This is an A-Z glossary of terms, from the 2009 edition. PRINCE2® is a registered trade mark of AXELOS Limited. <
Dynamic management products that maintain information regarding project progress.
reduce (risk response)
A response to a risk where proactive actions are taken to reduce the probability of the event occurring by performing some form of control, and/or to reduce the impact of the event should it occur.
reject (risk response)
A response to a risk (opportunity) where a conscious and deliberate decision is taken not to exploit or enhance an opportunity, having discerned that it is more economical to do so than to attempt a risk response action. The opportunity should continue to be monitored.
The set of products in a handover. The contents of a release are managed, tested and deployed as a single entity. See also ‘handover
Management products providing a snapshot of the status of certain aspects of the project.
request for change
A proposal for a change to a baseline. It is a type of issue.
The risk remaining after the risk response has been applied.
The person or group commissioning the project (typically corporate or programme management) who has the authority to commit resources and funds on behalf of the commissioning organization.
A person or group independent of the producer who assesses whether a product meets its requirements as defined in its Product Description
An uncertain event or set of events that, should it occur, will have an effect on the achievement of objectives. A risk is measured by a combination of the probability of a perceived threat or opportunity occurring, and the magnitude of its impact on objectives.
A nominated owner of an action to address a risk. Some actions may not be within the remit of the risk owner
to control explicitly; in that situation there should be a nominated owner of the action to address the risk. He or she will need to keep the risk owner
apprised of the situation.
An organization’s unique attitude towards risk taking that in turn dictates the amount of risk that it considers is acceptable.
The estimation of probability and impact of an individual risk, taking into account predetermined standards, target risk levels, interdependencies and other relevant factors.
The process of understanding the net effect of the identified threats and opportunities on an activity when aggregated together.
The systematic application of principles, approaches and processes to the tasks of identifying and assessing risks, and then planning and implementing risk responses.
Risk Management Strategy
A strategy describing the goals of applying risk management, as well as the procedure that will be adopted, roles and responsibilities, risk tolerances, the timing of risk management interventions, the tools and techniques that will be used, and the reporting requirements.
A named individual who is responsible for the management, monitoring and control of all aspects of a particular risk assigned to them, including the implementation of the selected responses to address the threats or to maximize the opportunities.
A description of the types of risk that are faced by an organization and its exposure to those risks.
A record of identified risks relating to an initiative, including their status and history.
Actions that may be taken to bring a situation to a level where exposure to risk is acceptable to the organization. These responses fall into a number of risk response categories.
risk response category
A category of risk response. For threats, the individual risk response category can be avoid, reduce, transfer, accept
or share. For opportunities, the individual risk response category can be exploit, enhance, reject or share.
The threshold levels of risk exposure which, when exceeded, will trigger an Exception Report
to bring the situation to the attention of the Project Board. Risk tolerances could include limits on the plan’s aggregated risks (e.g. cost
of aggregated threats to remain less than 10% of the plan’s budget), or limits on any individual threat (e.g. any threat to operational service). Risk tolerance is documented in the Risk Management Strategy
risk tolerance line
A line drawn on the summary risk profile. Risks that appear above this line cannot be accepted (lived with) without referring them to a higher authority. For a project, the Project Manager
would refer these risks to the Project Board.
A description of the set of responsibilities specific to a role.
Copyright © AXELOS Limited 2012. All rights reserved. Material is reproduced with the permission of AXELOS