ECSS-M-ST-80C
31 July 2008
Space project
management
Risk management
ECSS Secretariat
ESA-ESTEC
Requirements & Standards Division
Noordwijk, The Netherlands
ECSS‐M‐ST‐80C
31July2008
Foreword
This Standard is one of the series of ECSS Standards intended to be applied together for the
management, engineering and product assurance in space projects and applications. ECSS is a
cooperative effort of the European Space Agency, national space agencies and European industry
associationsforthepurposeofdevelopingandmaintainingcommonstandards.Requirementsinthis
Standardaredefinedintermsofwhatshallbeaccomplished,ratherthanintermsofhowtoorganize
and perform the necessary work. This allows existing organizational structures and methods to be
appliedwhere they are effective, andforthe structures and methodsto evolve asnecessarywithout
rewritingthestandards.
This Standard has been prepared by the ECSS‐M‐ST‐80 Working Group, reviewed by the ECSS
ExecutiveSecretariatandapprovedbytheECSSTechnicalAuthority.
Disclaimer
ECSSdoesnotprovideanywarrantywhatsoever,whetherexpressed,implied,orstatutory,including,
butnotlimitedto,anywarrantyofmerchantabilityorfitnessforaparticularpurposeoranywarranty
that the contents of the item are error‐free. In no respect shall ECSS incur any liability for any
damages,including,butnotlimitedto, direct,indirect,special,orconsequentialdamagesarisingout
of, resulting from, or in anyway connected to the use of this Standard, whether or not based upon
warranty,business agreement, tort,orotherwise; whetheror not injurywassustained by personsor
propertyorotherwise;andwhetherornotlosswassustainedfrom,oraroseoutof,theresultsof,the
item,oranyservicesthatmaybeprovidedbyECSS.
Publishedby: ESARequirementsandStandardsDivision
ESTEC, P.O. Box 299,
2200 AG Noordwijk
The Netherlands
Copyright: 2008 © by the European Space Agency for the members of ECSS
2
ECSS‐M‐ST‐80C
31July2008
Change log
ECSS‐M‐00‐03A
25April2000
Firstissue
ECSS‐M‐00‐03B
16August2004
Secondissue
ECSS‐M‐ST‐80C Thirdissue
31July2008 MaindifferencesbetweenECSS‐M‐00‐03B(16August2004)andthis
versionare:
• RenumberingfromECSS‐M‐00‐03toECSS‐M‐ST‐80.
• Deletionofthedefinitionsfor:.risk,residualrisk,riskmanagement,risk
managementpolicybecauseidenticallydefinedinECSS‐S‐ST‐00‐01
• Update of descriptive text in clause
4.4, 5.1, 5.2.1.2f, 5.2.1.2h, 5.2.2.1,
6.5c,
• In clause
7, former text contained in “AIM” converted into notes and
former text from “EXPECTED OUTPUT” deleted or converted into
requirementswhennormative.
3
ECSS‐M‐ST‐80C
31July2008
Table of contents
Change log 3
Introduction 6
1 Scope 7
2 Normative references 8
3 Terms, definitions and abbreviated terms 9
3.1 Terms from other standards 9
3.2 Terms specific to the present standard 9
3.3 Abbreviated terms 10
4 Principles of risk management 11
4.1 Risk management concept 11
4.2 Risk management process 11
4.3 Risk management implementation in a project 11
4.4 Risk management documentation 12
5 The risk management process 13
5.1 Overview of the risk management process 13
5.2 Risk management steps and tasks 15
5.2.1 Step 1: Define risk management implementation requirements 15
5.2.2 Step 2: Identify and assess the risks 18
5.2.3 Step 3: Decide and act 19
5.2.4 Step 4: Monitor, communicate, and accept risks 20
6 Risk management implementation 22
6.1 General considerations 22
6.2 Responsibilities 22
6.3 Project life cycle considerations 23
6.4 Risk visibility and decision making 23
6.5 Documentation of risk management 23
4
ECSS‐M‐ST‐80C
31July2008
7 Risk management requirements 25
7.1 General 25
7.2 Risk management process requirements 25
7.3 Risk management implementation requirements 28
Annex A (normative) Risk management policy document - DRD 30
Annex B (normative) Risk management plan - DRD 33
Annex C (normative) Risk assessment report - DRD 36
Annex D (informative) Risk register example and ranked risk log example 38
Annex E (informative) Contribution of ECSS Standards to the risk
management process 41
Bibliography 43
Figures
Figure 5-1: The steps and cycles in the risk management process 14
Figure 5-2: The tasks associated with the steps of the risk management process within
the risk management cycle 14
Figure 5-3: Example of a severity–of–consequence scoring scheme 15
Figure 5-4: Example of a likelihood scoring scheme 16
Figure 5-5: Example of risk index and magnitude scheme 17
Figure 5-6: Example of risk magnitude designations and proposed actions for individual
risks 17
Figure 5-7: Example of a risk trend 21
5
ECSS‐M‐ST‐80C
31July2008
Introduction
Risks are a threat to project success because they have negative effects on the
project cost, schedule and technical performance, but appropriate practices of
controllingriskscanalsopresentnewopportunitieswithpositiveimpact.
