1.3 APPROACH TO RISK MANAGEMENT
Based on the DoD model contained in the Defense Acquisition
Deskbook (described in Chapter 2), this Guide emphasizes a risk
management approach that is disciplined, forward looking, and continuous.
In 1986, the Government Accounting Office (GAO), as part of an evaluation
of DoD policies and procedures for technical risk assessments, developed a set
of criteria as an approach to good risk assessments. These criteria, with
slight modification, apply to all aspects of risk management and are
encompassed in the Guide's approach. They are:
(1) Planned Procedures. Risk management is planned and
(2) Prospective Assessment. Potential future problems are
considered, not just current problems.
(3) Attention to Technical Risk. There is explicit
attention to technical risk.
(4) Documentation. All aspects of the risk management
program are recorded and data maintained.
(5) Continual Process. Risk assessments are made
throughout the acquisition process; handling activities are continually
evaluated and changed if necessary; and critical risk areas are always
While these criteria are not solely sufficient to determine the “health” of
a program, they are important indicators of how well a risk management process
is being implemented. A pro-active risk management process is a good start
toward a successful program.