2.1 GENERAL APPROACH AND
DoD Instruction 5000.2 states: "Risks must be well understood, and risk management approaches developed, before decision authorities can authorize a program to proceed into the next phase of the acquisition process." This policy is implemented in DoD Regulation 5000.2-R (Interim), with more detailed guidance provided in the individual Service regulation. The Defense Acquisition Deskbook (Section 2.5.2) provides additional guidance, advice, and wisdom on the
management of risk. Figure B-1 shows how the XYZ program risk management fits
into the phases and milestones of the acquisition process.
The XYZ program will use a centrally developed risk management strategy throughout the acquisition process and decentralized risk planning, assessment, handling, and monitoring. XYZ risk management is applicable to all acquisition functional areas.
The results of the Concept Exploration Phase of the
program identified potential risk events and the Acquisition Strategy reflects
the program's risk-handling approach. Overall, the risk of the XYZ program for
Milestone B was assessed as moderate, but acceptable. Moderate risk functional
areas were threat, manufacturing, cost, funding, and schedule. The remaining
functional areas of technology, design and engineering (hardware and
software), support, (schedule) concurrency, human systems integration, and
environmental impact were assessed as low risk.