Skip to main content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.

Https

The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

The Modernization and Migration Management (M3) Playbook has a new look! Explore our new features here.

M3 Playbook > Phase 3: Engagement > 3.4 Maintain and Execute Risk Processes

3.4 Maintain and Execute Risk Processes

Program Management

Task Activities

  1. Shared

    Integrate risk processes between the customer and provider and update the Risk Management Plan

    customer
    provider
  2. Shared

    Maintain and update Risks, Actions, Issues, and Decisions (RAID) Log, coordinating across all work streams, with new risks, changes to existing risks, and status of risk mitigation activities continuously (at a minimum of every two weeks) throughout Phase 3

  3. Shared

    Develop and employ mitigation strategies continuously throughout Phase 3

  4. Shared

    Report on new risks/issues and ongoing risk/issue mitigation activities in governance meetings and Status Reports/Dashboard

  5. Shared

    Perform M3 Risk Assessment

3.4 Best Practices

  • Develop an integrated Risk Management Plan between the customer and provider and establish a risk management function within the PMO to coordinate all risk management activities across the customer and provider before migration
  • Hold regular risk management meetings and include risk management into status reporting and escalation procedures. Ensure documentation of risks in RAID Log in order to facilitate communication of risks
  • Develop risk management roles and responsibilities for customer and provider team members and executives and train team members on identifying and mitigating risks
  • Train and empower risk liaisons and points of contact in risk management to improve accountability

Stakeholders

Customer

  • Executive Sponsor
  • Business Owner
  • Program Manager
  • Risk Manager
  • PMO Lead
  • PMO Team

Provider

  • Executive Sponsor
  • Business Owner
  • Program Manager
  • Risk Manager
  • PMO Lead
  • PMO Team

Inputs

Outputs