tolerability, a risk matrix can be developed that implies a level of risk tolerability much higher than the organization actually desires. (ioMosaic, 2009).

A&D High Tech historically veered away from Internet marketing projects either because the company saw no value in the market or the risk tolerance for such a project was low. In any case, negotiations for extended time or capital for this project may be met with resistance. The risk matrix will be used to guide the project team in avoiding and mitigating risks that A&D High Tech would likely consider intolerable.

“The next step is to define the consequence and likelihood ranges” (ioMosaic, 2009). The likelihood in this risk matrix is expressed as a percentage value in the Probability column. Determining the likelihood or probability of risk events is difficult without any quantifiable data to base the determinations on.

A major risk component is the contract with Geneva. The implied probability for this risk was determined to be very high and quantifies as a risk factor of 75%. This percentage value was then used for the Risk Matrix in section 4.2 along with the quantified values for other risks.

“The key to risk management is to identify risks that are intolerable and to mitigate them to a tolerable level” (ioMosaic, 2009). Classification of risks and ranking them by tolerability is covered in section 4.1.

4.1 Major and Minor Risks for the Risk Matrix

The author next categorized risks using a ranking system of 1 through 4. With the ranks associated with the following categories:

  1. Unacceptable
  2. Undesirable
  3. Acceptable with Controls
  4. Acceptable as is

These categories would then lead to the following category descriptions:

  • Unacceptable

Risks leading to probable project failure that should be immediately mitigated to level 3 or more using design or administrative techniques

  • Undesirable

Risks leading to undesirable scheduling or cost variances that should be mitigated to level 3 or more within 3 months

  • Acceptable with Controls

Risks likely leading to no effect on the project as long as verified controls are in place to prevent the risk from graduating to level 2 or lower

  • Acceptable as is

Risks that require no mitigation and may be overlooked

Evaluating the various project risks is a qualitative exercise of imagining what could go wrong and what may happen. Once each of the risks were evaluated in this manner the risks were added to the risk matrix, inserting the rank values in the impact column and the probability values from above to the probability column.

Multiplying the importance value for a risk by the inverse of the probability value yields a risk score. The risk score was then used to identify the major and minor risks. The inverse of the probability was used because the lower importance values were more critical in this case. Using this method, the risks with the lowest risk scores are the major risks and those with the highest risk scores are the minor risks.

This method of evaluation identifies three major risks and three minor risks. The three major risks for this implementation project include the following:

  • Finish by Christmas
  • Interface with ERP Package
  • Contract with Geneva

The three minor risks include the following:

  • Inaccurate Physical Infrastructure Estimates
  • Employee Morale
  • Change in Process Flows

The major risks must be closely monitored and action taken as necessary to mitigate the risks before a risk event occurs. The Action Plan column of the risk matrix describes the steps to be taken to prevent the risk events from occurring and the Response to Risk column describes the steps to take if a risk event occurs. The team members who are responsible for each risk are also listed in the risk matrix along with the current status.

Using the risk matrix will provide the team members a visualization of what the risks are from top to bottom and how to deal with them. Figure 4.2 above contains the completed risk matrix for the A&D High Tech Internet Store project.

4.2 Reviews

A risk review is “an overall assessment of the risks involved in a project, their magnitude and their optimal management” (RAMP, 2009). These reviews may be held at any point during the project life cycle and for this project will take the form of agenda items during regularly scheduled project team meetings. These reviews will be cumulative in nature with the results of each review adding to those of the predecessors.

A risk review plan will forwarded to each team member prior to each project meeting. Chris Johnson will develop and distribute these risk review plans to each of the project team members. Team members should review the plan before attending the meeting. All team members will be permitted to attend but attendance will be mandatory for members who are responsible for items listed in the agenda. The time and location of the meetings will be adjusted in order to coincide with the schedules of attendees.

These reviews should generate information to be included in the RBS and Risk Matrix as appropriate. Mitigation strategies will be discussed along with risk ranking criteria. The result of the risk reviews should be to help mitigate those risks that would be deemed intolerable by the upper management of A&D High Tech before unacceptable conditions surface.

