The objectives of risk identification are to identify and categorize risks that could affect the project and document these risks. The outcome of risk identification is a list of risks. What is done with the list of risks depends on the nature of the risks and the project. On noncomplex, low-cost projects with little uncertainty (few risks), the risks may be kept simply as a list of red flag items. The items can then be assigned to individual team members to watch throughout the project development process and used for risk allocation purposes, as described later in this document. On complex, high-cost projects that are by nature uncertain, the risks can feed the rigorous process of assessment, analysis, mitigation and planning, allocation, and monitoring and updating described in this document.
The risk identification process should stop short of assessing or analyzing risks so that it does not inhibit the identification of "minor" risks. The process should promote creative thinking and leverage team experience and knowledge. In practice, however, risk identification and risk assessment are often completed in a single step, a process that can be called risk assessment. For example, if a risk is identified in the process of interviewing an expert, it is logical to pursue information on the probability that it will occur, its consequences/impacts, the time associated with the risk (i.e., when it might occur), and possible ways of dealing with it. The latter actions are part of risk assessment, but they often begin during risk identification. This document, however, will treat the two activities of risk identification and assessment discretely for clarity.
Risk Identification Process
The risk identification process begins with the team compiling the project's risk events. The identification process will vary, depending on the nature of the project and the risk management skills of the team members, but most identification processes begin with an examination of issues and concerns created by the project development team. These issues and concerns can be derived from an examination of the project description, work breakdown structure, cost estimate, design and construction schedule, procurement plan, or general risk checklists. Appendix B contains four examples of risk checklists and table 4 provides a summary of two of these checklists. Checklists and databases can be created for recurring risks, but project team experience and subjective analysis almost always will be required to identify projectspecific risks.
The team should examine and identify project events by reducing them to a level of detail that permits an evaluator to understand the significance of any risk and identify its causes, (i.e., risk drivers). This is a practical way of addressing the large and diverse numbers of potential risks that often occur on highway design and construction projects. Risks are those events that team members determine would adversely affect the project.
After the risks are identified, they should be classified into groups of like risks. Classification of risks helps reduce redundancy and provides for easier management of the risks in later phases of the risk analysis ...