WIKI SLATEPrecision to Vision
← LibraryRisk — Three Levels & Quant ToolsProject Management · Project Risk Management← PrevNext →
POSTER 13
Section 4 · Risk Management — Scaling & Quantifying

Risk Across the Three Levels & Quantitative Tools

This standard's signature idea: risk is managed at project, program and portfolio levels — each with a different focus and horizon — and risks cascade and escalate between them. Below: what risk means at each level, plus the quantitative tools that turn uncertainty into numbers.

Visual Map — One Risk Discipline, Three Altitudes

LevelRisk is about…Primary focusHorizonOwner
PortfolioStrategic objectives & the balance/mix of components; aggregate exposure vs risk capacityDoing the right mixLong / strategicPortfolio governance
ProgramRisks between components & their interdependencies; threats to benefits & integrationCoordinated benefitsMediumProgram manager
ProjectRisks to scope, schedule, cost, quality of a specific deliverableReliable deliveryShort / tacticalProject manager

Escalation & cascade: a project risk beyond the PM's authority escalates up to program or portfolio; strategic decisions and constraints cascade down. Consolidated reporting rolls individual risks into an overall picture at each level.

Expected Monetary Value (EMV)

EMV = Σ (probability × impact); impacts are signed (− threat, + opportunity).

  • Threat: 20% × (−$500k) = −$100k
  • Opportunity: 30% × (+$200k) = +$60k
  • Net EMV = −$40k → size the contingency accordingly.

Feed EMVs into a decision tree to choose the option with the best expected value (e.g. build vs buy).

Modelling Overall Risk

  • Monte Carlo: simulate thousands of runs → a range & confidence (e.g. P80 cost/finish).
  • Sensitivity / tornado: rank which risks swing the outcome most.
  • Decision tree: compare options by EMV under uncertainty.
  • Outputs justify reserves and feed the cost baseline (EVM).

Probability & Impact Matrix (Qualitative)

Prob ↓ / Impact →LowMediumHigh
HighMediumHighHigh
MediumLowMediumHigh
LowLowLowMedium

Score = probability × impact → a priority that drives response order & depth.

Exam Concepts

  • Portfolio = strategic / aggregate; program = interdependencies & benefits; project = delivery.
  • Risk capacity (portfolio) sets the ceiling that appetite sits within.
  • Escalate up, cascade down; aggregate vs individual risk.
  • EMV, Monte Carlo & decision trees are quantitative.

Executive View

  • Portfolio risk is a strategy & capacity conversation, not a register.
  • Consolidated, roll-up reporting gives the board one risk picture.

Industry Example — A Defence Prime

Defence
  • Portfolio: balance the mix of bids & live programs against capacity.
  • Program: integrate ship + combat system + training so the capability benefit lands.
  • Project: deliver the radar subsystem on cost & to spec.

Memory Hooks

  • Portfolio = right mix · Program = right benefits · Project = right delivery.
  • "Risk rolls up; response rolls down."
  • Reserves: contingency = knowns I control; management = unknowns the boss controls.
60-sec Review Risk focus at each level Escalate up vs cascade down Compute a 2-line EMV What Monte Carlo gives you Capacity vs appetite
PMI Visual Wall · Poster 13 · Risk — Three Levels & Quantitative Tools · original instructional design · A3 landscape