According to the PMBOKĀ® Guide and the Standard for Project Management, the process of determining which risks may affect the project and documenting their characteristics is Identify Risks.
As per PMI standards, this process is part of the Project Risk Management Knowledge Area and occurs within the Planning Process Group. The key benefit of this process is the documentation of existing risks and the knowledge and ability it provides to the project team to anticipate events. Important aspects of this process include:
Iterative Nature: Identify Risks is an iterative process because new risks may evolve or become known as the project progresses through its life cycle.
Participants: The process should involve the project manager, project team members, risk management team (if assigned), customers, subject matter experts, end users, and other stakeholders.
Risk Register: The primary output of this process is the Risk Register, which initially contains the list of identified risks and a list of potential responses.
The other options are incorrect based on the following PMI definitions:
Control Risks: (Now referred to as Monitor Risks) This is the process of monitoring the implementation of agreed-upon risk response plans, tracking identified risks, and identifying and analyzing new risks. It is a Monitoring and Controlling process, not the initial identification process.
Plan Risk Management: This is the process of defining how to conduct risk management activities for a project. It establishes the " roadmap " or strategy but does not identify the specific risks themselves.
Plan Risk Responses: This is the process of developing options and actions to enhance opportunities and to reduce threats to project objectives. This happens after risks have been identified and analyzed.
As per the PMI Lexicon of Project Management Terms, the Identify Risks process ensures that the team has a comprehensive understanding of the uncertainties that could impact the project ' s scope, schedule, cost, or quality.