The objective of project risk management is to identify, assess,reduce, accept,
and control space project risks in a systematic, proactive, comprehensive and
cost effective manner, taking into account the project’s technical and
programmaticconstraints.Riskisconsideredtradableagainsttheconventional
known project resources within the management, programmatic (e.g. cost,
schedule)andtechnical(e.g.mass,power, dependability,safety)domains. The
overall risk management in a project is an iterative process throughout the
project life cycle, with iterations being determined by the project progress
throughthedifferentprojectphases,andbychangestoagivenprojectbaseline
influencingprojectresources.
Risk management is implemented at each level of the customer‐supplier
network.
Known project practices for dealing with project risks, such as system and
engineering analyses, analyses of safety, critical items, dependability, critical
path,andcost,areanintegralpartofprojectriskmanagement.Rankingofrisks
accordingtotheircriticalityforprojectsuccess,allowingmanagementattention
tobedirectedtotheessentialissues,isamajorobjectiveofriskmanagement.
The project actors agree on the extent of the risk management to be
implemented in a given project depending on the project definition and
characterization.
6
ECSS‐M‐ST‐80C
31July2008
1
Scope
This Standard defines the principles and requirements for integrated risk
management on a space project; it explains what is needed to implement a
project–integratedriskmanagementpolicybyanyprojectactor,atanylevel(i.e.
customer,firstlevelsupplier,orlowerlevelsuppliers).
This Standard contains a summary of the general risk management process,
whichissubdividedintofour(4)basicstepsandnine(9)tasks.
Theriskmanagementprocessrequiresinformationexchangeamongallproject
domains, and provides visibility overrisks, with a ranking according to their
criticalityfortheproject;theserisksaremonitoredandcontrolledaccordingto
therulesdefinedforthedomainstowhichtheybelong.
The fields of application of this Standard are all the activities of all the space
projectphases.AdefinitionofprojectphasingisgiveninECSS‐M‐ST‐10.
Thisstandardmaybetailoredforthespecificcharacteristicsandconstraintsofa
spaceprojectinconformancewithECSS‐S‐ST‐00.
7
ECSS‐M‐ST‐80C
31July2008
2
Normative references
The following normative documents contain provisions which, through
reference in this text, constitute provisions of this ECSS Standard. For dated
references,subsequentamendmentsto,orrevisionsofanyofthesepublications
donotapply.However,partiestoagreementsbasedonthisECSSStandardare
encouragedtoinvestigatethepossibilityofapplyingthemostrecenteditionsof
the normative documents indicated below. For undated references the latest
editionofthepublicationreferredtoapplies.
ECSS‐ST‐00‐01 ECSSsystem‐Glossaryofterms
ECSS‐M‐ST‐10 Spaceprojectmanagement–Projectplanningand
implementation
8
ECSS‐M‐ST‐80C
31July2008
3
Terms, definitions and abbreviated terms
3.1 Terms from other standards
ForthepurposeofthisStandard,thetermsanddefinitionsfromECSS‐ST‐00‐01
apply,inparticularforthefollowingterms:
risk
residualrisk
riskmanagement
riskmanagementpolicy
3.2 Terms specific to the present standard
3.2.1 acceptance of (risk)
decisiontocopewithconsequences,shouldariskscenariomaterialize
NOTE1 Ariskcan be acceptedwhen itsmagnitude is less
than a given threshold, defined in the risk
managementpolicy.
