How to Run Great Risk Review Meetings

Wouldn’t it be great if we could go throughout our day-to-day life without having any fears of risk?

We’d drive a little over the speed limit without the risk of getting a speeding ticket. Or even dye our hair a crazy color without even a twinge of regret.

That just simply isn’t reality. We’re often identifying risks more often than we even recognize, both at work and in our personal life. And when it comes to working with team members on specific projects at work, it’s common to complete a risk review process to make sure you’ve thought of anything and everything that could go wrong. 

• What is a risk review process?
• How to conduct a risk review meeting

What is a risk review process?

A risk review process or a risk assessment meeting is a crucial part of any project. Having this meeting will address the strategy behind risk management so that the project manager and the team responsible for the project’s success can come together to handle any associated risks before they happen.

This process includes allowing the project team to think about risks in terms of:

• Identification of all risks
• Categorizing them by likelihood
• Prioritizing risks by least to most detrimental 
• Mitigating them if they occur 
• Avoiding risks at all costs

Essentially the project manager acts as a conversation leader as the team discusses the risks associated with the project, their probability, and their impact. It’s up to the project manager to facilitate the meeting while the team works together to come up with as many potential risks as they can.

How to conduct a risk review meeting

A risk review meeting can take 2-3 hours from start to finish, and having the right kind of conversation upfront before a project begins can make or break the success of the project. Here’s how to conduct a risk review meeting the right way so you can feel like you’re as prepared as possible.

• Decide on your process
• Get to know your stakeholders
• Choose your risk management toolkit
• Start risk identification
• Coach for risk action planning
• Begin a second round of risk identification
• Run a second risk review board
• Encourage reflection
• Develop a long-term plan

1 Decide on your process

The first step in running a risk assessment is deciding on your process. This will depend on the size of the project team and how you prefer to work with one another. One process that may work across teams is to come together, sit in a circle (if meeting in person!) and create a list of every possible risk and opportunity in the book.

Remember that no risk is too small, too big, or too silly to include on the list. Having this brainstorm as you go about project planning makes it possible to think of possibilities, risks, challenges, and roadblocks that you may not have been able to come up with on your own.

2 Get to know your stakeholders

During the risk review process, the stakeholders will be those who may bring value in the identification of project risks and can also assist in mitigation and avoidance strategies. If this is the first time working with this group of stakeholders, see if they know of any risks they’ve encountered on past projects, as a look into the past can help the project team visualize risks in the future. 

Getting to know the stakeholders and finding out what they know can open your eyes to what risks may occur and help you develop a plan of action before they do.

3 Choose your risk management toolkit

When was the last time you inspected your risk management toolkit? And no, I’m not referencing a hammer or a tape measure, I mean the tools your team uses for project planning software and other tools or features within other software your team may use. 

In addition to the software your team has at their fingertips, a hidden tool within your kit may be an individual on your team who is an expert on certain types of risks. Something wrong with the code? You have an engineer ready for anything. Not sure about the look and feel of the project? You have an expert designer in your toolkit, too.

4 Start risk identification

Once you’re ready to roll up your sleeves and get started, it’s time for risk identification. How you go about doing so may depend on your time constraints and budget, but it’s best to be as proactive as possible. 

Doing so will probably entail taking a look at the project schedule, how it relates to milestones and goals, and where certain risks may fall within the schedule. For instance, risks associated with a launch will likely occur at the end of the project’s schedule. 

As the team goes about making a list of risks, remember to think of quality rather than quantity. Additionally, be as specific as possible when identifying. It’s better only to have the top ten risks most likely to happen, complete with a comprehensive solution plan, rather than a list of 100 with only a rough solution in place. 

5 Coach for risk action planning

As the project manager coaches the team to plan for risks and create a strategy, they’ll likely start to build a Risk Review Board (RRB). Think of this as a standard board of directors, but instead, it’s a group that meets at least once a month to oversee all project risks. 

The board usually consists of the project owner or sponsor, project manager, and any risk owners. During the first board meeting, the agenda should include:

• Understanding what the risks are
• Prioritizing each risk
• Assigning an owner or manager to each risk

Then, the project team will come together to ensure alignment regarding best practices regarding the risks most likely to occur and the right solutions.

6 Begin a second round of risk identification

Because when it comes to a risk that can derail your entire project, running one round of identification simply isn’t enough. There will always be something that you didn’t think of the first time around, so factor in running a second round of risk identification, especially for larger projects or ones with the potential to lead to a big impact. Consider what new risks have emerged since the team last met.

7 Run a second risk review board

Once a new list of risks has been created, invite the board to meet to review specific criteria. This can include:

• New actions plans that need to be approved or denied
• Rating each new potential risk by likelihood 
• Allocating new risks to certain people on the team

8 Encourage reflection

No matter where you are in the project stage, reflection is always encouraged. Take a step back and assess what the team is doing correctly, where there can be some improvement, where the team failed to meet expectations, and how close the team is to accomplishing their goals.

Don’t wait until the project has come to a close to go through the reflection process.

9 Develop a long-term plan

Over the course of holding multiple risk review meetings, it’s likely the project manager and the team itself has developed a long-term plan for how to handle, mitigate, and avoid risks that may arise during future projects. Having a strategy in place that works for the long-term will make it easier to get a handle on potential risks before they occur.

This long-term plan helps set up the project team and the organization for success.

It’s a risky business

Sometimes the risk is in the reward, and the reward is taking the time to plan ahead for risks during risk review meetings. No matter the size of your organization or the industry it’s within, knowing how to properly prepare for and establish a risk review meeting can lead to many benefits. 

And while you can’t predict the future, you can plan for it and know what risks may be around the corner.