Skip to:

Guidelines and Requirements for Risk Management

The purpose of risk management is to:
  • Identify possible risks and determine how they can be contained.
  • Know the likely cost of countermeasures.
  • Manage levels of risk and uncertainty properly so the project is successfully completed.

Mandated risk management requirements

According to statute (16E.04 Information and communications technology policy. Subd. 3. Risk assessment and mitigation), all State of Minnesota IT projects are required to complete a risk assessment and risk mitigation plan. Projects estimated to cost more than $5,000,000 (including internal labor costs) are required to have a risk assessment and the development of a risk mitigation plan completed by an entity outside of State government.

A Risk Assessment and development of the Risk Mitigation Plan should occur early during project planning and is maintained throughout the project life cycle for "continuous risk management."

Planning Tools and Templates

The Office of Enterprise Technology Project Management Office has developed a set of planning tools and templates, including risk management tools that agencies may find helpful in planning and managing project risks.