This recommended practice (RP) of AACE International defines the expectations, requirements, and practices for identifying and qualitatively analyzing uncertainty and risk drivers as part of the overall risk management process. It expands on the first two tasks of the TCM Framework section 7.6.2.2 Risk Assessment; i.e., Risk Identification and Qualitative Risk Analysis, covering common practices and tools such as brainstorming, interviews, and checklists. It also covers documentation for and the deliverables from the assessment process step (e.g., risk register). It does not cover the third task of TCM section 7.6.2.2 Quantitative Risk Analysis (see Professional Guidance Document PGD-02, Guide to Quantitative Risk Analysis for reference to various quantification RPs). It also does not cover risk treatment planning (see RP 63R-11, Risk Treatment) or risk management planning (see RP 72R-12, Developing a Project Risk Management Plan.)

Risk identification is defined in RP 10S-90, Cost Engineering Terminology as “a risk management process step for identifying and describing risks for risk analysis and subsequent steps.” Qualitative risk analysis is defined as “risk analysis used to screen risks wherein risk probabilities of occurrence and impacts are expressed narratively or in ranked categories of severity. Typically incorporates use of a risk matrix.” This RP elaborates and clarifies these definitions.

In TCM, the risk management process is applied in the strategic asset management and project control processes. In the strategic arena, the risk focus tends to be on the state of the current asset, the business environment, and other issues that differentiate alternative asset solutions (e.g., varying levels of scope definition). In the project control process, the risk focus expands to more specific project conditions, plans, deliverables, and events affecting a defined project scope while strategic risks remain. This RP is intended to be generic to any focus area and any project scope.