Monitoring and Review
Monitoring and review should be a planned part of the risk management process. This involves regular checking and/or surveillance. It can be periodic or ad hoc and is done to see if: further action is needed; appropriate controls are in place; new uncertainties are emerging; and strategic changes to UNDP’s risk landscape require senior management action. Monitoring and review results should be recorded and reported as appropriate, and also used as input for auditing and annual review of the project’s risk management framework.
Example A: Following the implementation of risk mitigation measures and reassessment of the risk after the first quarter, the probability of poor data quality risk was reduced to “moderately likely” (20-40 percent chance of materializing). The risk was monitored for the next year with no significant change. In the beginning of the project’s second year, the risk owner noticed weaknesses in reporting, indicating the increase in probability of this risk. The team analysed the situation and found a significant reduction in the percentage of trained data collectors in affected regions, due to health worker turnover. They planned new risk mitigation measures, and documented all changes in the Risk Log.