Risk management is defined trough several processes that pretend to identify and control the possible risks that may affect the succes of a project. The most common methodology for RM is Failure Mode Effect Analysis. Does anybody know some other methodologies used in the management of risk??
Risk maangement is a huge topic, neverthless i'll try to be very short and overview the Prince2 Management of Risk principle (M_o_R). http://www.apmg-international.com/APMG-UK/M_o_R/MoR_Home.asp
Prince2 suggests 5 steps:
- Identify
- Assess
- Plan
- Implement
- Communicate
In particular Prince2 doesnt impose a paritcular tecnique for each of these steps but puts forward some suggestions on how to deal with them, for instance Risk can be identified through Review Lessons,Risk Checklists,Risk Prompted List,Brainstorming,Risk Breakdown structure,ecc.
Once a risk has been identified (cause,event,effect) should be assessed with another technique like probability tree,expected value,pareto analysis or probability impact grid and then evaluated through Risk models (like Monte Carlo) or Expected Monetary value.
The Plan phase details the possible responses to a risk (Avoid, Reduce, Fallback, Transfer, Accept, Share, Exploit, Enhance or Reject).
The implement phase goal is ensure that the planned risk response are actioned and monitored
Finally the communicate step which is carried out continuosly ensure that all information regarding the risk is communicated within the projects and to the stakeholders.
As you can see the general idea is pretty simple and can be applied well in a lot of context: i realize i've been very quick and didnt do much explaining i urge you if you need more information to check out the link i gave you or the Prince2 methodology in general.