NOTE2 Inthecontextofriskmanagement,acceptancecan
meanthateventhoughariskisnoteliminated,its
existence and magnitude are acknowledged and
tolerated.
3.2.2 (risk) communication
all information and data necessary for risk management addressed to a
decision–makerandtorelevantactorswithintheprojecthierarchy
3.2.3 (risk) index
score used to measure the magnitude of the risk; it is a combination of the
likelihoodofoccurrenceandtheseverityofconsequence,wherescoresareused
tomeasurelikelihoodandseverity
3.2.4 individual (risk)
riskidentified,assessed,andmitigatedasadistinctriskitemsinaproject
9
ECSS‐M‐ST‐80C
31July2008
3.2.5 (risk) management process
consists of all the project activities related to the identification, assessment,
reduction,acceptance,andfeedbackofrisks
3.2.6 overall (risk)
risk resulting from the assessment of the combination of individual risks and
theirimpactoneachother,inthecontextofthewholeproject
NOTE Overall risk can be expressed as a combination of
qualitativeandquantitativeassessment.
3.2.7 (risk) reduction
implementationofmeasuresthatleadstoreductionofthelikelihoodorseverity
ofrisk
NOTE Preventive measures aim at eliminating the cause
of a problem situation, and mitigation measures
aim at preventing the propagation ofthe cause to
the consequence or reducing the severity of the
consequenceorthelikelihoodoftheoccurrence.
3.2.8 resolved (risk)
riskthathasbeenrenderedacceptable
3.2.9 (risk) scenario
sequence or combination of events leading from the initial cause to the
unwantedconsequence
NOTE The cause can be a single event or something
activatingadormantproblem.
3.2.10 (risk) trend
evolutionofrisksthroughoutthelifecycleofaproject
3.2.11 unresolved (risk)
risk for which risk reduction attempts are not feasible, cannot be verified, or
haveprovedunsuccessful:ariskremainingunacceptable
3.3 Abbreviated terms
Forthepurposeofthisstandard,theabbreviatedtermsofECSS‐S‐ST‐00‐01and
thefollowingapply:
Abbreviation Meaning
IEC
InternationalElectrotechnicalCommission
10
ECSS‐M‐ST‐80C
31July2008
4
Principles of risk management
4.1 Risk management concept
Riskmanagementisasystematicanditerativeprocessforoptimizingresources
in accordance with the project’s risk management policy. It is integrated
through defined roles and responsibilities into the day–to–day activities in all
project domains and at all project levels. Risk management assists managers
and engineers by including risk aspects in management and engineering
practices and judgements throughout the project life cycle, including the
preparation of project requirements documents. It is performed in an
integrated,holisticway,maximizingtheoverallbenefitsinareassuchas:
• design, manufacturing, testing, operation, maintenance, and disposal,
togetherwiththeirinterfaces;
• controloverriskconsequences;
• management,cost,andschedule.
4.2 Risk management process
The entire spectrumof risks isassessed.Trade‐offsare madeamongdifferent,
and often competing, goals. Undesired events are assessed for their severity
andlikelihoodofoccurrence.Theassessmentsofthealternativesformitigating
therisksareiterated,andthe resultingmeasurementsofperformanceandrisk
trendareusedtooptimizethetradableresources.
Within the risk management process, available risk information is produced
and structured, facilitating risk communication and management decision
making.Theresultsofriskassessmentandreductionandtheresidualrisksare
communicatedtotheprojectteamforinformationandfollow‐up.
4.3 Risk management implementation in a project
Risk management requires corporate commitment in each actor’s organization
and the establishment of clear lines of responsibility and accountability from
the top corporate level downwards. Project management has the overall
responsibility for the implementation of risk management, ensuring an
integrated,coherentapproachforallprojectdomains.
11
ECSS‐M‐ST‐80C
31July2008
Independent validation of data ensures the objectiveness of risk assessment,
performedaspartoftheriskmanagementprocess.
