Risk Management is applied in two major areas in an ICT environment:
∑ New projects: When launching such projects, Risk Management is applied during all phases of each project.
∑ Ongoing operations: When projects deliver products or services that become part of an ICT Unitís regular operations, Risk Management is also applied to those operations.
The Project Management Instituteís Guidelines for Project Management cover 9 areas of knowledge that a Project Manager must master. One of these is Risk Management (Chapter 11). The approach of this segment is to use the 6 processes proposed by the Project Management Institute:
Note: This segment deviates from the PMI naming by changing the titles of the 3rd and 4th processes and reordering them. The new set becomes:
Process 1: Risk Management Planning
Process 2: Risk Identification
Process 3: Risk Analysis and the Risk Database
Process 4: Risk Response Planning
Process 5: Risk Monitoring/Control
Process 6: Additional Risk Analysis Tools and Techniques
In the next 6 main Sections, various Standard Operating Procedures (SOPs) and Guidelines will be presented for these processes.
The diagram in Section 2.5 shows the above processes, their sequence and the main documents they deal with.