AXELOS ProPath, the world's most powerful project, programme and portfolio best practice certifications

The Risk Radial: refining the prioritisation of project risks

Guy Wilmington
January 10, 2013

Project, program and portfolio managers alike will be familiar with contrasting the likelihood of a risk occurring with the consequence should the risk eventuate to determine a risk rating.

Within the industry, the following diagram—known colloquially as a risk matrix or a slight variation thereof—is used by most, if not all, project, program and portfolio managers to assess and prioritise risks.

Risk Radial - Risk Matrix

Project, program and portfolio managers alike will also be familiar that most organisations only permit a limited number (typically five) risks to be reported in regular progress/status reports. Organisations may also have ‘business rules’ that specify which risks are to be reported: typically project and program managers are to report their ‘top five’ risks.

Now this might not be problematic for many projects and programs. But what should a project or program manager do if they have more than five risks of the highest rating? Which risks are to be reported?

A typical risk approach

The majority of project, program and project managers use Microsoft Excel or equivalent as their risk register/log and will accordingly use the ‘sort’ function to sort active risks by their risk rating.

Thereafter, they will select the first five to include in their status reports. Unfortunately, this approach does not prioritise between risks of the same risk rating. Consequently, the risk that should have the highest priority may not be presented at the top of the list of risks being experienced by a project.

Another approach, is to assign a number (or priority value) to each cell in the risk register as below.

Risk Radial - Risk by number

This approach will enable project and program managers to differentiate between some risks that have the same rating. It does not, however, differentiate between risks that have the same likelihood and consequence rating combinations.

Furthermore, the assignment of numbers (or priority values) to each cell in the risk matrix is fairly arbitrary and subjective: there is no real science behind it.

Finally, neither of these approaches addresses the granularity of the risk matrix that produces sometimes incongruous distinctions between risk ratings.

The Risk Radial

The concept of the risk radial is based on the visual presentation of the typical risk matrix. As one can see, the risk rating increases as the likelihood and consequence increase.

Risk Radial - increasing consequences and likelihood

Indeed, one could map a set of curves over the top of the risk rating and see that risks of a common rating are approximately the same distance from the nil-nil intersection (bottom-left hand corner of the risk matrix).

Risk Radial - risk curves

From this realisation, the risk radial was born. Under the risk radial approach, each risk would be assigned a value according to the following equation:

Risk Radial - risk equation—where Consequence is represented as a percentage of total project failure.

As we now see, each risk should be capable of having a different risk radial score. This would enable risks to be separated from one another and ordered according to their risk radial score.

Risk Radial

Now, we’re not suggesting that the risk radial score should replace the risk rating other than for the purpose of determining the order in which risks should be reported. Stakeholders still need a simple rating of risks. Therefore, using the risk radial score, risks could be graded as either Low, Medium, High or Extreme as shown below.

Risk Radial - new risk ratings

In addition to assisting to differentiate between risks, the risk radial approach also removes the incongruous distinctions between risk ratings that is a feature of the risk matrix approach.

Author avatar
Guy Wilmington
Guy Wilmington is a leading portfolio, program and project manager dedicated not only to meeting his clients' needs through P3 Management Services, but also to building the profession by sharing his insights on various topics. He has twice been awarded the title of ACT Project Director of the Year by the Australian Institute of Project Management (AIPM).
Read more