Risk management is a continuous, iterative process. It constitutes an integral
part of normal project activity and is embedded within the existing
management processes. It utilizes the existing elements of the project
managementprocessestothemaximumpossibleextent.
4.4 Risk management documentation
The risk management process is documented to ensure that the risk
management policies (see
Annex A) are well established, understood,
implemented and maintained, and that they are traceable to the origin and
rationaleofallrisk–relateddecisionsmadeduringthelifeoftheproject.
The risk management documentation includes the risk management policy,
which:
• defines the organizationʹs attitude towards risk management, together
withtheprojectspecificcategorizationofriskmanagement,and
• provides a high‐level outline for the implementation of the risk
managementprocess.
In addition to the risk management policy document, two key documents are
established:
• risk management plan describing the implementation of the risk
managementprocess(see
AnnexB),and
• risk assessment report for communicating the identified and assessed
risks as well as the subsequent follow‐up actions and their results (see
AnnexC).
12
ECSS‐M‐ST‐80C
31July2008
5
The risk management process
5.1 Overview of the risk management process
The iterative four–step risk ma nagement process of a project is illustrated in
Figure 5‐1. Thetasks tobe performedwithin eachof these stepsare shownin
Figure5‐2.
Step1comprisestheestablishmentoftheriskmanagementpolicy(Task1)and
risk management plan (Task 2) in coordination with other project disciplines,
suchassystemengineering,productassurance,production, and operations, to
ensure coherent approach to risk management across the programme/project.
Theriskmanagementprocessincludesfullcoordinationbetweenthedisciplines
oftheprogramme/project.
NOTE E.g. System Engineering coordination, all
engineeringdisciplines.
Product Assurance coordination, Quality
Assurance,SafetyandDependabilitydisciplines.
Management is responsible for overall
coordination of all disciplines, including
administrationofbusiness agreements and project
control.
These tasks (1 and 2) are performed at the beginning of a project. The
implementation of the risk management process consists of a number of “risk
management cycles” over the project duration comprising the Steps 2 to 4,
subdividedintothesevenTasks3to9.
The period designated in the illustration with “Risk management process”
comprises all the project phases of the project concerned. The frequency and
projecteventsatwhichcyclesarerequiredinaproject(onlythreeareshownin
Figure5‐1forillustrationpurposes)dependontheneedsandcomplexityofthe
project, and need to be defined during Step 1. Unforeseen cycles are required
when changes to, for example, the schedule, technologies, techniques, and
performanceoftheprojectbaselineoccur.
Risks at any stage of the project are controlled as part of the project
managementactivities.
13
ECSS‐M‐ST‐80C
31July2008
Projectphases0toFperECSS‐M‐ST‐10
Step1
Defineriskmanagement
implementation
requirements
Step2
Identifyandassessthe
risks
Step4
Monitor,communicate
andacceptrisks
Riskmanagementprocess
Step3
Decideandact
Step2
Identifyandassessthe
risks
Step4
Monitor,communicate
andacceptrisks
Step3
Decideandact
Step2
Identifyandassess
therisks
Step4
Monitor,communicate
andacceptrisks
Step3
Decideandact
Figure5‐1:Thestepsandcyclesintheriskmanagementprocess
Task5:Decideiftherisksmaybeaccepted
Step4
Monitor,communicateand
acceptrisks
Step3
Decideandact
Step2
Identifyandassesstherisks
Step1
Defineriskmanagement
implementationrequirements
Task1:Definetheriskmanagementpolicy
Task2:Preparetheriskmanagementplan
Task3:Identifyriskscenarios
Task4:Assesstherisks
Task6:Reducetherisks
Task7:Recommendacceptance
Task8:Monitorandcommunicatetherisks
Task9:Submitrisksforacceptance.(Return
toTask6forrisksnotaccepted)
R
I
S
K
M
A
N
A
G
E
M
E
N
T
C
Y
C
L
E
Figure5‐2:Thetasksassociatedwiththestepsoftheriskmanagementprocess
withintheriskmanagementcycle
14
ECSS‐M‐ST‐80C
31July2008
5.2 Risk management steps and tasks
5.2.1 Step 1: Define risk management
implementation requirements
5.2.1.1 Purpose
To initiate the risk management process by defining the project risk
managementpolicyandpreparingtheprojectriskmanagementplan.
