You are here: Home Blogs Start Risk Identification with Inherent Risk Factors
Friday, 05 May 2017 23:20

Start Risk Identification with Inherent Risk Factors

Written by 
Rate this item
(0 votes)
This content is from the Method123 weekly email dated 2017.06.05

Start Risk Identification with Inherent Risk Factors

Would you agree that large projects are generally riskier than small projects? Would you agree that having an inexperienced project team is riskier than having an experienced project team? Would you agree that using new technology on your project introduces some additional risk over a project that uses current technology.

Notice I did not give you any other information about the project. I did not tell you the type of project, the deliverables, the organization or any other project description. These are example of "inherent" risks. They are risks that are inherent in the nature of your project. In other words, these types of risks are applicable to any project.

When you are identifying project risks, you can start with a checklist describing inherent risks, since they tend to hold true for all projects. Of course, the checklist needs to be customized for each organization to describe the risk level and risk tolerance for your organization.

Examples include:


High Risk

Low Risk


Longer than 12 months

Less than 3 months

Team size

Over 25 members

Fewer than 5

Project scope / deliverables



Project team and customer business knowledge

Neither the project team nor the customer have solid business knowledge

Both the project team and the customer  have solid business knowledge


Very complex, hard for customer to define

Easy for customer to define

Organization structures

Large amount of change

Little or no change

Physical location of team

Team is dispersed at several sites

Team is located together

Use of formal methodology

No formal methods or processes

Standard methods in use


New technology is being used for critical components

No new technology required

In the table above, medium-level risks would fall somewhere in the middle of the high and low risk.

Checking for inherent risks is the starting point for risk identification - but it is not the end. After you check for inherent risks, you still need to identify risks that are specific to your project. The combination of inherent risks and project specific risks will make up the totality of risks you take to risk analysis. 
At TenStep we are dedicated to helping organizations achieve their goals and strategies through the successful execution of critical business projects. We provide training, consulting and products for organizations to help them set up an environment where projects are successful. This includes help with strategic planning, portfolio management, program / project management, Project Management Offices (PMOs) and project lifecycles. For more information, visit or contact us at
Read 1163 times
Login to post comments

News and Promotions

Keep up to date with the latest happenings by signing up for our newsletter. Subscribe below.

Twitter Update

Who's Online

We have 408 guests and no members online

Got something to say?