Skip to main content

Residual Risks and Secondary Risks

Residual risk is the level of risk that remains after all possible measures have been taken to mitigate or eliminate a particular risk.

It is the risk that an event will still occur despite the implementation of risk management controls or strategies.

Residual risk example in banking:

  • Inability to clear debt
  • Risk of a loan applicant losing their job
  • Guarantor's refusal or delay to pay
Here are some steps organizations can take to address residual risk:

  • Identify requirements: Determine relevant governance, risk, and compliance requirements.
  • Evaluate controls: Assess the strengths and weaknesses of the organization's control framework.
  • Acknowledge risks: Recognize existing risks.
  • Define risk appetite: Determine the organization's risk tolerance level.
  • Implement recovery strategies: Conduct recovery exercises that are realistic and rigorous.
  • Transfer risk: Shift the potential loss from an adverse outcome to a third party, such as through purchasing insurance.
  • Accept risk: Accept responsibility for any losses incurred by remaining residual risks.


What Are Secondary Risks?

The PMBOK Guide defines secondary risks as “those risks that arise as a direct outcome of implementing a risk response.” In other words, you identify risk and have a response plan in place to deal with that risk. Once this plan is implemented, the new risk that may arise from the implementation - that’s a secondary risk. 

Secondary Risk examples:
  • Manufacturing company: A company might offer a promotion to attract more customers for a new product, but this could lead to a secondary risk of running out of inventory.
  • Health insurance policy: The premium payments for a health insurance policy are a secondary risk.


Labels:

Comments

Post a Comment

Popular posts from this blog

Scaled Agile Framework (SAFe)

The Scaled Agile Framework (SAFe) is a set of organizational and workflow patterns for implementing agile practices at an enterprise scale. The framework is a body of knowledge that includes structured guidance on roles and responsibilities, how to plan and manage the work, and values to uphold. Scrum is a simple, flexible approach to adopting Agile that's great for small teams. SAFe is an enterprise-wide Agile framework designed to help bring Agile beyond the team and into the company as a whole. Scaled Agile has built a comprehensive level that includes all the four layers called the team, program, large solutions, and portfolio level. 4 Layers: Portfolio - Strategy, Vision, Roadmap, Strategy goal, Decision making, Budget, Portfolio level metrics,  Program - Align multiple teams towards a common mission, Bring together all the Agile teams, transparency, collaboration, and synchronisation, Scrum of Scrums, Product Owners to define the overall vision. Large Solutions - archite
Post a Comment
Read more

Lessons learned from sprint retrospective meeting

Scenario: Team Missed Sprint Goals Challenge: A development team consistently missed its sprint goals, leading to frustration and a drop in morale. Team members felt overwhelmed by the workload and struggled to communicate effectively. Retrospective Insights: During the retrospective, team members openly discussed their challenges and frustrations. They identified bottlenecks in communication, unclear priorities, and unrealistic expectations. The team realized that individual workloads were not evenly distributed, causing burnout for some members. Lessons Learned: Effective Communication Matters: The team recognized the importance of clear communication. They committed to regular stand-up meetings, where everyone shared progress, blockers, and priorities. Balancing Workloads: The retrospective highlighted the need to distribute tasks more evenly. They decided to monitor workloads and adjust assignments accordingly. Setting Realistic Goals: The team acknowledged that setting achievable
Post a Comment
Read more

Risk Register

A project risk register is a tool project managers use to track and monitor any risks that might impact their projects. Risk management is a vital component of project management because it's how you proactively combat potential problems or setbacks. Risk Description Impact Risk Response Risk Level Risk Owner Automation Testing Software licence delay Delay in starting testing and project schedule impact As we have one licence. Planned to start automation testing in 2 shifts. Planned to get one more licence in 2 weeks’ time. High IT team Frequent Disruption in dependency API services Delay in development of integration and unit testing Dependency API service is down, and the team is working on resolving the issue. Continuously working with API team High External Team/ Project Manager There is chance of new requir
Post a Comment
Read more