5.2.1.2 Task 1: Define the risk management policy
Thefollowingactivitiesareincludedinthistask:
a. Identificationofthesetofresourceswithimpactonrisks.
b. Identificationoftheprojectgoalsandresourceconstraints.
c. Description of the project strategy for dealing with risks, such as the
definition of margins and the apportionment of risk between customer
andsupplier.
d. Definition of scheme for ranking the risk goals according to the
requirementsoftheproject.
e. Establishment of scoring schemes for the severity of consequences and
likelihoodof occurrencefor the relevant tradable resources asshown in
theexamplesgivenin
Figure5‐3andFigure5‐4.
NOTE In the examples, five categories are used for
illustration only; more or fewer categories or
designationsarealsopossible.
f. Establishment of a risk index scheme to denote the magnitudes of the
risksofthevariousriskscenariosasshown,forexamplein
Figure5‐5.
NOTE1 Establishmentofscoringandriskindexschemasis
performed with the full coordination between the
differentprojectdisciplinestoensurecompleteand
consistentinterpretation.
NOTE2 In the example, risk magnitude categorization
(“Red”,“Yellow”,“Green”)is usedforillustration
only.Differentdesignationsarealsopossible
Score Severity Severityofconsequence:impacton(forexample)cost
5 Catastrophic Leadstoterminationoftheproject
4 Critical Projectcostincrease>tbd%
3 Major Projectcostincrease>tbd%
2 Significant Projectcostincrease<tbd%
1 Negligible Minimalornoimpact
Figure5‐3:Exampleofaseverity–of–consequencescoringscheme
15
ECSS‐M‐ST‐80C
31July2008
Score Likelihood Likelihoodofoccurrence
E Maximum Certaintooccur,willoccuroneormoretimesperproject
D High
Willoccurfrequently,about1in10projects
C Medium
Willoccursometimes,about1in100projects
B Low
Willseldomoccur,about1in1000projects
A Minimum
Willalmostneveroccur,1of10000ormoreprojects
Figure5‐4:Exampleofalikelihoodscoringscheme
g. Establishmentofcriteriato determine the actionsto be takenonrisksof
various risk magnitudes and the associated risk decision levels in the
projectstructure(asintheexamplein
Figure5‐6).
NOTE In the example, risk magnitude designation,
acceptability, and proposed actions are used for
illustration only. Project‐specific policydefinitions
canbedifferent.
h. Definitionofriskacceptancecriteriaforindividualrisks.
NOTE The acceptability of likelihood of occurrence and
severity of consequence are both programme
dependent. For example, when a programme is
advancing new research, technology development
or management, a high probability of a
consequence that quickly increase the cost can be
acceptable.
i. Establishmentofamethodfortherankingandcomparisonofrisks.
j. Establishmentofamethodtomeasuretheoverallrisk.
k. Establishmentofacceptancecriteriafortheoverallrisk.
l. Definitionof thestrategy for monitoring the risksand the formatsto be
usedforcommunicatingriskdatatothedecision–makersandallrelevant
actorsintheprojecthierarchy.
m. Descriptionofthe review,decision,andimplementationflowwithinthe
projectconcerningallriskmanagementmatters.
16
ECSS‐M‐ST‐80C
31July2008
Likelihood
RiskIndex:
Combinationof
SeverityandLikelihood
E Low Medium High VeryHigh VeryHigh
D Low Low Medium High VeryHigh
C VeryLow Low Low Medium High
B VeryLow VeryLow Low Low Medium
A VeryLow VeryLow VeryLow VeryLow Low
1 2 3 4 5 Severity
“Red” “Yellow” “Green”
Figure5‐5:Exampleofriskindexandmagnitudescheme
Riskindex Riskmagnitude Proposedactions
E4,E5,D5 VeryHighrisk Unacceptablerisk:implementnewteamprocessorchange
baseline–seekprojectmanagementattentionatappropriate
highmanagementlevelasdefinedintheriskmanagementplan.
E3,D4,C5 Highrisk Unacceptablerisk:seeabove.
