Risk Analysis: One of the Greatest Tools for Project Managers & Business Analysts

sourced from Author’s Wordpress article

Image for post
Photo by Austin Distel on Unsplash, slightly edited by the author on PicsArt

Risk analysis is a technique and process that involves identifying and collecting relevant factors, assess factors, and synthesizing those factors to develop an understanding of relevant risks for the project or organizational activity. The risks can be both in positive and negative terms — so any threat (damaging) or any unidentified opportunity (positive) can be called risk.

Risk management is concerned about — what may go wrong or right. It also involves the relevant pathway to counteract the organization’s risks to ensure activity or venture success.

So, in simple terms, it involves identifying assets and threats, prioritizing risks, and identifying appropriate measures and processes to attain success.

The purpose is to identify all sorts of uncertainties that may have an impact on the initiative. As a part of Business Analysis Solution Knowledge, managers need to consider risk analysis as a tool to incorporate. [Business Analyst Learning]


There are two categories to deal with:

a) qualitative risk analysis: prioritize risks by assessing & combining the probability of occurrence and impact of the risks,

b) quantitative risk analysis: numerically analyzes the overall effect of identified risks on the venture or activity.


Risks analysis involves the following steps:

Image for post
Background photo by Jo Szczepanska on Unsplash, words mentioned by the author


Risk response strategy

An essential part of the risk analysis is the risk response strategy.

For negative risks, Analysts and Project Managers determine any of the following four options:

  • Transfer: the responsibility of bearing the risk is transferred to a separate authority,
  • Avoidance: avoid specific activity or particular risk-related event to prevent that risk,
  • Mitigation: organization takes specific actions to minimize the chance of risk occurrence and
  • Acceptance: accepting the risk as there is no other way to avoid it.

For positive risk, the responses are any of the following:

  • Acceptance: choose to accept the positive risk,
  • Exploit: organization identifies and takes specific actions to maximize the impact from positive risk,
  • Enhance: organization takes steps to strengthen the probability of the risk so that it can happen and
  • Share: organization connects with other entities to increase the chance of positive risk occurrence and mutually benefit. [Business Analyst Learning]
Image for post
Photo by Kaleidico on Unsplash


There are various types of frameworks and templates to do the risk assessment, such as uniform numerical scale, objective evaluation criteria, calibrated assessment criteria, link risk assessment, etc. [Logic Manager]

Business Analysts and project managers are in the best position to determine which framework to adopt. Every manager should consider “Risk Analysis” as a part of their BA technique — which can increase the chance of success for the venture tremendously.

Let’s talk about some of the common questions by criticizing “Risk Analysis.”

What areas are not covered by risk analysis as part of solution knowledge but effectively covered by other available tools?

Risk analysis doesn’t cover the entire solution scope; rather, it gives the knowledge about approaching the solution and in what areas. Risk analysis is a lack in terms of the development of the solution itself.

Risk analysis identifies the overall risks for getting the project into its targeted mission, and it also suggests the approach to take in dealing with the risks.

As a stand-alone tool, risk analysis might not provide a solution to project managers and business analysts. But using it with other decision-making tools (based on the organization) can significantly assist in strategy making.

So, what sort of tools can be used in place of risk analysis?

Prototyping, KPI, decision matrix, and decision tree are standard tools to use in the decision-making process.

For example, using prototyping with risk analysis might help, as risk analysis will help determine the issues/risks. The approach to take & prototyping will allow us to encompass factors to build up the solution.

Using a decision tree helps us enlist all possible options with possible outcomes of a particular value, making the final strategy. However, it depends on the organization on what tools to use with risk analysis and how it will deal with the identified outcomes.

Image for post
Photo by Lubo Minar on Unsplash

In which cases, Risk Analysis is essential and can perform better?

Risk analysis is essential for every business and every project. Without the risk analysis, the extent of uncertainty might not be identified, and it might cause issues for the project and increase the probability of failure.

Organizations have to perform Risk Analysis to properly outline the possible risks and deal with those identified risks efficiently.

Many projects or business ventures have been closed because they didn’t have their risk analysis or couldn’t do proper justification to risk analysis and failed.

What are the potential risks that are uncovered (not-listed / ignored) during the project?

Worth mentioning are less executive support for the project, staff turnover problem, schedule flaws, etc. There should be a possible risk response strategy with the lists, which will guide us to approach those risks.

However, those listed risks can vary from organization to organization, and the risk response strategy might change due to that factor.

Who are the responsible people to do the analysis effectively for the project (large/ small) in an organization?

Image for post
Photo by Priscilla Du Preez on Unsplash

Risk analysis must be performed by the project management team or Business Analyst with the stakeholders’ opinions or views for any project or business venture. The project manager and his/her team and relevant stakeholders mainly identify the risks for the venture and draw the solution approach for each of the listed threats. They have to look at the responsibility in terms of internal expert analysts and external expert analysts for risk analysis.

To evaluate and identify potential risks and related strategies inside the organization, the organization mostly depends on internal experts. However, for determining the external risks, organizations sometimes hire expert risk analysts/firms.

If an organization wants to view without bias, they might employ external experts to do the organization’s internal risk analysis. External experts/research firms have years of expertise, who might do it in advance for the company.

The negative sides are confidentiality issues and organization process issues, for which — organizations do not want to include outside experts for this analysis. The project management team or business analyst should coordinate with the outside expert to provide a dependable analysis guideline and evaluate, question, and finalize the risk assessment.

The project manager or Business Analyst will finally approve the risk register list based on the priority, probability, and impact of the project’s risks.

However, before finalizing the risk register and risk approach, the Project Manager or Business Analyst should consult with the relevant stakeholders (high priority managers, project sponsor, etc.) to onboard them with their strategy. Other than the project management team or business analyst or focus group people, no other people should analyze.

The responsibility of communication lies in the project manager or Business analyst, like onboarding and communicating to the appropriate persons at the right time is important. Failure to do so will result following: all the risks might not be listed, stakeholders might not have bought on the risks identified, communication gap, incomplete solution package, and approach, lastly, high probability of project failure.

Concluding remarks

So, conduct the analysis for a project or business process analysis so that all the related aspects can be analyzed and taken into consideration to formulate a strategy and proper execution plan for the project.

Risk Analysis is a great tool under solution knowledge, so it should be effectively used for the success of the project. And, formulating the right way of conducting is critical too.

This article was previously written under the author’s WordPress account (article link).

References (Work cited lists)

  1. Business Analyst learning; Article — “Risk Analysis techniques”; Publication: April 20, 2014. Source: Website
  2. Workfront; Marcus Verner; Article — “Risky Business — five steps to Project Risk Management”; Publication: January 1, 2014. Source: Website
  3. Logic Manager; Article — “Risk Management Best Practices”; last updated on 2015; Source: Website
  4. Author’s WordPress account: https://suntonu1900.wordpress.com/

Written by

Human ▪ Amongst top Medium writers in Travel, Photography & Poetry ▪ Editor of Paper Poetry & Business Thoughts Notebook ▪ Insta: sbpoetrymedium

Sign up for Open for writing

By Business Thoughts Notebook

Sales Notebook is open for articles, case studies, and video contents for Business development and sales improvement fields. We are waiting for your contributions and also to learn from each other. Take a look

By signing up, you will create a Medium account if you don’t already have one. Review our Privacy Policy for more information about our privacy practices.

Check your inbox
Medium sent you an email at to complete your subscription.

The publication is about Business development strategies, innovations, skill-sets, and practices to ensure growth. Business development includes different aspects, which requires to be taken care off or given importance, in order to attain or sustain future growth.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store