Risk Management Paradigm
The SEI Risk Management Paradigm is depicted below. The paradigm illustrates a set of functions that are identified as continuous activities throughout the life cycle of a project.
Functions of Continuous Risk Management
The functions of Continuous Risk Management are introduced below. Each risk nominally goes through these functions sequentially, but the activity occurs continuously, concurrently (e.g., risks are tracked in parallel while new risks are identified and analyzed), and iteratively (e.g., the mitigation plan for one risk may yield another risk) throughout the project life cycle.
Function |
Description |
Identify |
Search for and locate risks before they become problems. |
Analyze |
Transform risk data into decision-making information. Evaluate impact, probability, and timeframe, classify risks, and prioritize risks. |
Plan |
Translate risk information into decisions and actions (both present and future) and implement those actions. |
Track |
Monitor risk indicators and mitigation actions. |
Control |
Correct for deviations from the risk mitigation plans. |
Communicate |
Provide information and feedback internal and external to the project on the risk activities, current risks, and emerging risks. Note: Communication happens throughout all the functions of risk management. |
For More Information
Customer Relations
Software Engineering Institute
Carnegie Mellon University
4500 Forbes Avenue
Pittsburgh, PA 15213-3890
Phone: 412-268-5800
Send comments or questions to customer-relations@sei.cmu.edu
return to top | Risk Management main page