E2,D3,C4,B5 Mediumrisk Unacceptablerisk:aggressivelymanage,consideralternative
teamprocessorbaseline–seekattentionatappropriate
managementlevelasdefinedintheriskmanagementplan.
E1,D1,D2,C2,
C3,B3,B4,A5
Lowrisk Acceptablerisk:control,monitor–seekresponsiblework
packagemanagementattention.
C1,B1,A1,B2,
A2,A3,A4
VeryLowrisk Acceptablerisk:seeabove.
Figure5‐6:Exampleofriskmagnitudedesignationsandproposedactionsfor
individualrisks
5.2.1.3 Task 2: Prepare the risk management plan
Theriskmanagementplantypicallycontainsthefollowingdata:
a. Description of the project risk management organization including its
roleandresponsibility.
b. Summaryoftheriskmanagementpolicy.
c. Theriskmanagement–relateddocumentationandfollow–upconcept.
d. Thescopeofriskmanagementovertheprojectduration.
17
ECSS‐M‐ST‐80C
31July2008
5.2.2 Step 2: Identify and assess the risks
5.2.2.1 Purpose
Toidentify eachof the riskscenarios,to determine then,basedon theoutputs
from Step 1, the magnitude of the individual risks and, finally, to rank them.
Datafromallprojectdomainsareused(managerial,programmatic,technical).
NOTE Listofexamplesofpossibleriskitems:
• Technical: Technology maturity; definition
status of requirements, internal/external
interfaces, payloads, operations; availability of
margins,supportteam,projectteam;etc.
• Cost:Overallprojectcost definition status; cost
margins; insurance costs; availability of
funding, independent cost assessment,
industrialoffers;humanresourcesaspects;etc.
• Schedule: Procurement planning; availability
of planningof phases andactivitiesinterfacing
withthirdparties;etc.
• Others: Internal or ganisational aspects; public
image; political constraints; risk sharing
betweenactors;etc.
5.2.2.2 Task 3: Identify risk scenarios
Thefollowingactivitiesareincludedinthistask:
a. Identification of the risk scenarios, including causes and consequences,
accordingtotheriskmanagementpolicy.
b. Identification of the means of early warning (detection) for the
occurrence of an undesirable event, to prevent propagation of
consequences.
c. Identificationoftheprojectobjectivesatrisk.
5.2.2.3 Task 4: Assess the risks
Thefollowingactivitiesareincludedinthistask:
a. Determinationoftheseverityofconsequencesofeachriskscenario.
b. Determinationofthelikelihoodofeachriskscenario.
c. Determinationoftheriskindexforeachriskscenario.
d. Utilisation of available information sources and application of suitable
methodstosupporttheassessmentprocess.
e. Determinationofthemagnitudeofriskofeachriskscenario.
f. Determination of the overall project risk through an evaluation of
identified individual risks, their magnitudes and interactions, and
resultantimpactontheproject.
18
ECSS‐M‐ST‐80C
31July2008
5.2.3 Step 3: Decide and act
5.2.3.1 Purpose
Toanalysetheacceptabilityofrisksandriskreductionoptionsaccordingtothe
risk management policy, and to determine the appropriate risk reduction
strategy.
5.2.3.2 Task 5: Decide if the risks may be accepted
Thefollowingactivitiesareincludedinthistask:
a. Applicationoftheriskacceptancecriteriatotherisks.
b. Identification of acceptable risks, the risks that will be subjected to risk
reduction,anddeterminationofthemanagementdecisionlevel.
c. For accepted risks proceed directly to Step 4; for unacceptable risks
proceedtoTask6.
5.2.3.3 Task 6: Reduce the risks
Thefollowingactivitiesareincludedinthistask:
a. Determinationofpreventative andmitigationmeasures/options foreach
unacceptablerisk.
b. Determinationofriskreductionsuccess,failure,andverificationcriteria.
c. Determination of the risk reduction potential of each measure in
conjunctionwiththeoptimizationoftradableresources.
d. Selection of the best risk reduction measures and decision on priorities
for implementation, at the appropriate decision making level in the
projectaccordingtotheriskmanagementplan.
e. Verificationofriskreduction.
f. Identification of the risks that cannot be reduced to an acceptable level
andpresentationtotheappropriatemanagementlevelfordisposition.
g. Identification of the reduced risks for which risk reduction cannot be
verified.
h. Identification of the risk reduction potential of all risk reduction efforts
withrespecttotheoverallrisk.
i. Documentation of the successfully reduced risks ina resolved risks list;
and the unsuccessfullyreduced risks in an unresolvedriskslist: present
thelattertotheappropriatemanagementlevel fordisposition.
