Avoid the risk by removing the potential risk through taking precautionary measures, which at extremes can mean cancelling the project.
Usually this means insuring against a risk occurring, but can also include getting the business owner/sponsor to take accountability for the risk outside the scope of the project.
This means minimise the damage a risk can cause or reduce its likelihood of occurring (or both) through taking precautionary actions.
In cases where the risk is considered unworthy of effort to manage it can be accepted. This may occur in instances where the risk is so unlikely to occur as to not warrant attention, or where the impact is insignificant in the content of the business and project’s environment.
Whichever option you pick for your risks you should have a detailed action plan against the risk which includes
- Who is responsible for managing the risk
- What is going to be done to manage the risk
- When are the major work activities to manage the risk going to start and end
- How the risk will be managed as a result of this management plan – that is the planned outcomes of the risk management plan
For risks that require major bodies of work to be managed appropriately you should consider raising a change request and revising the project management plan to include new or modified work packages including this new work.