Artifact: Risk List
 Risk List |
A sorted list of known, open risks to the project, sorted in decreasing order of importance, associated with specific mitigation or contingency actions. |
| Worker: | |
| Enclosed in: | Risk Management Plan |
| Template: | |
| Examples: | |
| More information: | Guidelines: Risk List |
|
|
| Input to Activities: | Output from Activities: |
Purpose 
The risk list is designed to capture the perceived risks to the success of the project. It identifies, in decreasing order of priority, the events which could lead to a significant negative outcome. It serves as a focal point for project activities, and is the basis around which iterations are organized.
Brief Outline
(hyperlinks into HTML template in a new window)
1. Introduction
1.1 Purpose
1.2 Scope
1.3 Definitions, Acronyms and Abbreviations
1.4 References
1.5 Overview
2. Risks
2.1 <Risk Identifier û a descriptive name or number>
2.1.1 Risk Magnitude or Ranking
2.1.2 Description
2.1.3 Impacts
2.1.4 Indicators
2.1.5 Mitigation Strategy
2.1.6 Contingency Plan
2.2 <next Risk Identifier û a descriptive name or number>
Timing
The risk list is maintained throughout the project. It is created early in the Inception phase, and is continually updated as new risks are uncovered and existing risks are mitigated or retired. At minimum, it is revisited at the end of each iteration, as the iteration is assessed.
Responsibility
The project manager is responsible for maintaining the risk list and keeping it up to date.
Tailoring
The Risk List should capture the critical and serious risks - if you find this list extending beyond twenty, think hard about whether they are really serious risks. Tracking more than twenty risks is an onerous task.