5.2.3.4 Task 7: Recommend acceptance
Thefollowingactivitiesareincludedinthistask:
a. Decisionoptionsforacceptanceofrisks.
b. Approvalofacceptableandresolvedrisks.
c. Presentationofunresolvedrisksforfurtheraction.
19
ECSS‐M‐ST‐80C
31July2008
5.2.4 Step 4: Monitor, communicate, and accept
risks
5.2.4.1 Purpose
To track, monitor, update, iterate, and communicate, and finally accept the
risks.
5.2.4.2 Task 8: Monitor and communicate the risks
Thefollowingactivitiesareincludedinthistask:
a. Periodicalassessmentand review of allidentified risks andupdating of
theresultsaftereachiterationoftheriskmanagementprocess.
b. Identification of changes to existing risks and initiation of new risk
analysisneededinordertodecreaseuncertainties.
c. Verification of the performance and effect of corresponding risk
reduction.
d. Illustrationoftherisktrendovertheprojectevolutionbyidentifyinghow
themagnitudesofriskhavechangedoverprojecttime.
e. An example of a risk trend for technical risks, which are main risk
contributorsatthefirstprojectmilestone,isprovidedin
Figure5‐7.S1,S2
andS3arethreeriskscenarios.
NOTE In theexample, the evolution of S1 showsthat, in
spite of risk reduction efforts, risk trend can
worsenbeforeimprovement.
f. Communicationoftherisksandtherisktrendtotheappropriatelevelof
management.
g. Implementationofanalertsystemfornewrisks.
20
ECSS‐M‐ST‐80C
31July2008
Riskmagnitude Risktrendduringprojectphases
VeryHigh
S1
High
S2
Medium
Low
S3
VeryLow
Phase1 Phase2 Phase3
Figure5‐7:Exampleofarisktrend
5.2.4.3 Task 9: Submit risks for acceptance
Thefollowingactivitiesareincludedinthistask:
a. Submission of the risks for formal risk acceptance by the appropriate
levelofmanagement.
b. ReturntoTask6forrisksnotaccepted.
21
ECSS‐M‐ST‐80C
31July2008
6
Risk management implementation
6.1 General considerations
a. Risk management is performed within the normal project management
structure, ensuring a systematic risk identification, assessment and
follow‐upofrisks.
b. Risk management is implemented as a team effort, with tasks and
responsibilities being assigned to the functions and individuals within
the project organization with the most relevant expertise in the areas
concernedby a givenrisk.Itis a collaborativeeffortof all projectactors
fromthedifferentdisciplines.
c. The results of risk management are considered in the routine project
management process and in the decisions relative to the baseline
evolution.
d. Riskmanagementdrawsonexistingdocumentationasmuchaspossible.
6.2 Responsibilities
The responsibilities for risk management matters within the project
organizationaredescribedintheriskmanagementplaninaccordancewiththe
riskmanagementpolicy.Thefollowingapproachapplies:
a. The project manager acts as the integrator of the risk management
function across all concerned project domains. The project manager has
overall responsibility for integrated risk management within a project
and reports the results of the risk management task to the next higher
levelinthecustomer/supplierchain.Theprojectmanagerdefineswhoin
the project is responsible for the control of the risks in their respective
domains, and what their communication, information and reporting
lines,andresponsibilitiesareforriskmanagementmatters.
b. Each project domain (such as engineering, software, verification, and
schedulecontrol)managestherisksemanatingfromitsdomainorbeing
assignedtoitsdomainfortreatment,underthesupervisionoftheproject
manager.
c. Risksareformallyacceptedbythenexthigherlevelresponsibilitywithin
thecustomer/supplierchain.