Dumbledore's Sample Risk Management Series

RAMP (2009). Risk review. Risk glossary. Risk Analysis and Management for Professionals. Available from


    0 of 8192 characters used
    Post Comment

    No comments yet.


    This website uses cookies

    As a user in the EEA, your approval is needed on a few things. To provide a better website experience, uses cookies (and other similar technologies) and may collect, process, and share personal data. Please choose which areas of our service you consent to our doing so.

    For more information on managing or withdrawing consents and how we handle data, visit our Privacy Policy at:

    Show Details
    HubPages Device IDThis is used to identify particular browsers or devices when the access the service, and is used for security reasons.
    LoginThis is necessary to sign in to the HubPages Service.
    Google RecaptchaThis is used to prevent bots and spam. (Privacy Policy)
    AkismetThis is used to detect comment spam. (Privacy Policy)
    HubPages Google AnalyticsThis is used to provide data on traffic to our website, all personally identifyable data is anonymized. (Privacy Policy)
    HubPages Traffic PixelThis is used to collect data on traffic to articles and other pages on our site. Unless you are signed in to a HubPages account, all personally identifiable information is anonymized.
    Amazon Web ServicesThis is a cloud services platform that we used to host our service. (Privacy Policy)
    CloudflareThis is a cloud CDN service that we use to efficiently deliver files required for our service to operate such as javascript, cascading style sheets, images, and videos. (Privacy Policy)
    Google Hosted LibrariesJavascript software libraries such as jQuery are loaded at endpoints on the or domains, for performance and efficiency reasons. (Privacy Policy)
    Google Custom SearchThis is feature allows you to search the site. (Privacy Policy)
    Google MapsSome articles have Google Maps embedded in them. (Privacy Policy)
    Google ChartsThis is used to display charts and graphs on articles and the author center. (Privacy Policy)
    Google AdSense Host APIThis service allows you to sign up for or associate a Google AdSense account with HubPages, so that you can earn money from ads on your articles. No data is shared unless you engage with this feature. (Privacy Policy)
    Google YouTubeSome articles have YouTube videos embedded in them. (Privacy Policy)
    VimeoSome articles have Vimeo videos embedded in them. (Privacy Policy)
    PaypalThis is used for a registered author who enrolls in the HubPages Earnings program and requests to be paid via PayPal. No data is shared with Paypal unless you engage with this feature. (Privacy Policy)
    Facebook LoginYou can use this to streamline signing up for, or signing in to your Hubpages account. No data is shared with Facebook unless you engage with this feature. (Privacy Policy)
    MavenThis supports the Maven widget and search functionality. (Privacy Policy)
    Google AdSenseThis is an ad network. (Privacy Policy)
    Google DoubleClickGoogle provides ad serving technology and runs an ad network. (Privacy Policy)
    Index ExchangeThis is an ad network. (Privacy Policy)
    SovrnThis is an ad network. (Privacy Policy)
    Facebook AdsThis is an ad network. (Privacy Policy)
    Amazon Unified Ad MarketplaceThis is an ad network. (Privacy Policy)
    AppNexusThis is an ad network. (Privacy Policy)
    OpenxThis is an ad network. (Privacy Policy)
    Rubicon ProjectThis is an ad network. (Privacy Policy)
    TripleLiftThis is an ad network. (Privacy Policy)
    Say MediaWe partner with Say Media to deliver ad campaigns on our sites. (Privacy Policy)
    Remarketing PixelsWe may use remarketing pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to advertise the HubPages Service to people that have visited our sites.
    Conversion Tracking PixelsWe may use conversion tracking pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to identify when an advertisement has successfully resulted in the desired action, such as signing up for the HubPages Service or publishing an article on the HubPages Service.
    Author Google AnalyticsThis is used to provide traffic data and reports to the authors of articles on the HubPages Service. (Privacy Policy)
    ComscoreComScore is a media measurement and analytics company providing marketing data and analytics to enterprises, media and advertising agencies, and publishers. Non-consent will result in ComScore only processing obfuscated personal data. (Privacy Policy)
    Amazon Tracking PixelSome articles display amazon products as part of the Amazon Affiliate program, this pixel provides traffic statistics for those products (Privacy Policy)
    ClickscoThis is a data management platform studying reader behavior (Privacy Policy)