Reviewing historical risk events is most useful for the risk assessment process within the risk management life cycle. Risk assessment is the process of identifying, analyzing, and evaluating the risks that may affect the project or the organization1. Reviewing historical risk events can help to:
Identify the sources, causes, and consequences of past risks and learn from the successes and failures of previous projects or organizations
Analyze the likelihood and impact of potential risks based on historical data and trends, and use statistical methods or models to estimate the probability and severity of risk scenarios
Evaluate the level of risk exposure and compare it with the risk appetite and tolerance of the project or the organization, and prioritize the risks that need further attention or action
Use historical risk events as inputs or examples for risk identification and analysis techniques, such as brainstorming, checklists, interviews, surveys, SWOT analysis, root cause analysis, or Monte Carlo simulation2
References = Risk and Information Systems Control Study Manual, Chapter 5: Risk Assessment Process3
Submit