22
ECSS‐M‐ST‐80C
31July2008
6.3 Project life cycle considerations
Riskmanagementactivitiestakeplaceduringallprojectphases.Thefollowing
projectactivitiesareconcernedwithriskmanagement:
a. Project feasibility studies, trades, and analyses (such as design,
production,safety,dependability,andoperations).
b. The allocation of tasks, manpower, and resources according to the
rankingofrisks.
c. Theevolutionofthetechnicalconceptthroughiterativeriskassessment.
d. Evaluationofchangesforriskimpact.
e. Thedevelopment,qualification,acceptance,andrunningoftheprojectby
using risk assessment as a diagnostictool and for identifying corrective
actions.
f. Assessment of the overall risk status of projects as part of all formal
projectreviews.
6.4 Risk visibility and decision making
a. Management processes and information flow within the project
organization ensure a high visibility of the prevailing risk. Risk
information is presented to support management decision making,
includinganalertsystemfornewrisks.
b. Action plans are prepared covering all outstanding risk items whose
magnitudesareabovethelevelspecifiedintheprojectriskmanagement
policytoincreasetheirvisibility,topermitrapiddecisionmaking,andto
ensurethattheirstatusisregularlyreportedtotherelevantmanagement
level,andtoallactorsimpactedbytheriskconsequences.
c. Information about all identified risks and their disposition is kept in a
record.
6.5 Documentation of risk management
a. Riskmanagementdocumentsaremaintainedsothateachstepoftherisk
managementprocessandthekeyriskmanagementresultsanddecisions
aretraceableanddefensible.
b. The risk management process draws on the existing project data to the
maximumextentpossible,butdocumentationestablishedspecificallyfor
risk management includes information on project–specific risk
managementpolicy;objectivesandscope;theriskmanagementplan;the
identified scenarios; likelihood of events; risk results; risk decisions;
recordsofriskreductionandverificationactions;risktrenddata;andrisk
acceptancedata.
c. The data emanating from risk management activities are recorded in a
riskmanagementdatabasecontainingalldatanecessarytomanagerisks
and document the evolution of risks over the whole duration of the
23
ECSS‐M‐ST‐80C
31July2008
project. The database is a living document, and is maintained current.
Extractsfromthedatabasearepresentedatprojectmeetings,reviewsand
milestones as required by the risk management plan. Items to be
candidatesfor“lessonslearned”areidentified.Thedatabaseisaccessible
toactorsasappropriate.
NOTE For example: the risk management database
should support the efficient and effective
management of critical areas of a program/project
by:
• demonstrating that the risk management
process is conducted in accordance with the
definedprocessforprojectriskmanagement;
• providingevidenceofasystematicapproachto
riskidentificationandassessment;
• providingarecordofrisks;
• providing the decision makers with sufficient
plansforapproval;
• facilitating continuing monitoring and review
ofriskstatus;
• providingtraceability;
• sharing and communicating required
informationwithinprojectactors;
• It includes all technical assessment by the
various disciplines, as well as programmatic
data.
• Example forms for the registration and
ranking/logging of risk items are presented in
AnnexDtothisStandard.
24
ECSS‐M‐ST‐80C
31July2008
7
Risk management requirements
7.1 General
The requirements in this section are identified. Each identified requirement is
composed of the wording of the requirement proper, and accompanied by an
explanatorynoteattachedtothegeneralrequirement.
7.2 Risk management process requirements
7.2.1
a. The basis for risk management shall be the four–step process and nine
tasks illustrated in
Figure 5‐1 and Figure 5‐2 of this document. The
starting point for risk management shall be the formulation of the risk
management policyatthe beginningof theproject inconformance with
theDRDin
AnnexA.
NOTE The aim is to establish a risk management policy
fortheprojectconcerned:
• meetingcustomerrequirements;
• covering all project domains such as
management, engineering, performance,
schedule,andcost;
• taking into account the project resources such
as margins inschedule, cost,performance, and
power;
• establishing scoring and risk ranking criteria
allowingactionsanddecisionsonthetreatment
ofindividualandoverallrisks;
• definingrequirementsforriskmanagement.
7.2.2
a. A risk management plan shall be established by each supplier in
conformancewiththeDRDin
AnnexB.
NOTE The aim is to assemble in a single document all
elements necessary to ensure implementation of a
25