Project-Level Risk Identification & Assessment


The risk identification and assessment process is a critical part of effectively managing risks at a project level. Risks are identified, and then classified by risk category (financial, operational, strategic, compliance). Each risk is then assessed based on its impact and likelihood, and prioritized in order to direct management focus toward the most important (Deloitte & Touche LLP, 2012).

Our Project-Level Risk Identification and Assessment follows the steps below:

  1. Identify potential risks that could impact your project and classify each risk into categories.
  2. Combine to eliminate duplicates and move forward with only unique risks.
  3. Rate each risk based on impact and likelihood.
  4. Prioritize to ensure the right risks are managed going forward.
  5. Develop a specific action plan to address the high-priority risks.


"The objective of project risk management is to understand project and programme level risks, minimize the likelihood of negative events and maximize the likelihood of positive events on projects and program outcomes. Project risk management is a continuous process that begins during the planning phase and ends once the project is successfully commissioned and turned over to operations." (KPMG, 2014)

As a plan to mitigate potential risks is developed, the likelihood of successful project completion increases. Additionally, identifying risks ahead of time gives the organization time to make informed decisions on issues critical to the success of the project.


1)  NOODLE & TAG: Identify and categorize the key risks that could impact your project.

2)  COMBINE to eliminate duplicates and move forward with only unique risks

3)  MULTI-CRITERIA RATE each risk based on Impact and Likelihood. In the comments section, provide rationale for why each risk was rated the way it was.

4) PRIORITIZE: Identify high priority risks for management attention. 

5) ACTION PLAN: Develop an action plan to address high priority risks.


  • Prioritized list of risks to receive management attention
  • Critical thinking skills developed that enable a risk culture
  • Valuable insight into why risks were rated the way they were
  • Shared understanding and alignment on risks to the projects
  • List of potential risks that can be revisited during each risk identification and assessment cycle 


This exercise will enable:

Quality - Gain critical insight into your organization and proactively manage the risks that impact achievement of strategic goals – no surprises. Increased perspectives will reduce risk.

Efficiency - Engage busy stakeholders when it’s convenient for them to contribute – 24/7, reducing meetings and bringing the right people to the table.

Engagement - Conversation analytics allow individual stakeholders to know how they rated risks versus how others did, igniting rich discussion and deeper alignment. Provide a safe space for stakeholders to evaluate and provide candid thoughts and rationale. 

Agility - Develop a shared understanding about the organizations or departments key risks. Evaluate and focus management attention and resources on the most important risks. 


Deloitte & Touche LLP. (2012). Risk assessment in practice. Deloitte. 

PwC Risk in Review. (2017). Managing risk from the front line. PwC

Wallis, P. (2012).  Risk management, achieving the value proposition. Government Finance Review.